.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Aziz Home\Dr Delete
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete.sln
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete.suo
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr Delete.aps
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr Delete.cpp
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr Delete.h
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr Delete.rc
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr Delete.vcproj
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr DeleteDlg.cpp
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\Dr DeleteDlg.h
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\ReadMe.txt
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\resource.h
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\stdafx.cpp
C:\Documents and Settings\Aziz Home\Dr Delete\Dr Delete\stdafx.h
C:\WINDOWS\BMd34e7fa3.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\emptyregdb.dat
C:\WINDOWS\system32\kndovpeg.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nwhrsdri.dll
C:\WINDOWS\system32\pool.bin
C:\WINDOWS\system32\xbiojjmc.dll
C:\WINDOWS\system32\xnwwxxlp.dll
C:\WINDOWS\system32Windows-Update.exe
.
---- Previous Run -------
.
C:\install.exe
C:\WINDOWS\BMd34e7fa3.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\BJjSvGgh.ini
C:\WINDOWS\system32\BJjSvGgh.ini2
C:\WINDOWS\system32\hgGvSjJB.dll
C:\WINDOWS\system32\irdsrhwn.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nnlebfks.ini2
C:\WINDOWS\system32\nnlebfks.tmp
C:\WINDOWS\system32\oWEeOXyb.ini
C:\WINDOWS\system32\oWEeOXyb.ini2
C:\WINDOWS\system32\qpklqnpk.ini
C:\WINDOWS\system32\rqRLcCuR.dll
.
((((((((((((((((((((((((( Files Created from 2008-04-24 to 2008-05-24 )))))))))))))))))))))))))))))))
.
2008-05-23 15:25 . 2008-05-23 15:25 <DIR> d-------- C:\Deckard
2008-05-23 12:52 . 2004-08-03 14:31 482,304 --a--c--- C:\WINDOWS\system32\dllcache\pintlgnt.ime
2008-05-23 12:51 . 2001-08-23 05:00 10,096,640 --a--c--- C:\WINDOWS\system32\dllcache\hwxcht.dll
2008-05-23 12:49 . 2008-05-23 12:49 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-05-23 12:49 . 2008-05-23 12:49 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-05-23 12:49 . 2008-05-23 12:49 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-05-23 12:49 . 2008-05-23 12:49 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-05-23 12:49 . 2008-05-23 12:49 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-05-23 12:49 . 2008-05-23 12:49 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-05-23 07:52 . 2007-12-17 14:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-05-23 07:50 . 2001-08-17 12:13 27,165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys
2008-05-23 07:14 . 2008-05-23 07:15 782 --a------ C:\WINDOWS\setupapi.old
2008-05-23 07:04 . 2008-05-23 17:15 534 ---hs---- C:\WINDOWS\system32\irdsrhwn.ini
2008-05-23 00:36 . 2008-05-23 00:41 <DIR> d-------- C:\WINDOWS\system32\en
2008-05-22 22:20 . 2008-05-22 22:20 <DIR> d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-05-22 21:36 . 2008-05-22 21:58 <DIR> d-------- C:\VundoFix Backups
2008-05-22 21:01 . 2008-05-22 21:01 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-21 21:47 . 2008-05-22 20:51 <DIR> d-------- C:\Program Files\IObit
2008-05-21 20:44 . 2008-05-23 07:17 <DIR> d-------- C:\Documents and Settings\Aziz Home\Application Data\DNA
2008-05-21 17:54 . 2008-05-21 17:54 <DIR> d-------- C:\Documents and Settings\Aziz Home\Application Data\teamspeak2
2008-05-21 17:54 . 2008-05-21 17:54 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
2008-05-20 20:04 . 2008-05-21 15:42 <DIR> d-------- C:\Fraps
2008-05-17 17:23 . 2008-05-17 17:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-05-17 17:15 . 2006-11-22 10:01 693,760 --a------ C:\WINDOWS\system32\drivers\hardlock.sys
2008-05-17 17:15 . 2008-05-17 17:15 47,616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys
2008-05-17 17:15 . 2008-05-17 17:15 6,656 --a------ C:\WINDOWS\system32\haspvdd.dll
2008-05-17 17:15 . 2008-01-19 13:58 2,577 --a------ C:\WINDOWS\system32\config.hsp
2008-05-17 17:15 . 2008-05-17 17:15 383 --a------ C:\WINDOWS\system32\haspdos.sys
2008-05-15 23:20 . 2004-08-04 05:00 811,064 --a------ C:\WINDOWS\system32\imjp81k.dll
2008-05-13 17:32 . 2008-05-22 21:23 692 --a------ C:\WINDOWS\wininit.ini
2008-05-09 22:01 . 2008-05-09 22:01 <DIR> d-------- C:\Program Files\Curse
2008-05-08 21:00 . 2008-05-08 21:00 <DIR> d-------- C:\Nexon
2008-05-06 21:45 . 2008-05-06 21:45 <DIR> d-------- C:\Program Files\Yahoo!
2008-05-06 19:59 . 2008-05-06 19:59 <DIR> d-------- C:\Program Files\Ventrilo
2008-05-06 19:59 . 2008-05-06 19:59 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-05 22:53 . 2008-05-05 22:53 <DIR> d-------- C:\Logs
2008-05-05 07:13 . 2008-05-15 09:38 <DIR> d-------- C:\Program Files\World of Warcraft
2008-05-02 15:53 . 2008-05-02 15:53 <DIR> d-------- C:\Program Files\Haali
2008-04-25 21:12 . 2008-05-18 13:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-25 21:12 . 2008-04-25 21:12 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-05-23 19:47 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-23 04:39 --------- d-----w C:\Program Files\PowerISO
2008-05-23 03:51 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\Azureus
2008-05-22 04:08 --------- d-----w C:\Program Files\CleanUp!
2008-05-22 03:52 --------- d-----w C:\Program Files\SpywareGuard
2008-05-22 02:11 --------- d-----w C:\Program Files\Starcraft
2008-05-14 04:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-12 01:41 --------- d-----w C:\Program Files\Free Music Zilla
2008-05-07 04:59 --------- d-----w C:\Program Files\SpywareBlaster
2008-05-05 14:27 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2008-04-24 00:25 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\InternetCalls
2008-04-24 00:14 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\VoipBuster
2008-04-23 23:56 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\Media Player Classic
2008-04-23 23:55 --------- d-----w C:\Program Files\Real Alternative
2008-04-23 23:17 --------- d-----w C:\Program Files\Apex
2008-04-23 03:14 --------- d-----w C:\Program Files\HiFisoftware
2008-04-22 14:10 --------- d-----w C:\Program Files\Xilisoft
2008-04-21 04:07 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\Jubler
2008-04-20 00:09 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\LimeWire
2008-04-19 03:02 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\gtk-2.0
2008-04-18 23:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\GRETECH
2008-04-18 23:13 --------- d-----w C:\Program Files\GRETECH
2008-04-18 23:13 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\GRETECH
2008-04-17 02:41 --------- d-----w C:\Program Files\Azureus
2008-04-16 15:38 --------- d-----w C:\Program Files\Common Files\Macromedia Shared
2008-04-16 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision
2008-04-16 15:37 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-04-16 15:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-16 15:36 --------- d-----w C:\Program Files\Macromedia
2008-04-16 04:57 --------- d-----w C:\Program Files\DynoPlex
2008-04-15 10:00 --------- d-----w C:\Program Files\MSXML 6.0
2008-04-14 22:29 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\Roxio
2008-04-14 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Roxio
2008-04-14 22:28 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Roxio
2008-04-14 22:24 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\Research In Motion
2008-04-14 22:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sonic
2008-04-14 22:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-14 22:23 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2008-04-14 22:22 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-04-14 22:21 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-14 22:20 --------- d-----w C:\Program Files\Common Files\Research In Motion
2008-04-13 05:23 --------- d-----w C:\Program Files\NeroInstall.bak
2008-04-13 05:22 --------- d-----w C:\Program Files\Common Files\Nero
2008-04-13 05:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-04-11 02:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-04-04 04:00 --------- d-----w C:\Documents and Settings\Aziz Home\Application Data\Snapfish
2008-03-30 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-26 03:20 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-26 03:20 --------- d-----w C:\Program Files\Windows Live
2008-03-26 03:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-29 00:38 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
2008-02-26 23:14 972,072 ----a-w C:\WINDOWS\UNRecode.exe
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))) )))))))
.
---- Directory of C:\Fraps ----
2008-05-20 20:04 38713 --a------ C:\Fraps\uninstall.exe
2005-12-03 03:06 2826240 --a------ C:\Fraps\fraps.exe
2005-12-03 03:05 507904 --a------ C:\Fraps\frapslcd.dll
2005-12-03 03:05 106496 --a------ C:\Fraps\fraps.dll
2005-12-03 02:37 9499 --a------ C:\Fraps\changes.txt
2005-12-03 02:33 1860 --a------ C:\Fraps\README.HTM
2005-11-07 13:57 51200 --a------ C:\Fraps\fraps64.dll
2005-11-07 13:51 286208 --a------ C:\Fraps\fraps64.dat
2005-11-06 22:44 21404 --a------ C:\Fraps\HELP\fps.gif
2005-11-06 22:44 16461 --a------ C:\Fraps\HELP\general.gif
2005-11-06 22:20 2656 --a------ C:\Fraps\HELP\help_general.htm
2005-11-06 22:17 5568 --a------ C:\Fraps\HELP\help_fps.htm
2005-06-15 09:46 20950 --a------ C:\Fraps\HELP\movies.gif
2005-06-15 08:14 19413 --a------ C:\Fraps\HELP\screenshots.gif
2005-06-15 07:52 8714 --a------ C:\Fraps\HELP\help_movies.htm
2005-02-23 11:38 2439 --a------ C:\Fraps\HELP\help_screenshots.htm
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CurseClient"="C:\Program Files\Curse\CurseClient.exe" [2008-05-19 07:57 1400832]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [ ]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 16:35 67112]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 16:56 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-10-25 10:26 1410304]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [2004-08-04 05:00 208952]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 16:28 577536 C:\WINDOWS\soundman.exe]
"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2007-12-05 02:41 81920]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.e xe" [2004-08-03 14:59 44544]
C:\Documents and Settings\Aziz Home\Start Menu\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 20:05:35 360448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
--a------ 2006-08-01 16:35 67112 C:\Program Files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2006-11-02 17:57 528384 C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-02-28 17:07 132392 C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-03 16:56 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX5000 Series]
--a------ 2006-02-14 05:00 131072 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIB VA.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 01:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetCalls]
C:\Program Files\InternetCalls.com\InternetCalls\InternetCall s.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 14:10 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2008-02-18 16:29 2221352 C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2008-02-28 09:59 570664 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 02:41 8523776 C:\WINDOWS\system32\NvCpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 02:41 81920 C:\WINDOWS\system32\NvMcTray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2kAutostart]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2007-08-06 17:05 200704 C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-01 00:13 385024 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
--a------ 2007-08-16 08:56 236016 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2007-04-16 16:28 577536 C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-04-01 18:35 3587120 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
c:\program files\voipbuster.com\voipbuster\voipbuster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
--a------ 2007-09-26 19:05 734264 c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
--a------ 2007-11-15 22:51 166304 c:\Program Files\Zune\ZuneLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZuneWlanCfgSvc"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"ZuneBusEnum"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"Nero BackItUp Scheduler 3"=2 (0x2)
"iPod Service"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Documents and Settings\\Aziz Home\\My Documents\\filelib\\aziznurthin\\MySpaceGopher\\My SpaceMp3Gopher.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Nexon\\MapleStory\\MapleStory.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\World of Warcraft\\Repair.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfw tdir.sys [2007-10-25 10:27]
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2007-11-15 22:38]
S3 XDva032;XDva032;C:\WINDOWS\system32\XDva032.sys []
S4 ZuneBusEnum;Zune Bus Enumerator;c:\WINDOWS\system32\ZuneBusEnum.exe [2007-11-15 22:51]
S4 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2007-11-15 22:51]
.
Contents of the 'Scheduled Tasks' folder
"2008-05-22 14:00:03 C:\WINDOWS\Tasks\Advanced WindowsCare V2 Pro.job"
- C:\Program Files\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe
"2008-05-24 03:00:00 C:\WINDOWS\Tasks\AwcProUpdate.job"
- C:\Program Files\IObit\Advanced WindowsCare V2 Pro\AutoUpdate.ex
- C:\Program Files\IObit\Advanced WindowsCare V2 Pro
.
************************************************** ************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-05-23 21:41:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\SpywareGuard\sgbhp.exe
.
************************************************** ************************
.
Completion time: 2008-05-23 21:47:01 - machine was rebooted [Aziz Home]
ComboFix-quarantined-files.txt 2008-05-24 04:46:39
Pre-Run: 167,929,171,968 bytes free
Post-Run: 167,923,949,568 bytes free
315 --- E O F --- 2008-05-16 10:01:17
Virtumondo help! HJT log please! 
NA"
Linear Mode
