
DDS (Ver_09-02-01.01) - NTFSx86  
Run by  ᠥ at 12:57:22,85 on 16.02.2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional  5.1.2600.2.1251.7.1049.18.111.21 [GMT 3:00]

AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\S3hotkey.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ru/
mStart Page = about:blank
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0 ce\reader\activex\AcroIEHelper.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [S3hotkey] S3hotkey.exe
mRun: [VTTimer] VTTimer.exe
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\5d29~1\4a66~1\60c2~1\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: &  Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {C5720B4E-C5F5-4FEF-9989-8CF3D94C2F92} = 212.188.4.10,195.34.32.116
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2008-11-17 11840]
R1 uzc0mta1;AVZ-RK Kernel Driver;c:\windows\system32\drivers\uzc0mta1.sys [2009-2-12 11264]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2008-11-17 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2008-11-17 151297]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2008-11-17 52032]
S3 USB_RNDIS_51;ZTE USB Remote NDIS Device Driver;c:\windows\system32\drivers\usb8023.sys [2004-8-4 12672]

=============== Created Last 30 ================

2009-02-15 20:39	<DIR>	--d-----	c:\program files\trend micro
2009-02-15 20:38	781,851	a-------	c:\program files\RSIT.exe
2009-02-15 20:31	368,961	a-------	c:\program files\dds.scr
2009-02-13 16:24	<DIR>	--d-----	c:\program files\gmer
2009-02-13 13:03	1,754	a-------	c:\windows\gmer.ini
2009-02-13 13:02	747,873	a-------	c:\program files\gmer.zip
2009-02-12 17:05	11,264	a-------	c:\windows\system32\drivers\uzc0mta1.sys
2009-02-11 18:42	<DIR>	--d-----	c:\program files\1
2009-02-11 18:42	318,011	a-------	c:\program files\1.zip
2009-02-11 17:08	<DIR>	--d-----	c:\program files\avz4
2009-02-11 11:32	<DIR>	--d-----	c:\documents and settings\ \DoctorWeb
2009-02-11 11:28	318,369	a-------	c:\program files\HiJackThis.zip
2009-02-11 11:26	4,626,422	a-------	c:\program files\avz4.zip
2009-02-11 11:23	12,476,856	a-------	c:\program files\setup.exe
2009-01-29 01:05	<DIR>	--d-----	c:\windows\Cache
2009-01-26 22:10	<DIR>	--d-----	c:\docume~1\c1f0~1\applic~1\Kingston

==================== Find3M  ====================

2009-02-16 12:52	3,129,344	a-------	c:\documents and settings\ \ntuser.dat
2009-02-11 16:57	4,259	a-------	c:\program files\DrWeb.csv
2009-01-25 14:36	8,819,344	a-------	c:\program files\Rumus2setupQT.exe
2009-01-03 21:10	19,944	a-------	c:\docume~1\c1f0~1\applic~1\GDIPFONTCACHEV1.DAT
2008-12-05 15:00	346,690	a-------	c:\windows\system32\perfh019.dat
2008-12-05 15:00	49,750	a-------	c:\windows\system32\perfc019.dat
2008-11-17 11:28	25,129,080	a-------	c:\program files\antivir_workstation_winu_en_h.exe

============= FINISH: 12:58:12,71 ===============
