I think I have the Conficker Worm. Please help

Posted 10/20/2009 11:16 AM
#78461
User avatar

heathermmowat26 Member

Date Joined Nov 2016
Total Posts: 2
I think I have the Conficker Worm on my desktop PC and cannot figure out how to get rid of it. I need some assistance please. Please don't make me download too many things just to fix my PC, otherwise I will try most other ideas someone may have. I am posting my ComboFix log for review.
Thank you.

ComboFix 09-10-19.01 - rnchi316 10/20/2009 3:56.2.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1348 [GMT -7:00]
Running from: c:\documents and settings\rnchi316\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091019-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2009-09-20 to 2009-10-20 )))))))))))))))))))))))))))))))
.

2009-10-19 17:14 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-10-19 17:14 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-10-19 17:14 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-10-19 17:14 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-10-19 17:14 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-10-19 17:14 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-10-19 17:14 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-10-19 17:14 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-10-19 17:14 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-10-19 11:10 . 2009-10-19 11:10 -------- d-----w- c:\windows\system32\NtmsData
2009-10-19 11:08 . 2009-10-19 11:08 -------- d-----w- c:\program files\CONEXANT
2009-10-19 05:23 . 2009-10-19 20:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-19 05:23 . 2009-10-19 05:23 -------- d-----w- c:\program files\SmartPCTools
2009-10-19 04:49 . 2009-10-19 04:49 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\PCHealth
2009-10-19 03:59 . 2009-10-19 03:59 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-10-19 03:36 . 2009-10-19 03:36 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-10-19 03:09 . 2006-10-27 02:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-10-19 03:08 . 2009-10-19 03:08 -------- d-----w- c:\program files\Microsoft Works
2009-10-19 03:05 . 2009-10-19 03:59 -------- d-----w- c:\windows\SHELLNEW
2009-10-19 03:05 . 2009-10-19 03:05 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Microsoft Help
2009-10-19 03:05 . 2009-10-19 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-19 03:04 . 2009-10-19 03:04 -------- d-----r- C:\MSOCache
2009-10-19 01:28 . 2009-10-19 12:02 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Adobe
2009-10-15 03:14 . 2009-10-15 03:14 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-10-14 11:17 . 2009-09-06 07:09 126976 -c----w- c:\windows\system32\dllcache\ftpsvc2.dll
2009-10-14 10:01 . 2008-04-14 12:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-10-14 08:20 . 2009-10-14 08:20 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Identities
2009-10-14 08:16 . 2009-10-14 08:16 -------- d-----w- c:\program files\Selectsoft
2009-10-14 07:46 . 2009-10-14 07:46 -------- d-sh--w- c:\windows\ftpcache
2009-10-14 07:10 . 2009-10-14 08:07 -------- d-----w- c:\program files\5555 games by selectsoft
2009-10-14 02:17 . 2009-10-14 02:17 81920 ----a-w- c:\windows\ALCFDRTM.EXE
2009-10-13 19:57 . 2009-10-13 19:57 -------- d-----w- c:\windows\Sun
2009-10-13 19:56 . 2009-10-13 19:56 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-13 19:56 . 2009-10-13 19:56 -------- d-----w- c:\program files\Java
2009-10-13 15:11 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2009-10-12 23:21 . 2009-10-12 23:21 -------- d-----w- c:\windows\system32\Lang
2009-10-12 18:37 . 2009-10-12 18:37 -------- d-----w- c:\windows\system32\RTCOM
2009-10-12 18:37 . 2008-04-14 12:41 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2009-10-12 18:37 . 2008-04-14 12:41 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-10-12 18:37 . 2008-04-14 07:49 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2009-10-12 18:37 . 2008-04-14 07:49 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-10-12 18:37 . 2008-04-14 07:15 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2009-10-12 18:37 . 2008-04-14 07:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-10-12 18:36 . 2009-10-12 18:36 -------- d-----w- c:\documents and settings\LocalService\Application Data\PeerNetworking
2009-10-12 18:35 . 2004-11-02 15:58 163840 ----a-w- c:\windows\system32\igfxres.dll
2009-10-12 18:01 . 2008-04-14 12:42 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2009-10-12 16:45 . 2009-10-12 16:45 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Yahoo
2009-10-12 16:43 . 2009-10-12 17:03 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Yahoo!
2009-10-12 16:43 . 2009-10-12 18:01 -------- d-----w- c:\windows\ServicePackFiles
2009-10-12 16:18 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-12 16:18 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-10-12 16:18 . 2009-05-21 18:46 268288 -c----w- c:\windows\system32\dllcache\httpext.dll
2009-10-12 16:14 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-10-12 16:14 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-12 16:14 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-10-12 16:14 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-12 16:13 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-10-12 16:12 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-10-12 16:12 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-10-12 16:12 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-10-12 16:12 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-10-12 16:12 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-10-12 16:12 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-10-12 16:12 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-10-12 16:12 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-10-12 16:12 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-10-12 16:12 . 2009-08-05 03:44 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-10-12 16:12 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-12 16:12 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-12 16:11 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-10-12 16:10 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-10-12 16:10 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-10-12 16:06 . 2007-07-27 17:41 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-10-12 16:06 . 2009-10-14 21:40 -------- d--h--w- c:\windows\$hf_mig$
2009-10-12 15:42 . 2008-12-16 12:30 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-10-12 15:28 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-10-12 15:28 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-10-12 15:28 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-10-12 15:28 . 2009-10-12 15:28 -------- d-----w- c:\program files\Alwil Software
2009-10-12 15:16 . 2009-10-12 15:23 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-12 14:46 . 2009-10-12 15:16 -------- d-----w- c:\documents and settings\rnchi316\Application Data\Apple Computer
2009-10-12 14:46 . 2009-05-18 21:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-12 14:46 . 2008-04-17 20:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-10-12 14:45 . 2009-10-12 14:45 -------- d-----w- c:\program files\iPod
2009-10-12 14:45 . 2009-10-12 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-12 14:45 . 2009-10-12 14:46 -------- d-----w- c:\program files\iTunes
2009-10-12 14:45 . 2009-10-12 14:45 -------- d-----w- c:\program files\Bonjour
2009-10-12 14:44 . 2009-10-12 14:45 -------- d-----w- c:\program files\QuickTime
2009-10-12 14:44 . 2009-10-12 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-12 14:44 . 2009-10-12 14:44 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Apple
2009-10-12 14:44 . 2009-10-12 14:44 -------- d-----w- c:\program files\Apple Software Update
2009-10-12 14:44 . 2009-10-12 14:46 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-12 14:44 . 2009-08-29 02:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-10-12 14:44 . 2009-08-29 02:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-10-12 14:43 . 2009-10-12 14:45 -------- d-----w- c:\program files\Common Files\Apple
2009-10-12 14:43 . 2009-10-12 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-12 14:42 . 2009-10-20 08:35 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Apple Computer
2009-10-12 14:16 . 2009-10-12 14:16 0 ----a-w- c:\windows\nsreg.dat
2009-10-12 14:16 . 2009-10-12 14:16 -------- d-----w- c:\documents and settings\rnchi316\Local Settings\Application Data\Mozilla
2009-10-12 14:10 . 2009-10-12 14:10 -------- d-s---w- c:\documents and settings\rnchi316\UserData
2009-10-12 14:08 . 2009-10-12 14:08 -------- d-----w- c:\program files\Intel
2009-10-12 14:08 . 2009-10-19 10:54 -------- d-----w- C:\Intel10.3
2009-10-12 13:30 . 2009-10-12 13:30 -------- d-----w- c:\documents and settings\rnchi316\WINDOWS
2009-10-12 13:30 . 1998-10-29 23:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-10-12 13:15 . 2008-04-14 12:42 10752 ----a-w- c:\windows\system32\smtpapi.dll
2009-10-12 12:21 . 2009-10-12 12:21 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-12 12:08 . 2009-10-19 01:28 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-12 12:08 . 2009-10-12 12:08 -------- d-----w- c:\windows\system32\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 12:14 . 2001-08-23 12:00 42809 ----a-w- c:\windows\system32\key01.sys
2009-10-19 12:13 . 2004-08-03 12:56 194560 ----a-w- c:\windows\system32\certcli.dll
2009-10-19 06:13 . 2009-10-12 11:20 28656 ----a-w- c:\documents and settings\rnchi316\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-12 23:39 . 2009-10-12 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-10-12 16:43 . 2009-10-12 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-10-12 16:43 . 2009-10-12 16:41 -------- d-----w- c:\program files\Yahoo!
2009-10-12 16:43 . 2009-10-12 16:43 -------- d-----w- c:\documents and settings\rnchi316\Application Data\Yahoo!
2009-10-12 11:59 . 2009-10-12 11:59 -------- d-----w- c:\program files\NETGEAR
2009-10-12 11:59 . 2009-10-12 11:59 -------- d-----w- c:\program files\InstallShield Installation Information
2009-10-12 11:10 . 2009-10-12 11:10 -------- d-----w- c:\program files\microsoft frontpage
2009-10-12 11:07 . 2009-10-12 11:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-25 05:37 . 2004-08-03 12:56 667136 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:37 . 2004-08-03 12:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:18 . 2004-08-03 12:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-03 12:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:00 . 2004-08-03 12:56 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:01 . 2004-08-03 12:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 03:44 . 2004-08-03 11:20 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 22:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-03 12:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2001-08-23 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-13_02.22.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-26 20:40 . 2006-10-26 20:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2009-10-13 15:09 . 2009-10-13 15:09 16384 c:\windows\Temp\Perflib_Perfdata_684.dat
+ 2009-10-19 20:56 . 2009-10-19 20:56 16384 c:\windows\Temp\Perflib_Perfdata_11c.dat
+ 2004-08-03 12:56 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 90112 c:\windows\system32\wshext.dll
+ 2004-08-03 12:56 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2006-07-24 17:50 . 2006-07-24 17:50 47920 c:\windows\system32\VBAME.DLL
+ 2009-10-19 03:09 . 2006-10-27 02:56 33104 c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 67408 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 67408 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
- 2009-10-12 16:06 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2009-10-12 16:06 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
- 2004-08-03 12:56 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2004-08-03 12:56 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2006-07-24 17:50 . 2006-07-24 17:50 39728 c:\windows\system32\SCP32.DLL
+ 2001-08-23 12:00 . 2009-10-19 11:09 58836 c:\windows\system32\perfc009.dat
+ 1998-08-09 11:07 . 1998-08-09 11:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 1998-06-17 19:08 . 1998-06-17 19:08 53248 c:\windows\system32\MFC42ENU.DLL
- 2009-10-12 18:03 . 2008-04-14 12:41 86016 c:\windows\system32\mdmxsdk.dll
+ 2009-10-12 18:03 . 2004-03-17 18:00 86016 c:\windows\system32\mdmxsdk.dll
+ 2004-06-09 23:06 . 2004-06-09 23:06 99544 c:\windows\system32\Macromed\Flash\GetFlash.exe
+ 2004-10-28 22:29 . 2004-10-28 22:29 39018 c:\windows\system32\hsfci012.dll
+ 2006-10-26 21:10 . 2006-10-26 21:10 33088 c:\windows\system32\FM20ENU.DLL
+ 2009-10-12 17:58 . 2004-03-17 18:04 13059 c:\windows\system32\drivers\mdmxsdk.sys
+ 2004-08-03 10:59 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
- 2001-08-23 12:00 . 2001-08-23 12:00 42809 c:\windows\system32\dllcache\key01.sys
+ 2001-08-23 12:00 . 2009-10-19 12:14 42809 c:\windows\system32\dllcache\key01.sys
- 2009-06-26 16:50 . 2009-06-26 16:50 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-06-26 16:50 . 2009-09-25 05:37 81920 c:\windows\system32\dllcache\ieencode.dll
- 2009-10-12 18:07 . 2008-07-08 13:02 26488 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\update\spcustom.dll
- 2009-10-12 18:07 . 2008-07-08 13:02 17272 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\spmsg.dll
+ 2009-10-19 03:06 . 2009-10-19 03:06 48128 c:\windows\Installer\15bee118.msi
+ 2009-10-19 03:36 . 2009-10-19 03:36 29184 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}\IconCD95F6617.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-10-26 20:40 . 2006-10-26 20:40 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 155648 c:\windows\system32\wscript.exe
+ 2004-08-03 12:56 . 2008-05-08 11:24 155648 c:\windows\system32\wscript.exe
- 2004-08-03 12:56 . 2008-04-14 12:42 485376 c:\windows\system32\wmspdmod.dll
+ 2004-08-03 12:56 . 2009-04-03 19:15 485376 c:\windows\system32\wmspdmod.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 233472 c:\windows\system32\wmpdxm.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 233472 c:\windows\system32\wmpdxm.dll
+ 2006-10-26 20:45 . 2006-10-26 20:45 293376 c:\windows\system32\WISPTIS.EXE
+ 2009-10-19 10:25 . 2008-03-25 05:05 332672 c:\windows\system32\WgaTray.exe
+ 2009-10-19 10:25 . 2008-03-25 05:05 200064 c:\windows\system32\WgaLogon.dll
+ 2004-08-03 12:56 . 2008-05-09 10:53 430080 c:\windows\system32\vbscript.dll
+ 2004-08-03 12:56 . 2009-09-25 05:37 627712 c:\windows\system32\urlmon.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 864080 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2009-10-19 03:09 . 2006-10-27 02:56 864080 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 172032 c:\windows\system32\scrrun.dll
+ 2004-08-03 12:56 . 2008-05-09 10:53 172032 c:\windows\system32\scrrun.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 180224 c:\windows\system32\scrobj.dll
+ 2004-08-03 12:56 . 2008-05-09 10:53 180224 c:\windows\system32\scrobj.dll
+ 2004-08-03 12:56 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll
+ 2009-10-12 12:21 . 2009-10-19 17:09 201176 c:\windows\system32\Restore\rstrlog.dat
+ 2000-04-03 17:52 . 2000-04-03 17:52 151552 c:\windows\system32\RDOCURS.DLL
+ 2001-08-23 12:00 . 2009-10-19 11:09 367864 c:\windows\system32\perfh009.dat
+ 2006-07-24 17:50 . 2006-07-24 17:50 125744 c:\windows\system32\MSSTDFMT.DLL
+ 2000-05-11 13:06 . 2000-05-11 13:06 397312 c:\windows\system32\MSRDO20.DLL
+ 2004-08-03 12:56 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 103936 c:\windows\system32\logagent.exe
+ 2004-08-03 12:56 . 2008-06-10 10:11 103936 c:\windows\system32\logagent.exe
+ 2004-08-03 12:56 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2004-08-03 12:56 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
- 2004-08-03 12:56 . 2008-04-14 12:41 512000 c:\windows\system32\jscript.dll
+ 2009-10-13 19:56 . 2009-10-13 19:56 149280 c:\windows\system32\javaws.exe
+ 2009-10-13 19:56 . 2009-10-13 19:56 145184 c:\windows\system32\javaw.exe
+ 2009-10-13 19:56 . 2009-10-13 19:56 145184 c:\windows\system32\java.exe
+ 2006-10-26 20:45 . 2006-10-26 20:45 207360 c:\windows\system32\INKED.DLL
+ 2009-10-12 13:16 . 2009-10-19 20:56 220248 c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-10-12 13:16 . 2009-09-06 07:09 126976 c:\windows\system32\inetsrv\ftpsvc2.dll
+ 2009-10-12 03:56 . 2009-10-19 08:36 146016 c:\windows\system32\FNTCACHE.DAT
+ 2004-12-15 22:18 . 2004-12-15 22:18 220928 c:\windows\system32\drivers\HSFHWBS2.sys
+ 2004-12-15 22:18 . 2004-12-15 22:18 703232 c:\windows\system32\drivers\HSF_CNXT.sys
+ 2008-05-08 11:24 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe
+ 2004-08-03 12:56 . 2009-04-03 19:15 485376 c:\windows\system32\dllcache\wmspdmod.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 485376 c:\windows\system32\dllcache\wmspdmod.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-26 16:50 . 2009-09-25 05:37 667136 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-11 05:18 . 2009-03-11 05:18 934792 c:\windows\system32\dllcache\WgaTray.exe
+ 2009-03-11 05:18 . 2009-03-11 05:18 239496 c:\windows\system32\dllcache\wgaLogon.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2009-06-26 16:50 . 2009-09-25 05:37 627712 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-03 12:56 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-03 12:56 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-03 12:56 . 2008-06-10 10:11 103936 c:\windows\system32\dllcache\logagent.exe
- 2004-08-03 12:56 . 2008-04-14 12:42 103936 c:\windows\system32\dllcache\logagent.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-07 09:07 . 2008-05-07 09:07 135168 c:\windows\system32\dllcache\cscript.exe
+ 2004-08-03 12:56 . 2009-10-19 12:13 194560 c:\windows\system32\dllcache\certcli.dll
+ 2004-08-03 12:56 . 2008-05-07 09:07 135168 c:\windows\system32\cscript.exe
- 2009-10-12 18:07 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\update\updspapi.dll
- 2009-10-12 18:07 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\update\update.exe
- 2009-10-12 18:07 . 2008-07-08 13:02 231288 c:\windows\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\spuninst.exe
+ 2009-10-19 03:06 . 2009-10-19 03:06 501248 c:\windows\Installer\15bee12e.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 506880 c:\windows\Installer\15bee129.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 516608 c:\windows\Installer\15bee123.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 513024 c:\windows\Installer\15bee11d.msi
+ 2009-10-19 03:05 . 2009-10-19 03:05 501248 c:\windows\Installer\15bee101.msi
+ 2009-10-13 19:56 . 2009-10-13 19:56 537600 c:\windows\Installer\106f815.msi
+ 2009-10-19 03:36 . 2009-10-19 03:36 632320 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}\IconCD95F66110.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2009-10-19 03:09 . 2009-10-19 04:14 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-10-19 04:13 . 2009-10-19 04:13 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-19 03:59 . 2009-10-19 04:16 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-10-14 11:17 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 20:40 . 2006-10-26 20:40 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2004-08-03 12:57 . 2009-05-26 23:53 2174976 c:\windows\system32\WMVCore.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 4874240 c:\windows\system32\wmp.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 4874240 c:\windows\system32\wmp.dll
+ 2004-08-03 12:56 . 2008-06-10 13:11 1053696 c:\windows\system32\WMNetmgr.dll
- 2004-08-03 12:56 . 2009-07-18 16:05 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-03 12:56 . 2009-09-25 05:37 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-03 12:56 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 1435648 c:\windows\system32\query.dll
+ 2009-10-12 18:03 . 2008-09-10 01:14 1307648 c:\windows\system32\msxml6.dll
+ 2009-10-12 11:05 . 2009-06-10 16:19 2066432 c:\windows\system32\mstscax.dll
+ 2004-08-03 12:56 . 2009-09-25 05:37 3070976 c:\windows\system32\mshtml.dll
+ 2009-03-11 05:18 . 2008-03-25 05:05 1488688 c:\windows\system32\LegitCheckControl.dll
+ 2006-10-26 21:10 . 2006-10-26 21:10 1190688 c:\windows\system32\FM20.DLL
+ 2004-12-15 22:18 . 2004-12-15 22:18 1038208 c:\windows\system32\drivers\HSF_DP.sys
+ 2004-08-03 12:57 . 2009-05-26 23:53 2174976 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-03 12:56 . 2009-07-12 19:21 4874240 c:\windows\system32\dllcache\wmp.dll
- 2004-08-03 12:56 . 2008-04-14 12:42 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-03 12:56 . 2008-06-10 13:11 1053696 c:\windows\system32\dllcache\WMNetmgr.dll
- 2009-07-18 16:05 . 2009-07-18 16:05 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-07-18 16:05 . 2009-09-25 05:37 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-10-12 18:03 . 2008-09-10 01:14 1307648 c:\windows\system32\dllcache\msxml6.dll
+ 2009-10-12 11:05 . 2009-06-10 16:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-07-18 16:05 . 2009-09-25 05:37 3070976 c:\windows\system32\dllcache\mshtml.dll
+ 2009-10-19 03:59 . 2009-10-19 03:59 6019584 c:\windows\Installer\15e9367a.msi
+ 2009-10-19 03:36 . 2009-10-19 03:36 1541120 c:\windows\Installer\15db19f5.msi
+ 2009-10-19 03:09 . 2009-10-19 03:09 9613312 c:\windows\Installer\15bee13a.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 1652736 c:\windows\Installer\15bee133.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 1640960 c:\windows\Installer\15bee110.msi
+ 2009-10-19 03:06 . 2009-10-19 03:06 1640960 c:\windows\Installer\15bee10b.msi
+ 2009-10-19 03:05 . 2009-10-19 03:05 1713152 c:\windows\Installer\15bee106.msi
+ 2009-10-19 03:05 . 2009-10-19 03:05 2397184 c:\windows\Installer\15bee0fc.msi
+ 2009-10-19 01:28 . 2009-10-19 01:28 3940352 c:\windows\Installer\1565ae92.msi
+ 2009-10-19 03:09 . 2009-10-19 04:14 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-10-12 16:12 . 2009-08-05 03:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-10-12 16:12 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-10-12 16:12 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-10-12 16:12 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-12 16:12 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-12 16:48 . 2009-10-02 18:01 25198016 c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Registry Repair Wizard Scheduler"="c:\program files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" [2009-07-25 1540352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-13 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-09-21 86016]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2005-09-21 2807808]

c:\documents and settings\rnchi316\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\mmc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10/19/2009 10:14 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/19/2009 10:14 AM 20560]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ASWUPDSV
*NewlyCreated* - AVAST!_MAIL_SCANNER
*NewlyCreated* - AVAST!_WEB_SCANNER

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder

2009-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\rnchi316\Application Data\Mozilla\Firefox\Profiles\fwwun1qw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 04:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-10-20 4:02
ComboFix-quarantined-files.txt 2009-10-20 11:02

Pre-Run: 16,447,819,776 bytes free
Post-Run: 16,426,381,312 bytes free

- - End Of File - - 5956AA3D0AED1F70947C0A4857D764CF
Posted 10/21/2009 9:03 AM
#78606
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello heathermmowat26






[code]
I think I have the Conficker Worm
[/code]
Why do you think you have conficker infection ? As there are no sign of infections in the combolog.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, April 26, 2017, 6:17 AM (GMT +2)
There are a total of 61,193 posts in 13,463 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,021 registered members. Please welcome our newest member, tonyjohn.
There are currently no users on-line.
[Error loading the WebPart 'cr' of type 'CultureRedirect']
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.