|
-
November 20th, 2009, 02:26 AM
#11
Crunchie
Thanks for note on Cypherix. I'll re-install soon.
ComboFix seemed to say that PEV, sed, and MBR were ComboFix files and so would not be scanned (pop up box)--does that make sense?
here are the logs:
ComboFix 09-11-19.05 - Tenney Nathanson 11/19/2009 23:03.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1389 [GMT -7:00]
Running from: c:\documents and settings\Tenney Nathanson\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Tenney Nathanson\Desktop\CFScript.txt
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
/wow section - STAGE 32A
((((((((((((((((((((((((( Files Created from 2009-10-20 to 2009-11-20 )))))))))))))))))))))))))))))))
.
2009-11-20 02:58 . 2009-08-22 08:26 165240 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2009-11-20 01:54 . 2009-08-25 08:00 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\NAVENG.SYS
2009-11-20 01:54 . 2009-08-25 08:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\NAVENG32.DLL
2009-11-20 01:54 . 2009-08-25 08:00 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\NAVEX32A.DLL
2009-11-20 01:54 . 2009-08-25 08:00 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\NAVEX15.SYS
2009-11-20 01:54 . 2009-09-22 08:00 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\ECMSVR32.DLL
2009-11-20 01:54 . 2009-08-26 08:00 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\EECTRL.SYS
2009-11-20 01:54 . 2009-08-26 08:00 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\ERASER.SYS
2009-11-20 01:54 . 2009-09-15 08:00 2747952 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091119.024\CCERASER.DLL
2009-11-13 01:44 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll
2009-11-13 01:44 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys
2009-11-13 01:44 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys
2009-11-13 01:44 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll
2009-11-13 01:44 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys
2009-11-11 21:04 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSXpx86.sys
2009-11-11 21:04 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\Scxpx86.dll
2009-11-11 21:04 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSxpx86.dll
2009-11-11 21:04 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSvix86.sys
2009-11-11 21:04 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSviA64.sys
2009-11-11 19:44 . 2009-11-11 19:44 -------- d-----w- c:\documents and settings\Tenney Nathanson\Local Settings\Application Data\Amazon
2009-11-06 15:56 . 2009-10-13 17:20 669032 ----a-w- c:\documents and settings\Tenney Nathanson\Application Data\Microsoft\Internet Explorer\Quick Launch\autoruns.exe
2009-11-06 00:14 . 2009-11-06 00:14 -------- d-----w- c:\documents and settings\Tenney Nathanson\Application Data\Malwarebytes
2009-11-06 00:14 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-06 00:14 . 2009-11-06 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-06 00:14 . 2009-11-06 00:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-06 00:14 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-04 04:10 . 2009-11-04 04:10 152576 ----a-w- c:\documents and settings\Tenney Nathanson\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-02 04:55 . 2009-11-02 04:55 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-10-25 22:46 . 2009-10-25 22:46 6729728 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\181625-18178.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-20 03:26 . 2009-03-31 07:19 256 ----a-w- c:\documents and settings\Tenney Nathanson\pool.bin
2009-11-20 02:57 . 2008-02-27 14:46 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-20 00:48 . 2009-03-03 04:52 -------- d-----w- c:\program files\Cypherix PE
2009-11-19 17:18 . 2008-02-15 20:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-11-17 03:56 . 2009-02-16 19:44 -------- d-----w- c:\program files\UnHackMe
2009-11-15 15:57 . 2009-05-17 18:28 -------- d-----w- c:\documents and settings\Tenney Nathanson\Application Data\CallingID
2009-11-15 06:10 . 2009-09-21 07:08 -------- d-----w- c:\documents and settings\Tenney Nathanson\Application Data\SlimBrowser
2009-11-12 16:14 . 2009-05-17 18:25 -------- d-----w- c:\documents and settings\Tenney Nathanson\Application Data\comcasttb
2009-11-11 19:44 . 2008-06-13 04:52 -------- d-----w- c:\program files\Amazon
2009-11-11 06:11 . 2009-02-16 19:44 2 --shatr- c:\windows\winstart.bat
2009-11-04 04:12 . 2008-01-29 17:43 -------- d-----w- c:\program files\Java
2009-11-02 05:06 . 2008-10-13 23:54 -------- d-----w- c:\program files\iTunes
2009-11-02 05:04 . 2008-10-13 23:54 -------- d-----w- c:\program files\iPod
2009-10-27 00:56 . 2008-02-14 21:14 -------- d-----w- c:\documents and settings\Tenney Nathanson\Application Data\U3
2009-10-25 22:47 . 2008-02-18 03:23 -------- d-----w- c:\program files\Quicken
2009-10-25 22:43 . 2009-06-24 01:56 245760 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\QWPATCH.EXE
2009-10-23 21:03 . 2008-02-17 06:56 -------- d-----w- c:\documents and settings\Tenney Nathanson\Application Data\Apple Computer
2009-10-20 03:33 . 2008-04-06 06:01 139251 ----a-w- c:\windows\hpoins15.dat
2009-10-14 22:17 . 2008-01-28 23:24 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-11 11:17 . 2009-01-09 19:37 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-06 08:08 . 2009-10-06 08:07 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-28 19:51 . 2009-09-28 19:51 -------- d-----w- c:\documents and settings\Administrator\Application Data\comcasttb
2009-09-28 19:42 . 2009-09-28 19:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\Logitech
2009-09-22 16:00 . 2008-01-29 17:38 -------- d-----w- c:\program files\Common Files\Real
2009-09-22 15:59 . 2009-09-22 15:59 -------- d-----w- c:\program files\Common Files\xing shared
2009-09-21 19:43 . 2008-09-28 03:24 -------- d-----w- c:\program files\QuickTime
2009-09-21 19:39 . 2008-02-17 06:54 -------- d-----w- c:\program files\Common Files\Apple
2009-09-21 07:09 . 2009-09-21 07:09 -------- d-----w- c:\documents and settings\All Users\Application Data\RoboForm
2009-09-21 07:08 . 2009-09-21 07:08 -------- d-----w- c:\program files\Siber Systems
2009-09-21 07:07 . 2009-09-21 07:07 -------- d-----w- c:\program files\SlimBrowser
2009-09-11 14:18 . 2006-06-01 04:16 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 05:16 . 2009-06-09 18:52 2000000 ----atw- c:\windows\system32\HJSMEM.DAT
2009-09-04 21:03 . 2006-06-01 04:16 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2006-06-01 04:17 916480 ------w- c:\windows\system32\wininet.dll
2009-08-29 02:42 . 2009-03-17 16:17 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-29 02:42 . 2008-02-17 06:55 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-26 08:00 . 2006-06-01 04:17 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 18:29 . 2009-08-25 18:13 19521 ----a-w- c:\windows\hpqins13.dat
2009-08-25 18:17 . 2008-02-15 12:47 32768 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2009-08-25 18:17 . 2009-05-27 06:56 392320 ----a-w- c:\windows\system32\drivers\timntr.sys
2009-08-25 18:17 . 2008-02-15 12:47 99776 ----a-w- c:\windows\system32\drivers\snapman.sys
2009-08-24 06:32 . 2009-03-31 06:31 256 ----a-w- c:\windows\system32\pool.bin
2009-08-24 05:26 . 2009-08-24 05:26 10134 ----a-r- c:\documents and settings\Tenney Nathanson\Application Data\Microsoft\Installer\{62880A3B-2F9C-4C58-8FFA-1DA280262B5E}\ARPPRODUCTICON.exe
2009-04-01 05:47 . 2009-04-07 05:56 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-11-26 00:08 . 2008-08-21 02:03 61440 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2009-10-30 17:48 . 2008-02-15 20:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
