BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
I think I have the Conficker Worm. Please help
   
BullGuard Antivirus Forum > Virus Removal > Removal Tools > I think I have the Conficker Worm. Please help  
Forum Quick Jump
 
New Topic Post reply to : I think I have the Conficker Worm. Please help Printable version of : I think I have the Conficker Worm. Please help
[ << Previous Thread | Next Thread >> ]

heathermmowat26
New Member


Date Joined Aug 2009
Total Posts : 2
 
   Posted 10/20/2009 1:16 PM (GMT +2)    Quote: I think I have the Conficker Worm. Please helpAlert an admin about: I think I have the Conficker Worm. Please help
I think I have the Conficker Worm on my desktop PC and cannot figure out how to get rid of it. I need some assistance please. Please don't make me download too many things just to fix my PC, otherwise I will try most other ideas someone may have. I am posting my ComboFix log for review.
Thank you.

ComboFix 09-10-19.01 - rnchi316 10/20/2009 3:56.2.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1348 [GMT -7:00]
Running from: c:\documents and settings\rnchi316\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091019-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2009-09-20 to 2009-10-20 )))))))))))))))))))))))))))))))
.

2009-10-19 17:14 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-10-19 17:14 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-10-19 17:14 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-10-19 17:14 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-10-19 17:14 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-10-19 17:14 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-10-19 17:14 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-10-19 17:14 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-10-19 17:14 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-10-19 11:10 . 2009-10-19 11:10 -------- d-----w- c:\windows\system32\NtmsData
2009-10-19 11:08 . 2009-10-19 11:08 -------- d-----w- c:\program files\CONEXANT
2009-10-19 05:23 . 2009-10-19 20:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-19 05:23 . 2009-10-19 05:23 -------- d-----w- c:\program files\SmartPCTools
2009-10-19 04:49 . 2009-10-19 04:49 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\PCHealth
2009-10-19 03:59 . 2009-10-19 03:59 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-10-19 03:36 . 2009-10-19 03:36 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-10-19 03:09 . 2006-10-27 02:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-10-19 03:08 . 2009-10-19 03:08 -------- d-----w- c:\program files\Microsoft Works
2009-10-19 03:05 . 2009-10-19 03:59 -------- d-----w- c:\windows\SHELLNEW
2009-10-19 03:05 . 2009-10-19 03:05 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Microsoft Help
2009-10-19 03:05 . 2009-10-19 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-19 03:04 . 2009-10-19 03:04 -------- d-----r- C:\MSOCache
2009-10-19 01:28 . 2009-10-19 12:02 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Adobe
2009-10-15 03:14 . 2009-10-15 03:14 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-10-14 11:17 . 2009-09-06 07:09 126976 -c----w- c:\windows\system32\dllcache\ftpsvc2.dll
2009-10-14 10:01 . 2008-04-14 12:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-10-14 08:20 . 2009-10-14 08:20 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Identities
2009-10-14 08:16 . 2009-10-14 08:16 -------- d-----w- c:\program files\Selectsoft
2009-10-14 07:46 . 2009-10-14 07:46 -------- d-sh--w- c:\windows\ftpcache
2009-10-14 07:10 . 2009-10-14 08:07 -------- d-----w- c:\program files\5555 games by selectsoft
2009-10-14 02:17 . 2009-10-14 02:17 81920 ----a-w- c:\windows\ALCFDRTM.EXE
2009-10-13 19:57 . 2009-10-13 19:57 -------- d-----w- c:\windows\Sun
2009-10-13 19:56 . 2009-10-13 19:56 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-13 19:56 . 2009-10-13 19:56 -------- d-----w- c:\program files\Java
2009-10-13 15:11 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2009-10-12 23:21 . 2009-10-12 23:21 -------- d-----w- c:\windows\system32\Lang
2009-10-12 18:37 . 2009-10-12 18:37 -------- d-----w- c:\windows\system32\RTCOM
2009-10-12 18:37 . 2008-04-14 12:41 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2009-10-12 18:37 . 2008-04-14 12:41 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-10-12 18:37 . 2008-04-14 07:49 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2009-10-12 18:37 . 2008-04-14 07:49 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-10-12 18:37 . 2008-04-14 07:15 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2009-10-12 18:37 . 2008-04-14 07:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-10-12 18:36 . 2009-10-12 18:36 -------- d-----w- c:\documents and settings\LocalService\Application Data\PeerNetworking
2009-10-12 18:35 . 2004-11-02 15:58 163840 ----a-w- c:\windows\system32\igfxres.dll
2009-10-12 18:01 . 2008-04-14 12:42 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2009-10-12 16:45 . 2009-10-12 16:45 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Yahoo
2009-10-12 16:43 . 2009-10-12 17:03 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Yahoo!
2009-10-12 16:43 . 2009-10-12 18:01 -------- d-----w- c:\windows\ServicePackFiles
2009-10-12 16:18 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-12 16:18 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-10-12 16:18 . 2009-05-21 18:46 268288 -c----w- c:\windows\system32\dllcache\httpext.dll
2009-10-12 16:14 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-10-12 16:14 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-12 16:14 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-10-12 16:14 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-12 16:13 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-10-12 16:12 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-10-12 16:12 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-10-12 16:12 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-10-12 16:12 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-10-12 16:12 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-10-12 16:12 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-10-12 16:12 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-10-12 16:12 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-10-12 16:12 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-10-12 16:12 . 2009-08-05 03:44 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-10-12 16:12 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-12 16:12 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-12 16:11 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-10-12 16:10 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-10-12 16:10 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-10-12 16:06 . 2007-07-27 17:41 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-10-12 16:06 . 2009-10-14 21:40 -------- d--h--w- c:\windows\$hf_mig$
2009-10-12 15:42 . 2008-12-16 12:30 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-10-12 15:28 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-10-12 15:28 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-10-12 15:28 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-10-12 15:28 . 2009-10-12 15:28 -------- d-----w- c:\program files\Alwil Software
2009-10-12 15:16 . 2009-10-12 15:23 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-12 14:46 . 2009-10-12 15:16 -------- d-----w- c:\documents and settings\rnchi316\Application Data\Apple Computer
2009-10-12 14:46 . 2009-05-18 21:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-12 14:46 . 2008-04-17 20:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-10-12 14:45 . 2009-10-12 14:45 -------- d-----w- c:\program files\iPod
2009-10-12 14:45 . 2009-10-12 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-12 14:45 . 2009-10-12 14:46 -------- d-----w- c:\program files\iTunes
2009-10-12 14:45 . 2009-10-12 14:45 -------- d-----w- c:\program files\Bonjour
2009-10-12 14:44 . 2009-10-12 14:45 -------- d-----w- c:\program files\QuickTime
2009-10-12 14:44 . 2009-10-12 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-12 14:44 . 2009-10-12 14:44 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Apple
2009-10-12 14:44 . 2009-10-12 14:44 -------- d-----w- c:\program files\Apple Software Update
2009-10-12 14:44 . 2009-10-12 14:46 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-12 14:44 . 2009-08-29 02:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-10-12 14:44 . 2009-08-29 02:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-10-12 14:43 . 2009-10-12 14:45 -------- d-----w- c:\program files\Common Files\Apple
2009-10-12 14:43 . 2009-10-12 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-12 14:42 . 2009-10-20 08:35 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Apple Computer
2009-10-12 14:16 . 2009-10-12 14:16 0 ----a-w- c:\windows\nsreg.dat
2009-10-12 14:16 . 2009-10-12 14:16 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Mozilla
2009-10-12 14:10 . 2009-10-12 14:10 -------- d-s---w- c:\documents and settings\rnchi316\UserData
2009-10-12 14:08 . 2009-10-12 14:08 -------- d-----w- c:\program files\Intel
2009-10-12 14:08 . 2009-10-19 10:54 -------- d-----w- C:\Intel10.3
2009-10-12 13:30 . 2009-10-12 13:30 -------- d-----w- c:\documents and settings\rnchi316\WINDOWS
2009-10-12 13:30 . 1998-10-29 23:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-10-12 13:15 . 2008-04-14 12:42 10752 ----a-w- c:\windows\system32\smtpapi.dll
2009-10-12 12:21 . 2009-10-12 12:21 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-12 12:08 . 2009-10-19 01:28 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-12 12:08 . 2009-10-12 12:08 -------- d-----w- c:\windows\system32\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 12:14 . 2001-08-23 12:00 42809 ----a-w- c:\windows\system32\key01.sys
2009-10-19 12:13 . 2004-08-03 12:56 194560 ----a-w- c:\windows\system32\certcli.dll
2009-10-19 06:13 . 2009-10-12 11:20 28656 ----a-w- c:\documents and settings\rnchi316\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-12 23:39 . 2009-10-12 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-10-12 16:43 . 2009-10-12 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-10-12 16:43 . 2009-10-12 16:41 -------- d-----w- c:\program files\Yahoo!
2009-10-12 16:43 . 2009-10-12 16:43 -------- d-----w- c:\documents and settings\rnchi316\Application Data\Yahoo!
2009-10-12 11:59 . 2009-10-12 11:59 -------- d-----w- c:\program files\NETGEAR
2009-10-12 11:59 . 2009-10-12 11:59 -------- d-----w- c:\program files\InstallShield Installation Information
2009-10-12 11:10 . 2009-10-12 11:10 -------- d-----w- c:\program files\microsoft frontpage
2009-10-12 11:07 . 2009-10-12 11:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-25 05:37 . 2004-08-03 12:56 667136 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:37 . 2004-08-03 12:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:18 . 2004-08-03 12:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-03 12:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:00 . 2004-08-03 12:56 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:01 . 2004-08-03 12:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 03:44 . 2004-08-03 11:20 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 22:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-03 12:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2001-08-23 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-13_02.22.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-26 20:40 . 2006-10-26 20:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2009-10-13 15:09 . 2009-10-13 15:09 16384 c:\windows\Temp\Perflib_Perfdata_684.dat
+ 2009-10-19 20:56 . 2009-10-19 20:56 16384 c:\windows\Temp\Perflib_Perfdata_11c.dat
+ 2004-08-03 12:56 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 90112 c:\windows\system32\wshext.dll
+ 2004-08-03 12:56 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2006-07-24 17:50 . 2006-07-24 17:50 47920 c:\windows\system32\VBAME.DLL
+ 2009-10-19 03:09 . 2006-10-27 02:56 33104 c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 67408 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 67408 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
- 2009-10-12 16:06 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2009-10-12 16:06 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
- 2004-08-03 12:56 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2004-08-03 12:56 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2006-07-24 17:50 . 2006-07-24 17:50 39728 c:\windows\system32\SCP32.DLL
+ 2001-08-23 12:00 . 2009-10-19 11:09 58836 c:\windows\system32\perfc009.dat
+ 1998-08-09 11:07 . 1998-08-09 11:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 1998-06-17 19:08 . 1998-06-17 19:08 53248 c:\windows\system32\MFC42ENU.DLL
- 2009-10-12 18:03 . 2008-04-14 12:41 86016 c:\windows\system32\mdmxsdk.dll
+ 2009-10-12 18:03 . 2004-03-17 18:00 86016 c:\windows\system32\mdmxsdk.dll
+ 2004-06-09 23:06 . 2004-06-09 23:06 99544 c:\windows\system32\Macromed\Flash\GetFlash.exe
+ 2004-10-28 22:29 . 2004-10-28 22:29 39018 c:\windows\system32\hsfci012.dll
+ 2006-10-26 21:10 . 2006-10-26 21:10 33088 c:\windows\system32\FM20ENU.DLL
+ 2009-10-12 17:58 . 2004-03-17 18:04 13059 c:\windows\system32\drivers\mdmxsdk.sys
+ 2004-08-03 10:59 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
- 2001-08-23 12:00 . 2001-08-23 12:00 42809 c:\windows\system32\dllcache\key01.sys
+ 2001-08-23 12:00 . 2009-10-19 12:14 42809 c:\windows\system32\dllcache\key01.sys
- 2009-06-26 16:50 . 2009-06-26 16:50 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-06-26 16:50 . 2009-09-25 05:37 81920 c:\windows\system32\dllcache\ieencode.dll
- 2009-10-12 18:07 . 2008-07-08 13:02 26488 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\update\spcustom.dll
- 2009-10-12 18:07 . 2008-07-08 13:02 17272 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\spmsg.dll
+ 2009-10-19 03:06 . 2009-10-19 03:06 48128 c:\windows\Installer\15bee118.msi
+ 2009-10-19 03:36 . 2009-10-19 03:36 29184 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}\IconCD95F6617.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-10-26 20:40 . 2006-10-26 20:40 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 155648 c:\windows\system32\wscript.exe
+ 2004-08-03 12:56 . 2008-05-08 11:24 155648 c:\windows\system32\wscript.exe
- 2004-08-03 12:56 . 2008-04-14 12:42 485376 c:\windows\system32\wmspdmod.dll
+ 2004-08-03 12:56 . 2009-04-03 19:15 485376 c:\windows\system32\wmspdmod.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 233472 c:\windows\system32\wmpdxm.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 233472 c:\windows\system32\wmpdxm.dll
+ 2006-10-26 20:45 . 2006-10-26 20:45 293376 c:\windows\system32\WISPTIS.EXE
+ 2009-10-19 10:25 . 2008-03-25 05:05 332672 c:\windows\system32\WgaTray.exe
+ 2009-10-19 10:25 . 2008-03-25 05:05 200064 c:\windows\system32\WgaLogon.dll
+ 2004-08-03 12:56 . 2008-05-09 10:53 430080 c:\windows\system32\vbscript.dll
+ 2004-08-03 12:56 . 2009-09-25 05:37 627712 c:\windows\system32\urlmon.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 864080 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 864080 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 172032 c:\windows\system32\scrrun.dll
+ 2004-08-03 12:56 . 2008-05-09 10:53 172032 c:\windows\system32\scrrun.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 180224 c:\windows\system32\scrobj.dll
+ 2004-08-03 12:56 . 2008-05-09 10:53 180224 c:\windows\system32\scrobj.dll
+ 2004-08-03 12:56 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll
+ 2009-10-12 12:21 . 2009-10-19 17:09 201176 c:\windows\system32\Restore\rstrlog.dat
+ 2000-04-03 17:52 . 2000-04-03 17:52 151552 c:\windows\system32\RDOCURS.DLL
+ 2001-08-23 12:00 . 2009-10-19 11:09 367864 c:\windows\system32\perfh009.dat
+ 2006-07-24 17:50 . 2006-07-24 17:50 125744 c:\windows\system32\MSSTDFMT.DLL
+ 2000-05-11 13:06 . 2000-05-11 13:06 397312 c:\windows\system32\MSRDO20.DLL
+ 2004-08-03 12:56 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 103936 c:\windows\system32\logagent.exe
+ 2004-08-03 12:56 . 2008-06-10 10:11 103936 c:\windows\system32\logagent.exe
+ 2004-08-03 12:56 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2004-08-03 12:56 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
- 2004-08-03 12:56 . 2008-04-14 12:41 512000 c:\windows\system32\jscript.dll
+ 2009-10-13 19:56 . 2009-10-13 19:56 149280 c:\windows\system32\javaws.exe
+ 2009-10-13 19:56 . 2009-10-13 19:56 145184 c:\windows\system32\javaw.exe
+ 2009-10-13 19:56 . 2009-10-13 19:56 145184 c:\windows\system32\java.exe
+ 2006-10-26 20:45 . 2006-10-26 20:45 207360 c:\windows\system32\INKED.DLL
+ 2009-10-12 13:16 . 2009-10-19 20:56 220248 c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-10-12 13:16 . 2009-09-06 07:09 126976 c:\windows\system32\inetsrv\ftpsvc2.dll
+ 2009-10-12 03:56 . 2009-10-19 08:36 146016 c:\windows\system32\FNTCACHE.DAT
+ 2004-12-15 22:18 . 2004-12-15 22:18 220928 c:\windows\system32\drivers\HSFHWBS2.sys
+ 2004-12-15 22:18 . 2004-12-15 22:18 703232 c:\windows\system32\drivers\HSF_CNXT.sys
+ 2008-05-08 11:24 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe
+ 2004-08-03 12:56 . 2009-04-03 19:15 485376 c:\windows\system32\dllcache\wmspdmod.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 485376 c:\windows\system32\dllcache\wmspdmod.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-26 16:50 . 2009-09-25 05:37 667136 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-11 05:18 . 2009-03-11 05:18 934792 c:\windows\system32\dllcache\WgaTray.exe
+ 2009-03-11 05:18 . 2009-03-11 05:18 239496 c:\windows\system32\dllcache\wgaLogon.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2009-06-26 16:50 . 2009-09-25 05:37 627712 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-03 12:56 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-03 12:56 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-03 12:56 . 2008-06-10 10:11 103936 c:\windows\system32\dllcache\logagent.exe
- 2004-08-03 12:56 . 2008-04-14 12:42 103936 c:\windows\system32\dllcache\logagent.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-07 09:07 . 2008-05-07 09:07 135168 c:\windows\system32\dllcache\cscript.exe
+ 2004-08-03 12:56 . 2009-10-19 12:13 194560 c:\windows\system32\dllcache\certcli.dll
+ 2004-08-03 12:56 . 2008-05-07 09:07 135168 c:\windows\system32\cscript.exe
- 2009-10-12 18:07 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\update\updspapi.dll
- 2009-10-12 18:07 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\update\update.exe
- 2009-10-12 18:07 . 2008-07-08 13:02 231288 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\spuninst.exe
+ 2009-10-19 03:06 . 2009-10-19 03:06 501248 c:\windows\Installer\15bee12e.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 506880 c:\windows\Installer\15bee129.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 516608 c:\windows\Installer\15bee123.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 513024 c:\windows\Installer\15bee11d.msi
+ 2009-10-19 03:05 . 2009-10-19 03:05 501248 c:\windows\Installer\15bee101.msi
+ 2009-10-13 19:56 . 2009-10-13 19:56 537600 c:\windows\Installer\106f815.msi
+ 2009-10-19 03:36 . 2009-10-19 03:36 632320 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}\IconCD95F66110.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-10-19 04:13 . 2009-10-19 04:13 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-10-14 11:17 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2004-08-03 12:57 . 2009-05-26 23:53 2174976 c:\windows\system32\WMVCore.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 4874240 c:\windows\system32\wmp.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 4874240 c:\windows\system32\wmp.dll
+ 2004-08-03 12:56 . 2008-06-10 13:11 1053696 c:\windows\system32\WMNetmgr.dll
- 2004-08-03 12:56 . 2009-07-18 16:05 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-03 12:56 . 2009-09-25 05:37 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-03 12:56 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 1435648 c:\windows\system32\query.dll
+ 2009-10-12 18:03 . 2008-09-10 01:14 1307648 c:\windows\system32\msxml6.dll
+ 2009-10-12 11:05 . 2009-06-10 16:19 2066432 c:\windows\system32\mstscax.dll
+ 2004-08-03 12:56 . 2009-09-25 05:37 3070976 c:\windows\system32\mshtml.dll
+ 2009-03-11 05:18 . 2008-03-25 05:05 1488688 c:\windows\system32\LegitCheckControl.dll
+ 2006-10-26 21:10 . 2006-10-26 21:10 1190688 c:\windows\system32\FM20.DLL
+ 2004-12-15 22:18 . 2004-12-15 22:18 1038208 c:\windows\system32\drivers\HSF_DP.sys
+ 2004-08-03 12:57 . 2009-05-26 23:53 2174976 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 4874240 c:\windows\system32\dllcache\wmp.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-03 12:56 . 2008-06-10 13:11 1053696 c:\windows\system32\dllcache\WMNetmgr.dll
- 2009-07-18 16:05 . 2009-07-18 16:05 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-07-18 16:05 . 2009-09-25 05:37 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-10-12 18:03 . 2008-09-10 01:14 1307648 c:\windows\system32\dllcache\msxml6.dll
+ 2009-10-12 11:05 . 2009-06-10 16:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-07-18 16:05 . 2009-09-25 05:37 3070976 c:\windows\system32\dllcache\mshtml.dll
+ 2009-10-19 03:59 . 2009-10-19 03:59 6019584 c:\windows\Installer\15e9367a.msi
+ 2009-10-19 03:36 . 2009-10-19 03:36 1541120 c:\windows\Installer\15db19f5.msi
+ 2009-10-19 03:09 . 2009-10-19 03:09 9613312 c:\windows\Installer\15bee13a.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 1652736 c:\windows\Installer\15bee133.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 1640960 c:\windows\Installer\15bee110.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 1640960 c:\windows\Installer\15bee10b.msi
+ 2009-10-19 03:05 . 2009-10-19 03:05 1713152 c:\windows\Installer\15bee106.msi
+ 2009-10-19 03:05 . 2009-10-19 03:05 2397184 c:\windows\Installer\15bee0fc.msi
+ 2009-10-19 01:28 . 2009-10-19 01:28 3940352 c:\windows\Installer\1565ae92.msi
+ 2009-10-19 03:09 . 2009-10-19 04:14 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-10-12 16:12 . 2009-08-05 03:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-10-12 16:12 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-10-12 16:12 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-10-12 16:12 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-12 16:12 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-12 16:48 . 2009-10-02 18:01 25198016 c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Registry Repair Wizard Scheduler"="c:\program files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" [2009-07-25 1540352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-13 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-09-21 86016]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2005-09-21 2807808]

c:\documents and settings\rnchi316\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\mmc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10/19/2009 10:14 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/19/2009 10:14 AM 20560]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ASWUPDSV
*NewlyCreated* - AVAST!_MAIL_SCANNER
*NewlyCreated* - AVAST!_WEB_SCANNER

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder

2009-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\rnchi316\Application Data\Mozilla\Firefox\Profiles\fwwun1qw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 04:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-10-20 4:02
ComboFix-quarantined-files.txt 2009-10-20 11:02

Pre-Run: 16,447,819,776 bytes free
Post-Run: 16,426,381,312 bytes free

- - End Of File - - 5956AA3D0AED1F70947C0A4857D764CF
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 10/21/2009 11:03 AM (GMT +2)    Quote: I think I have the Conficker Worm. Please helpAlert an admin about: I think I have the Conficker Worm. Please help
Hello heathermmowat26
 
I think I have the Conficker Worm
Why do you think you have conficker infection ? As there are no sign of infections in the combolog.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 
New Topic Post reply to : I think I have the Conficker Worm. Please help Printable version of : I think I have the Conficker Worm. Please help
 
Forum Information
Currently it is Sunday, December 21, 2014 8:12 AM (GMT +2)
There are a total of 60,822 posts in 13,360 threads.
In the last 3 days there were 0 new threads and 0 reply posts. View Active Threads
Who's Online
This forum has 36997 registered members. Please welcome our newest member, MosQuiTos007.
7 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads