We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Sorry but another log
Comments
-
switched off again about a quarter of the way through the search and still on the vitumonde d11.
ETA - Ran overnight and it got through it without switching off this time so im on the next stage now. will post back when i have the log0 -
ok here we go with the combofix log
ComboFix 09-03-15.01 - User 2009-03-18 10:41:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.278 [GMT 0:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: BullGuard Antivirus *On-access scanning disabled* (Outdated)
FW: BullGuard Firewall *disabled*
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
\Legacy_MYWEBSEARCHSERVICE
((((((((((((((((((((((((( Files Created from 2009-02-18 to 2009-03-18 )))))))))))))))))))))))))))))))
.
2009-03-18 10:13 . 2009-03-18 10:13 273 --a
c:\windows\wininit.ini
2009-03-17 19:44 . 2009-03-17 19:44 <DIR> d
c:\program files\Spybot - Search & Destroy
2009-03-17 19:44 . 2009-03-18 10:14 <DIR> d
c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-17 18:12 . 2009-03-17 18:12 <DIR> d
c:\program files\SUPERAntiSpyware
2009-03-17 18:12 . 2009-03-17 18:12 <DIR> d
c:\documents and settings\User\Application Data\SUPERAntiSpyware.com
2009-03-17 18:12 . 2009-03-17 18:12 <DIR> d
c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-17 18:10 . 2009-03-17 18:10 <DIR> d
c:\program files\Common Files\Wise Installation Wizard
2009-03-17 17:42 . 2009-03-17 17:43 <DIR> d
c:\program files\iTunes
2009-03-17 17:42 . 2009-03-17 17:42 <DIR> d
c:\program files\iPod
2009-03-17 17:42 . 2009-03-17 17:43 <DIR> d
c:\documents and settings\All Users\Application Data\!!00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-17 17:29 . 2009-03-17 17:29 <DIR> d
c:\program files\QuickTime
2009-03-17 17:22 . 2009-03-17 17:22 <DIR> d
c:\program files\Trend Micro
2009-03-17 12:24 . 2009-03-17 12:24 <DIR> d
c:\documents and settings\User\Application Data\Leadertech
2009-03-17 12:08 . 2009-03-17 12:28 <DIR> d
c:\program files\NoAdware
2009-03-17 11:56 . 2009-03-17 11:56 244 --ah
C:\sqmnoopt18.sqm
2009-03-17 11:56 . 2009-03-17 11:56 232 --ah
C:\sqmdata18.sqm
2009-03-17 11:52 . 2009-03-17 11:52 268 --ah
C:\sqmdata17.sqm
2009-03-17 11:52 . 2009-03-17 11:52 244 --ah
C:\sqmnoopt17.sqm
2009-03-17 10:40 . 2009-03-17 10:40 <DIR> d
c:\program files\Malwarebytes' Anti-Malware
2009-03-17 10:40 . 2009-03-17 10:40 <DIR> d
c:\documents and settings\User\Application Data\Malwarebytes
2009-03-17 10:40 . 2009-03-17 10:40 <DIR> d
c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-17 10:40 . 2009-02-11 10:19 38,496 --a
c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-17 10:40 . 2009-02-11 10:19 15,504 --a
c:\windows\system32\drivers\mbam.sys
2009-03-16 19:12 . 2009-03-17 16:37 <DIR> d-a
c:\documents and settings\All Users\Application Data\TEMP
2009-03-16 12:03 . 2009-03-16 12:03 208 --ah
C:\sqmdata16.sqm
2009-03-16 12:03 . 2009-03-16 12:03 172 --ah
C:\sqmnoopt16.sqm
2009-03-15 11:19 . 2009-03-15 11:19 268 --ah
C:\sqmdata15.sqm
2009-03-15 11:19 . 2009-03-15 11:19 244 --ah
C:\sqmnoopt15.sqm
2009-02-24 21:28 . 2009-01-09 19:19 1,089,593
c--- c:\windows\system32\dllcache\ntprint.cat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-18 10:46
d
w c:\documents and settings\All Users\Application Data\BullGuard
2009-03-17 17:42
d
w c:\program files\Common Files\Apple
2009-02-25 09:08
d
w c:\program files\Avanquest update
2009-02-24 22:17
d
w c:\program files\Safari
2009-02-06 17:28
d
w c:\program files\Reference Assemblies
2009-02-06 17:28
d
w c:\program files\MSBuild
2008-08-29 12:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082920080830\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BullGuard"="c:\program files\BullGuard Software\BullGuard\bullguard.exe" [2008-04-11 308552]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-11 68856]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"Google Update"="c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-14 133104]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-17 1830128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-12-07 71008]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2005-03-23 217088]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-01-07 26112]
"BullGuard"="c:\program files\BullGuard Software\BullGuard\bullguard.exe" [2008-04-11 308552]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SetDefPrt"="c:\program files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 851968]
"HostManager"="c:\program files\Common Files\AOL\1206973453\ee\AOLSoftware.exe" [2006-11-14 50736]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 245760]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-02-06 177472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"GSICONEXE"="gsicon.exe" [2003-05-14 c:\windows\system32\gsicon.exe]
"DSLAGENTEXE"="dslagent.exe" [2003-04-25 c:\windows\system32\dslagent.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
EPSON Status Monitor 3 Environment Check(2).lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2008-04-09 131584]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2008-02-26 819200]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"!!5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1206973453\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-02-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 55024]
R1 VFILT;BullGuard Firewall Kernel Driver;c:\program files\BullGuard Software\BullGuard\fwengine\Filtnt.sys [2006-11-02 125216]
R2 BdFileSpy;BullGuard File Monitor Driver;c:\windows\system32\drivers\BdFileSpy.sys [2008-02-20 50896]
R2 BsFileScan;BullGuard File Scan Service;c:\windows\System32\svchost.exe -k BullGuard [2004-08-04 14336]
R2 BsFwall;BullGuard Firewall Service;c:\windows\System32\svchost.exe -k BullGuardFw [2004-08-04 14336]
R2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe -k BullGuard [2004-08-04 14336]
R3 PROTECT.DLL;BullGuard Firewall Protection Plugin;c:\program files\BullGuard Software\BullGuard\fwengine\Protect.dll [2006-11-02 16960]
R3 Reconn;BullGuard Email Monitor;c:\program files\BullGuard Software\BullGuard\Reconn.sys [2006-11-02 16984]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S3 ADBLOCK.DLL;BullGuard Firewall Adware Plugin;\??\c:\program files\BullGuard Software\BullGuard\FwEngine\AdBlock.dll --> c:\program files\BullGuard Software\BullGuard\FwEngine\AdBlock.dll [?]
S3 BGRaSvc;BGRaSvc;c:\program files\BullGuard Software\BullGuard\support\bgrasvc.exe [2008-03-19 79176]
S3 glausb;GlobeSpan USB ADSL LAN Modem;c:\windows\system32\drivers\glausb.sys [2008-02-15 267672]
S3 HTMLFILT.DLL;BullGuard Firewall HTML Plugin;\??\c:\program files\BullGuard Software\BullGuard\FwEngine\HtmlFilt.dll --> c:\program files\BullGuard Software\BullGuard\FwEngine\HtmlFilt.dll [?]
S3 HTTPFILT.DLL;BullGuard Firewall HTTP Plugin;\??\c:\program files\BullGuard Software\BullGuard\FwEngine\HttpFilt.dll --> c:\program files\BullGuard Software\BullGuard\FwEngine\HttpFilt.dll [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-03-17 38496]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy
BullGuardFw REG_MULTI_SZ BsFwall
.
Contents of the 'Scheduled Tasks' folder
2009-03-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-03-18 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
2009-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1214440339-682003330-1003.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-14 23:17]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-BVRPLiveUpdate - c:\program files\Avanquest update\Engine\Setup.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
.
Supplementary Scan
.
uStart Page = hxxp://www.aol.co.uk
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-GB\local\search.html
IE: &Search
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
DPF: !!4E62C4DE-627D-4604-B157-4B7D6B09F02E} - hxxps://moneymanager.egg.com/Pinsafe/accounttracking.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\76fofmgh.default\
FF - plugin: c:\documents and settings\User\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-18 10:45:49
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(620)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Other Running Processes
.
c:\windows\system32\brss01a.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSvc.exe
c:\program files\Common Files\AOL\acs\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\BullGuard Software\BullGuard\BullGuardUpdate.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\Brmfrmps.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-03-18 10:53:15 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-18 10:52:42
Pre-Run: 58,344,058,880 bytes free
Post-Run: 59,498,278,912 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
196 --- E O F --- 2009-03-14 03:02:300 -
do you think I need some more ram as well? it is 512 MB ram 1.6GHZ
55.6GB total size 76.3GB if that means anything!
ta0 -
XP certainly runs a LOT faster with 1 gig or more ram
:idea:0 -
This is curious ~
AV: BullGuard Antivirus *On-access scanning disabled* (Outdated)
Does it no longer update?:idea:0 -
well i do get the bullguard bubble in the corner saying it has updated but i wonder if it is because when I originally got it it was a disc and then I downloaded the yearly renewal not long ago so maybe it is referring to the original one as I still get the opening page saying I should renew.0
-
well i do get the bullguard bubble in the corner saying it has updated but i wonder if it is because when I originally got it it was a disc and then I downloaded the yearly renewal not long ago so maybe it is referring to the original one as I still get the opening page saying I should renew.
If your sure its upto date then its reet
My personal recommendation is to replace it with something decent mind:idea:0 -
Maximum Memory Capacity: 3072MB
Currently Installed Memory: 512MB
Available Memory Slots: 2
Number of Banks: 3
Dual Channel Support: No
CPU Manufacturer: AuthenticAMD
CPU Family: AMD Athlon(tm) XP 1900+ Model 8, Stepping 1
CPU Speed: 1599 MHz
they are recommending a 1 Gig for 34.99 is this a good price do you think?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 354K Banking & Borrowing
- 254.3K Reduce Debt & Boost Income
- 455.3K Spending & Discounts
- 247.1K Work, Benefits & Business
- 603.7K Mortgages, Homes & Bills
- 178.3K Life & Family
- 261.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.7K Read-Only Boards