We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

I think I have spyware

brodev
brodev Posts: 1,018 Forumite
in Techie Stuff
Sometimes when I do a search I get directed to a page https://www.youfindmore.com at other times to https://www.gostats.com, yet most of the time it works normally. Anybody got any ideas?
Something Really Interesting
«1

Comments

  • dogmaryxx
    dogmaryxx Posts: 2,446 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    Download MALWAREBYTES (Make sure you click 'DOWNLOAD LATEST VERSION')
    http://www.filehippo.com/download_ma..._anti_malware/
    Open malwarebytes and go to UPDATE and click 'check for updates'. After its updated go to SCANNER and click PERFORM FULL SCAN then click SCAN
    Post the COMPLETE log here AFTER you have deleted everything it finds
  • brodev
    brodev Posts: 1,018 Forumite
    Malwarebytes' Anti-Malware 1.44
    Database version: 3903
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18882

    23/03/2010 17:30:56
    mbam-log-2010-03-23 (17-30-56).txt

    Scan type: Full Scan (C:\|D:\|)
    Objects scanned: 212122
    Time elapsed: 53 minute(s), 34 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Windows\Tasks\Acrobat Update.job (Malware.Trace) -> Quarantined and deleted successfully.



    Many thanks. Log as requested
    Something Really Interesting
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Download HostsXpert
    http://download.softpedia.com/dl/a688cad746f64494e3ba8aee103f97e4/4b3ceb67/100027041/software/system/HostsXpert.zip
    and then follow the below steps.

    * Unzip HostsXpert.zip
    * It will create a folder named HostsXpert in whatever folder you extract it to.
    * Run HostsXpert.exe by double clicking on it.
    * click the Make Writeable? button.
    * click Restore Microsoft's Hosts File and then click OK.
    * Click the X to exit the program


    ....................................................................


    Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
    http://www.filehippo.com/download_hijackthis/
    Click MAIN MENU then DO A SYSTEM SCAN AND SAVE A LOGFILE(Takes seconds) then post the log so we can see whats running
    (do NOT do anything else with Hijack but scan and post the FULL log)
    :idea:
  • brodev
    brodev Posts: 1,018 Forumite
    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 16:33:56, on 24/03/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wuauclt.exe
    C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
    C:\Program Files\Java\jre6\bin\java.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing)
    O9 - Extra 'Tools' menuitem: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing)
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing) (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (Egg Money Manager Digital Safe) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    --
    End of file - 6195 bytes


    As requested
    Something Really Interesting
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    TICk and FIX these ~
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
    O9 - Extra button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing) (HKCU)

    Please run COMBOFIX
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Shut down your anti virus
    Follow the simple instructions it gives
    Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out

    If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
    :idea:
  • lisak79
    lisak79 Posts: 218 Forumite
    Part of the Furniture 100 Posts
    I had this problem and malwarebytes could not shift it so I tried hitman pro and it worked :) This was driving me crazy all day
  • enigma52
    enigma52 Posts: 642 Forumite
    lisak79 wrote: »
    I had this problem and malwarebytes could not shift it so I tried hitman pro and it worked :) This was driving me crazy all day
    how many times you gonna post same message?
  • lisak79
    lisak79 Posts: 218 Forumite
    Part of the Furniture 100 Posts
    If it will help people then as many times as I am allowed thanks!
  • brodev
    brodev Posts: 1,018 Forumite
    I don't know how to shut down my anti virus but the following is my log

    ComboFix 10-03-24.01 - DEVON 24/03/2010 20:28:02.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3062.1747 [GMT 0:00]
    Running from: c:\users\DEVON\Downloads\ComboFix.exe
    SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\OGACheckControl.dll

    .
    ((((((((((((((((((((((((( Files Created from 2010-02-24 to 2010-03-24 )))))))))))))))))))))))))))))))
    .

    2010-03-24 20:33 . 2010-03-24 20:33
    d
    w- c:\users\Default\AppData\Local\temp
    2010-03-23 23:52 . 2010-03-23 23:52 388096 ----a-r- c:\users\DEVON\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
    2010-03-23 23:52 . 2010-03-23 23:52
    d
    w- c:\program files\TrendMicro
    2010-03-23 13:17 . 2010-03-23 13:17
    d
    w- c:\users\DEVON\AppData\Roaming\Malwarebytes
    2010-03-23 13:17 . 2010-01-07 16:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-03-23 13:17 . 2010-03-23 13:17
    d
    w- c:\programdata\Malwarebytes
    2010-03-23 13:17 . 2010-03-23 13:17
    d
    w- c:\program files\Malwarebytes' Anti-Malware
    2010-03-23 13:17 . 2010-01-07 16:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-03-19 21:13 . 2010-03-19 21:14
    d
    w- c:\users\DEVON\AppData\Roaming\FaxCtr
    2010-03-18 17:37 . 2010-03-18 17:50
    d
    w- c:\program files\lx_cats
    2010-03-18 17:37 . 2006-02-02 08:26 12288 ----a-w- c:\windows\system32\LXPMONRC.DLL
    2010-03-18 17:37 . 2006-02-02 08:12 40960 ----a-w- c:\windows\system32\LXPRMON.DLL
    2010-03-18 17:37 . 2006-02-02 08:11 32768 ----a-w- c:\windows\system32\LXPMONUI.DLL
    2010-03-18 17:37 . 2005-12-23 14:18 98345 ----a-w- c:\windows\system32\IMHOST32.DLL
    2010-03-18 17:37 . 2005-12-23 14:18 339968 ----a-w- c:\windows\system32\IMGMAN32.DLL
    2010-03-18 17:37 . 2010-03-18 17:37
    d
    w- c:\programdata\FaxCtr
    2010-03-18 17:36 . 2010-03-18 17:37
    d
    w- c:\program files\Lexmark Fax Solutions
    2010-03-18 17:36 . 2010-03-18 17:36
    d
    w- c:\program files\Lexmark Toolbar
    2010-03-18 17:35 . 2010-03-18 17:36
    d
    w- c:\program files\Abbyy FineReader 6.0 Sprint
    2010-03-18 17:26 . 2010-03-18 17:36
    d
    w- c:\program files\Lexmark 3400 Series
    2010-03-18 17:26 . 2006-02-20 19:25 233472 ----a-w- c:\windows\system32\lxcyinst.dll
    2010-03-18 17:06 . 2006-01-12 14:20 114688 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxcypp5c.dll
    2010-03-18 17:04 . 2006-03-21 15:42 303104 ----a-w- c:\windows\system32\lxcycoin.dll
    2010-03-14 22:29 . 2010-03-14 22:30
    d
    w- c:\users\DEVON\AppData\Roaming\DivX
    2010-03-14 22:29 . 2010-03-14 22:29
    d
    w- c:\program files\DivX
    2010-03-14 22:29 . 2010-03-14 22:29
    d
    w- c:\program files\Common Files\DivX Shared
    2010-03-12 16:52 . 2010-03-12 16:52
    d
    w- c:\users\DEVON\AppData\Local\Google
    2010-03-12 16:52 . 2010-03-12 16:52 199168 --sha-r- c:\windows\system32\diskcomp0.dll
    2010-03-11 03:00 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2010-03-11 03:00 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
    2010-03-11 03:00 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2010-03-08 08:52 . 2010-03-08 08:52
    d
    w- c:\users\DEVON\AppData\Roaming\VoipCheapCom
    2010-03-05 15:20 . 2010-03-05 15:20
    d
    w- c:\users\DEVON\advfn
    2010-03-03 19:59 . 2010-03-03 19:59
    d
    w- c:\users\DEVON\AppData\Roaming\veetle_vlc
    2010-03-03 19:52 . 2010-03-03 19:52
    d
    w- c:\users\DEVON\AppData\Local\TVU Networks
    2010-03-03 19:52 . 2010-03-03 19:52
    d
    w- c:\programdata\TVU Networks
    2010-03-03 19:52 . 2010-03-03 19:52
    d
    w- c:\program files\TVUPlayer
    2010-03-03 18:53 . 2010-03-03 18:53
    d
    w- c:\program files\Veetle
    2010-03-01 23:06 . 2010-03-01 23:06 690952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-02-27 09:55 . 2010-02-27 09:55
    d
    w- c:\users\DEVON\AppData\Roaming\dvdcss
    2010-02-26 06:06 . 2010-02-26 06:06 2626360 ----a-w- c:\users\DEVON\AppData\Roaming\Mozilla\Firefox\Profiles\r12jc21o.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    2010-02-25 22:27 . 2010-02-27 11:07
    d
    w- c:\program files\JDownloader
    2010-02-25 20:39 . 2010-02-25 21:43
    d
    w- c:\programdata\WinZip
    2010-02-25 19:57 . 2010-02-26 14:27 6824784 ----a-w- c:\users\DEVON\AppData\Roaming\TomTom\HOME\Profiles\ein8ei5j.default\extensions\Navcore.7.903.9183@tomtom.com\7-903-9183-1.dll
    2010-02-25 15:25 . 2010-02-25 15:25 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2010-02-25 15:24 . 2010-02-25 15:24 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
    2010-02-25 15:01 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2010-02-25 14:52 . 2010-02-25 14:52
    d
    w- c:\users\DEVON\Office Genuine Advantage
    2010-02-25 14:52 . 2010-02-25 14:52
    d
    w- c:\programdata\Office Genuine Advantage
    2010-02-24 23:12 . 2010-02-24 23:12
    d
    w- c:\program files\VoipCheapCom.com
    2010-02-24 15:02 . 2010-02-24 15:02
    d
    w- c:\users\DEVON\Tracing
    2010-02-24 15:00 . 2006-11-29 13:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
    2010-02-24 14:59 . 2010-02-24 14:59
    d
    w- c:\program files\Windows Live SkyDrive
    2010-02-24 14:59 . 2010-02-24 14:59
    d
    w- c:\windows\PCHEALTH
    2010-02-24 14:46 . 2010-02-24 14:46
    d
    w- c:\program files\Common Files\Windows Live
    2010-02-24 14:45 . 2010-02-24 14:59
    d
    w- c:\program files\Microsoft
    2010-02-24 14:28 . 2010-02-24 14:29
    d
    w- C:\POOHPS
    2010-02-24 14:28 . 1996-01-09 01:34 246784 ----a-w- c:\windows\UNINST16.EXE
    2010-02-24 13:59 . 2010-02-24 13:59
    d
    w- c:\users\DEVON\AppData\Roaming\Orph!e D!veloppement
    2010-02-24 13:57 . 2010-02-24 13:57
    d
    w- c:\program files\Mindscape
    2010-02-24 13:46 . 2001-12-12 11:46 131072 ----a-w- c:\windows\system32\Epcmlib.dll
    2010-02-24 13:44 . 2006-11-02 09:46 32768 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\EP0NPP01.DLL
    2010-02-24 13:43 . 2010-02-24 13:46
    d
    w- c:\program files\EPSON
    2010-02-24 13:43 . 2002-09-30 02:33 73676 ----a-w- c:\windows\system32\EBPMON2.DLL
    2010-02-24 13:43 . 2002-07-31 02:25 61440 ----a-w- c:\windows\system32\ECBTEG.DLL
    2010-02-24 13:43 . 2001-09-04 02:04 182 ----a-w- c:\windows\system32\EBPPORT.DAT
    2010-02-22 20:53 . 2010-02-22 20:53
    d
    w- c:\program files\Microsoft ActiveSync

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-03-24 14:08 . 2010-02-17 15:24
    d
    w- c:\programdata\Google Updater
    2010-03-22 14:38 . 2010-02-18 08:50 117760 ----a-w- c:\users\DEVON\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2010-03-12 17:12 . 2010-02-18 01:35
    d
    w- c:\users\DEVON\AppData\Roaming\uTorrent
    2010-03-11 03:19 . 2006-11-02 11:18
    d
    w- c:\program files\Windows Mail
    2010-03-11 03:04 . 2010-02-17 15:43
    d
    w- c:\program files\Microsoft Security Essentials
    2010-03-08 20:45 . 2010-02-18 07:47
    d
    w- c:\users\DEVON\AppData\Roaming\vlc
    2010-03-04 15:35 . 2010-02-18 07:35
    d
    w- c:\program files\CCleaner
    2010-02-26 14:27 . 2010-02-19 23:44 4457808 ----a-w- c:\users\DEVON\AppData\Roaming\TomTom\HOME\Profiles\ein8ei5j.default\extensions\Navcore.8.302.9738@tomtom.com\8-302-9738-1.dll
    2010-02-24 15:01 . 2009-05-19 10:31
    d
    w- c:\program files\Windows Live
    2010-02-24 14:34 . 2010-02-18 01:10 54704 ----a-w- c:\users\DEVON\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-02-24 14:31 . 2010-02-18 01:36
    d
    w- c:\program files\uTorrent
    2010-02-24 13:59 . 2010-02-24 13:59
    d
    w- c:\users\DEVON\AppData\Roaming\Orph!e D!veloppement
    2010-02-24 13:46 . 2009-05-19 09:20
    d--h--w- c:\program files\InstallShield Installation Information
    2010-02-24 13:46 . 2009-05-19 09:20
    d
    w- c:\program files\Common Files\InstallShield
    2010-02-24 10:16 . 2010-02-17 15:46 181632
    w- c:\windows\system32\MpSigStub.exe
    2010-02-22 10:10 . 2010-02-22 10:10
    d
    w- c:\programdata\DVD Shrink
    2010-02-22 10:09 . 2010-02-22 10:09
    d
    w- c:\program files\DVD Shrink
    2010-02-22 10:07 . 2010-02-22 10:07
    d
    w- c:\program files\MagicISO
    2010-02-22 03:49 . 2010-02-22 03:49
    d
    w- c:\program files\Windows Portable Devices
    2010-02-22 03:49 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2010-02-22 03:49 . 2010-02-22 03:49 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2010-02-21 11:36 . 2010-02-21 11:36
    d
    w- c:\users\DEVON\AppData\Roaming\Media Player Classic
    2010-02-21 00:27 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Calendar
    2010-02-21 00:27 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Sidebar
    2010-02-21 00:27 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Journal
    2010-02-21 00:27 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Collaboration
    2010-02-21 00:27 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Photo Gallery
    2010-02-21 00:27 . 2006-11-02 12:37
    d
    w- c:\program files\Windows Defender
    2010-02-20 12:37 . 2010-02-20 12:37
    d
    w- c:\program files\Belarc
    2010-02-20 11:09 . 2010-02-20 09:44
    d
    w- c:\program files\dvdSanta
    2010-02-20 11:05 . 2010-02-17 15:24
    d
    w- c:\program files\Google
    2010-02-19 23:41 . 2010-02-19 23:41
    d
    w- c:\users\DEVON\AppData\Roaming\TomTom
    2010-02-19 23:41 . 2010-02-19 23:41
    d
    w- c:\program files\TomTom International B.V
    2010-02-19 23:41 . 2010-02-19 23:40
    d
    w- c:\program files\TomTom HOME 2
    2010-02-18 22:59 . 2010-02-18 08:48
    d
    w- c:\program files\SUPERAntiSpyware
    2010-02-18 08:50 . 2010-02-18 08:50 52224 ----a-w- c:\users\DEVON\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    2010-02-18 08:49 . 2010-02-18 08:49
    d
    w- c:\programdata\SUPERAntiSpyware.com
    2010-02-18 08:48 . 2010-02-18 08:48
    d
    w- c:\users\DEVON\AppData\Roaming\SUPERAntiSpyware.com
    2010-02-18 08:47 . 2010-02-18 08:47
    d
    w- c:\program files\Common Files\Wise Installation Wizard
    2010-02-18 08:30 . 2009-05-19 09:51
    d
    w- c:\program files\Microsoft Silverlight
    2010-02-18 07:46 . 2010-02-18 07:46
    d
    w- c:\program files\VideoLAN
    2010-02-18 07:44 . 2010-02-18 07:40
    d
    w- c:\program files\K-Lite Codec Pack
    2010-02-18 00:53 . 2010-02-18 00:53 21316 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-02-18 00:50 . 2010-02-17 23:41
    d
    w- c:\users\DEVON\AppData\Roaming\Nero
    2010-02-18 00:46 . 2009-05-19 10:31
    d
    w- c:\programdata\WLInstaller
    2010-02-18 00:46 . 2009-05-19 09:54
    d
    w- c:\programdata\Nero
    2010-02-18 00:46 . 2009-05-19 10:34
    d
    w- c:\program files\Windows Live Toolbar
    2010-02-18 00:46 . 2009-05-19 09:20
    d
    w- c:\program files\Realtek
    2010-02-18 00:46 . 2009-05-19 09:32
    d
    w- c:\program files\RALINK
    2010-02-18 00:46 . 2009-05-19 09:54
    d
    w- c:\program files\Nero
    2010-02-18 00:45 . 2009-05-19 10:38
    d
    w- c:\program files\Microsoft SQL Server Compact Edition
    2010-02-18 00:45 . 2009-05-19 09:29
    d
    w- c:\program files\Launch Manager
    2010-02-18 00:45 . 2010-02-17 23:18
    d
    w- c:\program files\Java
    2010-02-18 00:45 . 2009-05-19 09:09
    d
    w- c:\program files\Intel
    2010-02-18 00:45 . 2009-05-19 10:32
    dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
    2010-02-18 00:45 . 2009-05-19 09:54
    d
    w- c:\program files\Common Files\Nero
    2010-02-18 00:45 . 2010-02-17 23:20
    d
    w- c:\program files\Common Files\Adobe
    2010-02-18 00:45 . 2010-02-17 23:19
    d
    w- c:\program files\Common Files\Java
    2010-02-18 00:42 . 2010-02-18 00:42 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
    2010-02-18 00:42 . 2010-02-18 00:42
    d
    w- c:\program files\Synaptics
    2010-02-17 23:18 . 2009-05-19 09:50 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-02-02 18:00 . 2010-02-18 07:40 85504 ----a-w- c:\windows\system32\ff_vfw.dll
    2010-01-25 12:00 . 2010-02-24 08:52 471552 ----a-w- c:\windows\system32\secproc_isv.dll
    2010-01-25 12:00 . 2010-02-24 08:52 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2010-01-25 12:00 . 2010-02-24 08:52 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
    2010-01-25 12:00 . 2010-02-24 08:52 471552 ----a-w- c:\windows\system32\secproc.dll
    2010-01-25 11:58 . 2010-02-24 08:52 332288 ----a-w- c:\windows\system32\msdrm.dll
    2010-01-25 08:21 . 2010-02-24 08:52 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2010-01-25 08:21 . 2010-02-24 08:52 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2010-01-25 08:21 . 2010-02-24 08:52 518144 ----a-w- c:\windows\system32\RMActivate.exe
    2010-01-25 08:21 . 2010-02-24 08:52 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2010-01-23 09:26 . 2010-02-24 08:52 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-01-06 15:39 . 2010-02-24 08:52 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-01-06 15:38 . 2010-02-24 08:52 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-01-06 15:38 . 2010-02-24 08:52 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
    2010-01-06 15:38 . 2010-02-24 08:52 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
    2010-01-06 15:38 . 2010-02-24 08:52 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
    2010-01-06 15:38 . 2010-02-24 08:52 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
    2010-01-06 13:30 . 2010-02-24 08:52 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-01-02 06:38 . 2010-02-18 21:34 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-01-02 06:32 . 2010-02-18 21:34 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-01-02 06:32 . 2010-02-18 21:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-01-02 04:57 . 2010-02-18 21:34 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-03-11 18:05 . 2009-03-11 18:00 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    Something Really Interesting
  • brodev
    brodev Posts: 1,018 Forumite
    and

    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-02-18 2012912]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "VoipCheapCom"="c:\program files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" [2009-11-10 9275704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
    "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
    2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]
    2006-08-29 08:26 241664 ----a-w- c:\program files\Launch Manager\OSDCtrl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrVolOSD]
    2006-12-26 10:23 180224 ----a-w- c:\program files\Launch Manager\OSD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXCYCATS]
    2006-02-24 11:54 65536 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\lxcytime.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
    2008-02-18 16:29 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2009-03-05 10:06 150552 ----a-w- c:\windows\System32\igfxpers.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-01-11 15:21 246504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2008-05-08 18:37 1111336 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):93,31,48,60,8d,b2,ca,01

    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 135664]
    R3 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe [2006-02-20 495616]
    R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2009-03-04 113152]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-18 12872]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-02-18 66632]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]
    S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-01-19 517120]
    S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-18 12872]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder

    2010-03-24 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-17 15:24]

    2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 16:26]

    2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 16:26]

    2010-03-24 c:\windows\Tasks\User_Feed_Synchronization-{A53A3AEC-F7F1-4911-8F5A-8D682CC3A0F7}.job
    - c:\windows\system32\msfeedssync.exe [2010-02-18 04:56]
    .
    .
    Supplementary Scan
    .
    uStart Page = hxxp://www.google.co.uk/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
    IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
    IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4
    DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} - hxxps://moneymanager.egg.com/Pinsafe/accounttracking.cab
    FF - ProfilePath - c:\users\DEVON\AppData\Roaming\Mozilla\Firefox\Profiles\r12jc21o.default\
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Veetle\Player\npvlc.dll
    FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
    FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: c:\users\DEVON\AppData\Roaming\Mozilla\Firefox\Profiles\r12jc21o.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .
    - - - - ORPHANS REMOVED - - - -

    Notify-WgaLogon - (no file)



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-03-24 20:33
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2010-03-24 20:35:28
    ComboFix-quarantined-files.txt 2010-03-24 20:35

    Pre-Run: 204,600,111,104 bytes free
    Post-Run: 204,548,829,184 bytes free

    - - End Of File - - BF2F22A51528E14FD3A4DBCCD9C33D09
    Something Really Interesting
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.6K Banking & Borrowing
  • 254.2K Reduce Debt & Boost Income
  • 455.1K Spending & Discounts
  • 246.7K Work, Benefits & Business
  • 603.1K Mortgages, Homes & Bills
  • 178.1K Life & Family
  • 260.7K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture