New Posts  All Forums:Forum Nav:

ComboFix log

post #1 of 5
Thread Starter 
I noticed a strange process running in task manager and decided to run malwarebytes. It found and deleted 3 things, but just to be sure I decided to try combofix as well. It said it deleted one more file and created a log. I wanted to know know if there was anything else that should be deleted.

ComboFix2.txt 17k .txt file
The Aztec Cyclone
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 @ 3.7Ghz EVGA X58 SLI LE MSI GTX460 1GB Cyclone SLI 3x2GB Corsair Dominator-GT DDR3 1600 
Hard DriveOSKeyboardPower
G.Skill 120GB SSD, WD 7200rpm 640GB, Samsung 54... Windows 7 Ultimate x64 Logitech G11 Corsair CMPSU-750TX 750W 
CaseMouse
Cooler Master HAF 932 Logitech G500 
  hide details  
Reply
The Aztec Cyclone
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 @ 3.7Ghz EVGA X58 SLI LE MSI GTX460 1GB Cyclone SLI 3x2GB Corsair Dominator-GT DDR3 1600 
Hard DriveOSKeyboardPower
G.Skill 120GB SSD, WD 7200rpm 640GB, Samsung 54... Windows 7 Ultimate x64 Logitech G11 Corsair CMPSU-750TX 750W 
CaseMouse
Cooler Master HAF 932 Logitech G500 
  hide details  
Reply
post #2 of 5
A few web trackers for advertising purposes- clear cookies and data from your web browser
Looks like combo fix is trying to undo your product key so you may have to run remove wat again
   
CPUMotherboardGraphicsGraphics
Amd PHENOM II 1090T ASUS CROSSHAIR V FORMULA EVGA GTX 295 PNY GTX 295 
RAMHard DriveCoolingOS
PATRIOT SECTOR 5  WD CAVIAR BLUE 640GB HYPER 612+ WINDOWS 7 64BIT ULTIMATE 
MonitorPowerCase
SAMSUNG 24" 1920X1080 OCZ 1000W MOTHERBOARD BOX 
  hide details  
Reply
   
CPUMotherboardGraphicsGraphics
Amd PHENOM II 1090T ASUS CROSSHAIR V FORMULA EVGA GTX 295 PNY GTX 295 
RAMHard DriveCoolingOS
PATRIOT SECTOR 5  WD CAVIAR BLUE 640GB HYPER 612+ WINDOWS 7 64BIT ULTIMATE 
MonitorPowerCase
SAMSUNG 24" 1920X1080 OCZ 1000W MOTHERBOARD BOX 
  hide details  
Reply
post #3 of 5
Thread Starter 
I run firefox in a sandbox that's cleared everytime FF is closed, I've tried my best to stop cookies from tracking me everywhere I go. There shouldn't be any cookies or anything like that left. Can you point out which line is showing the web trackers? Aside from those though, there's no malware or anything else I should be worried about?

Edit:

These were the 3 things malwarebytes deleted.


Memory Modules Detected: 1
C:\Users\User\AppData\Roaming\ecaxt.dll (Trojan.Agent) -> No action taken.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ecaxt (Trojan.Agent) -> Data: rundll32.exe "C:\Users\User\AppData\Roaming\ecaxt.dll",FIsHTMLFileW -> No action taken.

Files Detected: 1
C:\Users\User\AppData\Roaming\ecaxt.dll (Trojan.Agent) -> No action taken.

Combofix also deleted npapse.dll that was in C:\Users\User\AppData\Roaming.


Anyone happen to have seen these before and possibly know what they might do?
Edited by Daggerfist - 7/15/12 at 10:54pm
The Aztec Cyclone
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 @ 3.7Ghz EVGA X58 SLI LE MSI GTX460 1GB Cyclone SLI 3x2GB Corsair Dominator-GT DDR3 1600 
Hard DriveOSKeyboardPower
G.Skill 120GB SSD, WD 7200rpm 640GB, Samsung 54... Windows 7 Ultimate x64 Logitech G11 Corsair CMPSU-750TX 750W 
CaseMouse
Cooler Master HAF 932 Logitech G500 
  hide details  
Reply
The Aztec Cyclone
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 @ 3.7Ghz EVGA X58 SLI LE MSI GTX460 1GB Cyclone SLI 3x2GB Corsair Dominator-GT DDR3 1600 
Hard DriveOSKeyboardPower
G.Skill 120GB SSD, WD 7200rpm 640GB, Samsung 54... Windows 7 Ultimate x64 Logitech G11 Corsair CMPSU-750TX 750W 
CaseMouse
Cooler Master HAF 932 Logitech G500 
  hide details  
Reply
post #4 of 5
Quarantene those files- that looks like the begining of a nasty multi part trojan
   
CPUMotherboardGraphicsGraphics
Amd PHENOM II 1090T ASUS CROSSHAIR V FORMULA EVGA GTX 295 PNY GTX 295 
RAMHard DriveCoolingOS
PATRIOT SECTOR 5  WD CAVIAR BLUE 640GB HYPER 612+ WINDOWS 7 64BIT ULTIMATE 
MonitorPowerCase
SAMSUNG 24" 1920X1080 OCZ 1000W MOTHERBOARD BOX 
  hide details  
Reply
   
CPUMotherboardGraphicsGraphics
Amd PHENOM II 1090T ASUS CROSSHAIR V FORMULA EVGA GTX 295 PNY GTX 295 
RAMHard DriveCoolingOS
PATRIOT SECTOR 5  WD CAVIAR BLUE 640GB HYPER 612+ WINDOWS 7 64BIT ULTIMATE 
MonitorPowerCase
SAMSUNG 24" 1920X1080 OCZ 1000W MOTHERBOARD BOX 
  hide details  
Reply
post #5 of 5
I thought program data/battle.net was a tracking cookie my bad
   
CPUMotherboardGraphicsGraphics
Amd PHENOM II 1090T ASUS CROSSHAIR V FORMULA EVGA GTX 295 PNY GTX 295 
RAMHard DriveCoolingOS
PATRIOT SECTOR 5  WD CAVIAR BLUE 640GB HYPER 612+ WINDOWS 7 64BIT ULTIMATE 
MonitorPowerCase
SAMSUNG 24" 1920X1080 OCZ 1000W MOTHERBOARD BOX 
  hide details  
Reply
   
CPUMotherboardGraphicsGraphics
Amd PHENOM II 1090T ASUS CROSSHAIR V FORMULA EVGA GTX 295 PNY GTX 295 
RAMHard DriveCoolingOS
PATRIOT SECTOR 5  WD CAVIAR BLUE 640GB HYPER 612+ WINDOWS 7 64BIT ULTIMATE 
MonitorPowerCase
SAMSUNG 24" 1920X1080 OCZ 1000W MOTHERBOARD BOX 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security