We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
pc keeps redialling????
Comments
-
i get the small box centre screen for combofix with green line but no option tochange name, only an ok box to press then all closes down. visage is the webcam i think.A happy wife, and mum to 2 lovely little boys :j0
-
ok, try this instead ~
Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_superantispyware/
UPDATE and PERFORM COMPLETE SCAN:idea:0 -
Mrsv05
DID YOU TRY MY WAY AS PREVOUSLY POSTED....... IT SORTED MY PROBLEM OUT
HOW DID YOU GO WITH IT??:dance: I am great , yes I am :dance:
:rotfl:
If you think I was useful , Thank you, for thanking me
0 -
Mrsv05
DID YOU TRY MY WAY AS PREVOUSLY POSTED....... IT SORTED MY PROBLEM OUT
HOW DID YOU GO WITH IT??
hello, sorry ive had mares with this, yes i did try that but then all pages stopped showing up and showed offline for everything, wasnt sure if meant to do that and couldnt get on here to say. its so hit and miss for it working.
i will run sas again and see what it says now.A happy wife, and mum to 2 lovely little boys :j0 -
My bad. Forgot we'd tried that one
Right click the COMBOFIX icon and goto RENAME and rename it to whatever you like
Then try and run it
if THAT doesnt work then try running it in SAFE MODE:idea:0 -
hello, sorry ive had mares with this, yes i did try that but then all pages stopped showing up and showed offline for everything, wasnt sure if meant to do that and couldnt get on here to say. its so hit and miss for it working.
i will run sas again and see what it says now.
Sorry to hear that , i've never heard of that before
Its actually supposed to stop it dialing by itself , not totally switch it all off :eek: but it should means that you can dial it normally , just the computer won't do it automatically , hence the boxes should dissapear.
I hope you get a resolution
Regards
CLLC :dance: I am great , yes I am :dance:
:rotfl: If you think I was useful , Thank you, for thanking me
0 -
i appreciate all of your help and pleased yours was sorted, it was worth a go but dont know whats wrong. ive run combofix, got the log after the pc restarted, however, as per usual when it did load up i could not copy the text to post as frozen AGAIN ! i will keep trying. it works 1 ot of about 5 times so dont hold your breath but as i say, i appreciate all helpA happy wife, and mum to 2 lovely little boys :j0
-
managed it !
ComboFix 09-03-13.02 - mandy 2009-03-15 21:27:57.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1014.561 [GMT 0:00]
Running from: c:\documents and settings\mandy\My Documents\ComboFixpc.exe
FW: ZoneAlarm Pro Firewall *enabled*
.
The following files were disabled during the run:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
((((((((((((((((((((((((( Files Created from 2009-02-15 to 2009-03-15 )))))))))))))))))))))))))))))))
.
2009-03-14 10:27 . 2009-03-14 10:27 <DIR> d
c:\program files\Spybot - Search & Destroy
2009-03-14 10:27 . 2009-03-14 10:27 <DIR> d
c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-13 20:53 . 2009-03-13 20:53 <DIR> d--hs---- C:\FOUND.008
2009-03-11 19:18 . 2009-03-11 19:18 <DIR> d
c:\documents and settings\All Users\Application Data\NortonInstaller
2009-03-11 11:46 . 2009-03-11 11:46 <DIR> d
c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-11 11:45 . 2009-03-11 11:45 <DIR> d
c:\program files\SUPERAntiSpyware
2009-03-11 11:45 . 2009-03-11 11:45 <DIR> d
c:\documents and settings\mandy\Application Data\SUPERAntiSpyware.com
2009-03-11 11:43 . 2009-03-11 11:43 <DIR> d
c:\program files\Common Files\Wise Installation Wizard
2009-03-10 22:15 . 2009-03-10 22:15 <DIR> d
c:\program files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 17:41 2,418,176 ----a-w c:\windows\Internet Logs\xDB29.tmp
2009-03-12 11:06 2,327,552
w c:\windows\Internet Logs\xDB28.tmp
2009-03-10 08:29 7,224,167
w c:\windows\Internet Logs\tvDebug.Zip
2009-03-09 20:11 6,467,584
w c:\windows\Internet Logs\xDB26.tmp
2009-03-09 20:11 2,287,104
w c:\windows\Internet Logs\xDB27.tmp
2009-03-04 22:15 2,286,592
w c:\windows\Internet Logs\xDB25.tmp
2009-03-04 22:15 1,809,408
w c:\windows\Internet Logs\xDB24.tmp
2009-03-03 20:41 2,286,080
w c:\windows\Internet Logs\xDB23.tmp
2009-02-23 23:04 4,624,896
w c:\windows\Internet Logs\xDB21.tmp
2009-02-23 23:04 2,272,768
w c:\windows\Internet Logs\xDB22.tmp
2009-02-17 22:11 451,584
w c:\windows\Internet Logs\xDB20.tmp
2009-02-13 22:37 823,296
w c:\windows\Internet Logs\xDB1F.tmp
2009-02-11 10:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 10:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 11:36 4,904,960
w c:\windows\Internet Logs\xDB1D.tmp
2009-02-10 11:36 2,254,336
w c:\windows\Internet Logs\xDB1E.tmp
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784
w c:\windows\system32\dllcache\win32k.sys
2009-02-08 20:32 2,252,288
w c:\windows\Internet Logs\xDB1C.tmp
2009-01-27 23:20 129,536
w c:\windows\Internet Logs\xDB1B.tmp
2009-01-26 23:29 236,544
w c:\windows\Internet Logs\xDB1A.tmp
2009-01-24 22:50 101,376
w c:\windows\Internet Logs\xDB19.tmp
2009-01-24 21:19
d
w c:\program files\Malwarebytes' Anti-Malware
2009-01-24 21:19
d
w c:\documents and settings\mandy\Application Data\Malwarebytes
2009-01-24 21:19
d
w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-24 20:41 98,304
w c:\windows\Internet Logs\xDB18.tmp
2009-01-24 19:14 412,160
w c:\windows\Internet Logs\xDB16.tmp
2009-01-24 19:14 2,229,760
w c:\windows\Internet Logs\xDB17.tmp
2009-01-18 19:55 2,222,592
w c:\windows\Internet Logs\xDB15.tmp
2009-01-18 19:54 923,136
w c:\windows\Internet Logs\xDB14.tmp
2009-01-16 21:35 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-01-12 19:36 41,472
w c:\windows\Internet Logs\xDB12.tmp
2009-01-12 19:36 2,208,768
w c:\windows\Internet Logs\xDB13.tmp
2009-01-11 21:21 706,048
w c:\windows\Internet Logs\xDB11.tmp
2009-01-03 21:11 471,552
w c:\windows\Internet Logs\xDB10.tmp
2008-12-30 13:43 2,154,496
w c:\windows\Internet Logs\xDBF.tmp
2008-12-30 13:43 1,871,872
w c:\windows\Internet Logs\xDBE.tmp
2008-12-19 09:10 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824
w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-16 23:56 2,149,376
w c:\windows\Internet Logs\xDBD.tmp
2008-03-10 18:38 42,552 ----a-w c:\documents and settings\mandy\Application Data\GDIPFONTCACHEV1.DAT
2008-11-30 10:41 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008113020081201\index.dat
.
((((((((((((((((((((((((((((( [EMAIL="SnapShot@2009-03-14_21.35.51.96"]SnapShot@2009-03-14_21.35.51.96[/EMAIL] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-15 17:44:50 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_3a4.dat
+ 2009-03-15 17:45:40 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_9a0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-02 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-17 1830128]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-03-23 151552]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-04 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-04-06 225280]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 401408]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-04-06 331776]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-04-06 19:06 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"ImageItEncrypt"="c:\windows\system32\ImageItEncrypt.exe" [2005-12-30 40960]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"lxcrmon.exe"="c:\program files\Lexmark 2400 Series\lxcrmon.exe" [2006-03-06 286720]
"EzPrint"="c:\program files\Lexmark 2400 Series\ezprint.exe" [2006-02-07 98304]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 290816]
"LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 65536]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-07-16 286720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-10-09 981904]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-03-27 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"!!5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\progra~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-02-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 55024]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-05-04 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-05-04 78208]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2005-11-30 1097472]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
.
.
Supplementary Scan
.
uStart Page = hxxp://uk.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.wanadoo.co.uk/cd_redirects/st35install.htm
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: !!3B5E9B23-7537-4601-A9E8-FA0D956DEA16} - hxxp://www.couponreport.net/ftp/v3123/csauie1.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 21:32:10
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(712)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-15 21:35:45
ComboFix-quarantined-files.txt 2009-03-15 21:35:42
ComboFix2.txt 2009-03-14 21:40:06
Pre-Run: 8,942,125,056 bytes free
Post-Run: 8,980,725,760 bytes free
200 --- E O F --- 2009-03-14 17:27:37A happy wife, and mum to 2 lovely little boys :j0 -
i can see symantics in here which i think is norton, yet i did as you said and ran the norton removal tool. if that doesnt get rid what will???? and why will it affect it now after being on for so long? could it interfer with my cursor? thanks in advanceA happy wife, and mum to 2 lovely little boys :j0
-
Im getting a bit tired tonight so ill have a proper sift through it tomorrow
I notice you have Spybots TEA TIMER turned on though which can effect the running of things ~
Turn off Spybots 'TEA TIMER' mode ~
Open Spybot
Change Mode (Top) to ADVANCED
Select TOOLS then RESIDENT
UNTICK 'Resident TEA TIMER' (Leave 'SD Helper' TICKED):idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.5K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards