DDS (Ver_09-09-29.01) - NTFSx86 Run by root at 22:19:15.81 on Sun 04/04/201

1.  
2. DDS (Ver_09-09-29.01) - NTFSx86
3. Run by root at 22:19:15.81 on Sun 04/04/2010
4. Internet Explorer: 6.0.2900.5512
5. Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.1917.1452 [GMT -7:00]
6.  
7.  
8. ============== Running Processes ===============
9.  
10. C:\WINDOWS\system32\svchost -k DcomLaunch
11. svchost.exe
12. C:\WINDOWS\System32\svchost.exe -k netsvcs
13. svchost.exe
14. svchost.exe
15. C:\WINDOWS\system32\spoolsv.exe
16. C:\WINDOWS\system32\nvsvc32.exe
17. C:\WINDOWS\system32\RUNDLL32.EXE
18. C:\WINDOWS\RTHDCPL.EXE
19. C:\Program Files\Common Files\Real\Update_OB\realsched.exe
20. C:\WINDOWS\explorer.exe
21. C:\WINDOWS\system32\notepad.exe
22. C:\Program Files\Opera\opera.exe
23. C:\DOCUME~1\root\LOCALS~1\Temp\winvrrji.exe
24. C:\Documents and Settings\root\Desktop\dds.com
25.  
26. ============== Pseudo HJT Report ===============
27.  
28. uStart Page = about:blank
29. mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
30. mRun: [nwiz] nwiz.exe /install
31. mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
32. mRun: [RTHDCPL] RTHDCPL.EXE
33. mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
34. dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
35. uPolicies-system: DisableTaskMgr = 1 (0x1)
36. uPolicies-system: DisableRegistryTools = 1 (0x1)
37. mPolicies-system: EnableLUA = 0 (0x0)
38. IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
39. IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
40.  
41. ============= SERVICES / DRIVERS ===============
42.  
43. RUnknown abp470n5;abp470n5; [x]
44. S2 eabcdryme;System Image;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
45. S3 XDva346;XDva346;\??\c:\windows\system32\xdva346.sys --> c:\windows\system32\XDva346.sys [?]
46.  
47. =============== Created Last 30 ================
48.  
49. 2010-04-04 22:03 <DIR> a-dshr-- C:\cmdcons
50. 2010-04-04 22:00 261,632 a------- c:\windows\PEV.exe
51. 2010-04-04 22:00 161,792 a------- c:\windows\SWREG.exe
52. 2010-04-04 22:00 98,816 a------- c:\windows\sed.exe
53. 2010-04-04 22:00 77,312 a------- c:\windows\MBR.exe
54. 2010-04-04 21:06 <DIR> --d----- c:\program files\common files\xing shared
55. 2010-04-04 21:05 499,712 a------- c:\windows\system32\msvcp71.dll
56. 2010-04-04 21:05 348,160 a------- c:\windows\system32\msvcr71.dll
57. 2010-04-04 18:06 <DIR> --d----- c:\windows\system32\wbem\Repository
58. 2010-04-04 05:49 <DIR> --d----- c:\program files\VideoLAN
59. 2010-04-04 05:47 <DIR> --d----- c:\program files\common files\Real
60. 2010-04-04 05:31 <DIR> --d----- c:\program files\DesktopNerds
61. 2010-04-04 05:26 <DIR> --d----- C:\CFLog
62. 2010-04-04 05:21 <DIR> --d----- c:\program files\Z8Games
63. 2010-04-04 03:20 <DIR> --d----- c:\program files\Xfire
64. 2010-04-04 02:24 <DIR> --d----- c:\docume~1\root\applic~1\X-Chat 2
65. 2010-04-04 00:58 940,794 a------- c:\windows\system32\LoopyMusic.wav
66. 2010-04-04 00:58 146,650 a------- c:\windows\system32\BuzzingBee.wav
67. 2010-04-04 00:58 <DIR> --d----- c:\windows\system32\Lang
68. 2010-04-04 00:57 <DIR> --d----- c:\documents and settings\root
69. 2010-04-04 00:57 553 a------- c:\windows\USetup.iss
70. 2010-04-04 00:56 <DIR> --d----- c:\program files\Realtek
71. 2010-04-04 00:55 140,694 a------- c:\windows\system32\nvapps.xml
72. 2010-04-04 00:55 17,525 a------- c:\windows\system32\nvdisp.nvu
73. 2010-04-04 00:55 <DIR> --d----- c:\windows\nview
74. 2010-04-04 00:55 356,352 a------- c:\windows\system32\nvudisp.exe
75. 2010-04-04 00:53 356,352 a----r-- c:\windows\system32\NVUNINST.EXE
76. 2010-04-04 00:52 <DIR> --d----- c:\program files\Spyware Doctor
77. 2010-04-04 00:50 <DIR> --ds---- c:\windows\system32\Microsoft
78. 2010-04-04 00:43 8,192 a------- c:\windows\REGLOCS.OLD
79. 2010-04-04 00:41 101,888 ac------ c:\windows\system32\dllcache\evntagnt.dll
80. 2010-04-04 00:41 <DIR> --d----- c:\program files\X-Chat 2
81. 2010-04-04 00:40 <DIR> --dsh--- c:\documents and settings\all users\DRM
82. 2010-04-04 00:40 <DIR> --ds---- c:\windows\Downloaded Program Files
83. 2010-04-04 00:40 <DIR> --d--r-- c:\windows\Offline Web Pages
84. 2010-04-04 00:40 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
85. 2010-04-04 00:40 488 a---hr-- c:\windows\system32\logonui.exe.manifest
86. 2010-04-04 00:40 749 a---hr-- c:\windows\WindowsShell.Manifest
87. 2010-04-04 00:40 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
88. 2010-04-04 00:40 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
89. 2010-04-04 00:40 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
90. 2010-04-04 00:40 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
91. 2010-04-04 00:40 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest
92. 2010-04-04 00:40 <DIR> --d-h--- c:\program files\WindowsUpdate
93. 2010-04-04 00:39 <DIR> --d----- c:\program files\common files\MSSoap
94. 2010-04-04 00:37 <DIR> --d----- c:\program files\Online Services
95. 2010-04-04 00:37 <DIR> --ds---- c:\documents and settings\root\UserData
96. 2010-04-04 00:37 <DIR> --d----- c:\program files\Messenger
97. 2010-04-04 00:37 <DIR> --d----- c:\program files\MSN Gaming Zone
98. 2010-04-04 00:37 <DIR> --d----- c:\program files\Windows NT
99. 2010-04-03 16:31 <DIR> --d----- c:\program files\common files\ODBC
100. 2010-04-03 16:31 <DIR> --d----- c:\program files\common files\SpeechEngines
101. 2010-04-03 16:30 <DIR> --d--r-- c:\documents and settings\all users\Documents
102.  
103. ==================== Find3M ====================
104.  
105. 2010-04-04 00:56 315,392 a------- c:\windows\HideWin.exe
106. 2010-04-04 00:52 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
107. 2010-04-04 00:38 21,640 a------- c:\windows\system32\emptyregdb.dat
108. 2008-04-14 05:00 164,072 a--shr-- c:\windows\system32\lsgzhdk.dll
109.  
110. ============= FINISH: 22:19:23.14 ===============