elvissinatra
Members-
Posts
19 -
Joined
-
Last visited
Reputation
0 Neutral-
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
Thank you very much for all your help! -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
Okay, I installed avast and things still seem pretty snappy. Better than before for sure. Thanks for all your help! -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
ESET found 1 thing: C:\tools\SDFix.exe Win32/PrcView application deleted - quarantined I'm going to install avast now. -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
Update: Done with Windows updates, java update. Going to run ESET now... -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5554 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 1/19/2011 2:13:28 PM mbam-log-2011-01-19 (14-13-28).txt Scan type: Full scan (C:\|) Objects scanned: 192739 Time elapsed: 50 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
Seems faster for sure, but I had to uninstall my antivirus (AVG) to run ComboFix (what does that app actually do?). Can you recommend a good lightweight antivirus app? All I need this machine to be able to do is web browsing and music streaming. I'll post the malwarebytes log when it's done. Thanks for your help. -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
480MB of RAM on a 1.30 GHz Celeron processor, but I'm just running XP Home (SP2). And it used to be snappy. ComboFix 11-01-18.04 - Jake Brown 01/19/2011 12:48:34.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.478.246 [GMT -5:00] Running from: c:\documents and settings\Jake Brown\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\OCA_LOG.TXT . ((((((((((((((((((((((((( Files Created from 2010-12-19 to 2011-01-19 ))))))))))))))))))))))))))))))) . No new files created in this timespan . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-20 23:09 . 2009-07-02 04:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-20 23:08 . 2009-07-02 04:15 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 1998-12-09 02:53 . 1998-12-09 02:53 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL 1998-12-09 02:53 . 1998-12-09 02:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL 1998-12-09 02:53 . 1998-12-09 02:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL 1998-12-09 02:53 . 1998-12-09 02:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL 1998-12-09 02:53 . 1998-12-09 02:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL 1998-12-09 02:53 . 1998-12-09 02:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset] 2005-02-17 20:01 233534 ----a-w- c:\program files\HPQ\Default Settings\Cpqset.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-04-14 11:59 136176 ----atw- c:\documents and settings\Jake Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2003-10-30 08:33 118784 ----a-w- c:\windows\system32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] 2005-01-12 20:54 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2003-10-30 08:46 155648 ----a-w- c:\windows\system32\igfxtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2004-05-26 17:15 536576 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr] 2004-05-26 17:15 98304 ----a-w- c:\program files\Synaptics\SynTP\SynTPLpr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avg8wd"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mshta.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:UDP"= 5353:UDP:Bonjour S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\DRIVERS\rcvpn.sys --> c:\windows\system32\DRIVERS\rcvpn.sys [?] S3 wltwo48b;2Wire Wireless PC Card Driver;c:\windows\system32\drivers\wltwo48b.sys [2/17/2005 10:48 AM 156160] --- Other Services/Drivers In Memory --- *Deregistered* - IPVNMon . Contents of the 'Scheduled Tasks' folder 2011-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2901085139-3038850390-2272105829-1007Core.job - c:\documents and settings\Jake Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-28 11:59] 2011-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2901085139-3038850390-2272105829-1007UA.job - c:\documents and settings\Jake Brown\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-28 11:59] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://yahoo.sbc.com/dsl mSearch Bar = hxxp://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com Trusted Zone: ucanchicago.org\citrix FF - ProfilePath - c:\documents and settings\Jake Brown\Application Data\Mozilla\Firefox\Profiles\72mnvr9v.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} . - - - - ORPHANS REMOVED - - - - Notify-WgaLogon - (no file) MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe MSConfigStartUp-DXDllRegExe - dxdllreg.exe MSConfigStartUp-eabconfg - c:\program files\HPQ\Quick Launch Buttons\EabServr.exe MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe MSConfigStartUp-SSC_UserPrompt - c:\program files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe MSConfigStartUp-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe MSConfigStartUp-UpdateManager - c:\program files\Common Files\Sonic\Update Manager\sgtray.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-01-19 12:53 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2011-01-19 12:56:13 ComboFix-quarantined-files.txt 2011-01-19 17:55 Pre-Run: 26,197,188,608 bytes free Post-Run: 26,528,002,048 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - 3AFA7DF3F13EFD3F05C40E5127D6126F -
My laptop is half-dead
elvissinatra replied to elvissinatra's topic in Resolved Malware Removal Logs
The general problem is that my laptop is just sloooooooooooooow. It takes minutes to open a file. Or to open a browser. It's just insanely slow. I've uninstalled everything I can think of to try to streamline the machine, but it's still so incredibly slow that I'm assuming there is something seriously infected behind the scenes. RkU Version: 3.8.388.590, Type LE (SR2) ============================================== OS Name: Windows XP Version 5.1.2600 (Service Pack 2) Number of processors #1 ============================================== >Drivers ============================================== 0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2181376 bytes (Microsoft Corporation, NT Kernel & System) 0x804D7000 PnpManager 2181376 bytes 0x804D7000 RAW 2181376 bytes 0x804D7000 WMIxWDM 2181376 bytes 0xBF800000 Win32k 1851392 bytes 0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver) 0xF7335000 C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 1044480 bytes (Conexant Systems, Inc., HSF_DP driver) 0xF728E000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 684032 bytes (Conexant Systems, Inc., HSF_CNXT driver) 0xF76F6000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver) 0xBF073000 C:\WINDOWS\System32\ialmdd5.DLL 507904 bytes (Intel Corporation, DirectDraw® Driver for Intel® Graphics Technology) 0xEEEDE000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 454656 bytes (Microsoft Corporation, Windows NT SMB Minirdr) 0xF7565000 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 425984 bytes (Broadcom Corporation, Broadcom 802.11 Network Adapter wireless driver) 0xF716D000 C:\WINDOWS\system32\DRIVERS\update.sys 364544 bytes (Microsoft Corporation, Update Driver) 0xEF003000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 360448 bytes (Microsoft Corporation, TCP/IP Protocol Driver) 0xEEE6C000 C:\WINDOWS\System32\Drivers\avgldx86.sys 331776 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver) 0xF7489000 C:\WINDOWS\system32\drivers\camcaud.sys 294912 bytes (Conexant Systems Inc., Conexant WDM AC97 Audio Driver) 0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver) 0xF74D1000 C:\WINDOWS\system32\drivers\camchal.sys 278528 bytes (Conexant Systems Inc., Conexant AmcHal Driver) 0xF7434000 C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 200704 bytes (Conexant Systems, Inc., HSFHWICH WDM driver) 0xBF042000 C:\WINDOWS\System32\ialmdev5.DLL 200704 bytes (Intel Corporation, Component GHAL Driver) 0xF7820000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT) 0xF76C9000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver) 0xF7538000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 184320 bytes (Synaptics, Inc., Synaptics Touchpad Driver) 0xEEAE0000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 180224 bytes (Microsoft Corporation, Windows NT WebDav Minirdr) 0xEEF75000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver) 0xEEFC2000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver) 0xF7465000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices)) 0xF7515000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library) 0xF75DE000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 143360 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver) 0xEEFA0000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock) 0xBF020000 C:\WINDOWS\System32\ialmdnt5.dll 139264 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver) 0xEEEBD000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 135168 bytes (Microsoft Corporation, IP Network Address Translator) 0xF779A000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager) 0xF77D2000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver) 0xEF08E000 C:\WINDOWS\system32\drivers\ialmsbw.sys 122880 bytes (Intel Corporation, Intel Graphics Platform (SoftBIOS) Driver for Windows 2000® & Windows XP) 0xF77F1000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver) 0xF76AE000 Mup.sys 110592 bytes (Microsoft Corporation, Multiple UNC Provider driver) 0xEEFEA000 C:\WINDOWS\System32\Drivers\avgtdix.sys 102400 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher) 0xEF0AC000 C:\WINDOWS\system32\drivers\ialmkchw.sys 102400 bytes (Intel Corporation, Intel Graphics Chipset (KCH) Driver for Windows 2000® & Windows XP) 0xF77BA000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver) 0xEEE54000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes 0xF7696000 IPVNMon.sys 98304 bytes (Visual Networks, IPVNMon) 0xF7615000 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 94208 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver) 0xF7783000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface) 0xF7277000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption)) 0xEE963000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper) 0xF7601000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver) 0x806EC000 ACPI_HAL 81280 bytes 0x806EC000 C:\WINDOWS\system32\hal.dll 81280 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL) 0xEF05B000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver) 0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver) 0xF780F000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator) 0xF7266000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler) 0xF75CD000 C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys 69632 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver ) 0xF7A1F000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver) 0xF78BF000 serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver) 0xF793F000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter) 0xF78CF000 ohci1394.sys 61440 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver) 0xF792F000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver) 0xEEBB4000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter) 0xF79BF000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB) 0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 57344 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver) 0xF78DF000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 53248 bytes (Microsoft Corporation, 1394 Bus Device Driver) 0xF791F000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 53248 bytes (Microsoft Corporation, SCSI CD-ROM Driver) 0xF78AF000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll) 0xF7ACF000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver) 0xF794F000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver) 0xF788F000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver) 0xF796F000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol) 0xF78EF000 agp440.sys 45056 bytes (Microsoft Corporation, 440 NT AGP Filter) 0xF7ADF000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver) 0xF787F000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager) 0xF795F000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver) 0xF790F000 C:\WINDOWS\System32\Drivers\AFS2K.SYS 40960 bytes (Oak Technology Inc., Audio File System) 0xF799F000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy) 0xF798F000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver) 0xF789F000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver) 0xF79DF000 C:\WINDOWS\System32\Drivers\Fips.SYS 36864 bytes (Microsoft Corporation, FIPS Crypto Driver) 0xF7ABF000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver) 0xF786F000 isapnp.sys 36864 bytes (Microsoft Corporation, PNP ISA Bus Driver) 0xF797F000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier) 0xF79CF000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver) 0xEE6CD000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver) 0xF79EF000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver) 0xF7BB7000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver) 0xF7BEF000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver) 0xF7AEF000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension) 0xF7B9F000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 28672 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver) 0xF7BF7000 C:\WINDOWS\System32\Drivers\avgmfx86.sys 24576 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver) 0xF7BA7000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver) 0xF7BAF000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver) 0xF7BDF000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver) 0xF7BE7000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver) 0xF7AF7000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager) 0xF7BC7000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library) 0xF7AFF000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP) 0xF7BCF000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver) 0xF7BBF000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper) 0xF7B97000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20480 bytes (Microsoft Corporation, UHCI USB Miniport Driver) 0xF7BFF000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver) 0xF7C87000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver) 0xF7D23000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver) 0xF7D43000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver) 0xEED48000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver) 0xF7C8B000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver) 0xF7C7F000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver) 0xF7C83000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver) 0xF7D07000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver) 0xF7D27000 C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys 12288 bytes (GEAR Software Inc., CD DVD Filter) 0xEEBD4000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12288 bytes (Conexant, Diagnostic Interface DRIVER) 0xF7D33000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver) 0xF7D63000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver) 0xF7D2F000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI) 0xF7D77000 aliide.sys 8192 bytes (Acer Laboratories Inc., ALi mini IDE Driver) 0xF7DA1000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver) 0xF7DA9000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes 0xF7DA7000 C:\WINDOWS\system32\drivers\EABFiltr.sys 8192 bytes (Hewlett-Packard Company, QLB PS/2 Keyboard filter driver) 0xF7D9F000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver) 0xF7D73000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver) 0xF7D6F000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL) 0xF7DA3000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator) 0xF7DA5000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport) 0xF7D8F000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator) 0xF7D8D000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver) 0xF7D75000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver) 0xF7D71000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll) 0xF7E7C000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver) 0xF7E63000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk) 0xF7F1A000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver) 0xF7E38000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver) 0xF7E37000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver) ============================================== >Stealth ============================================== Nothing detected -
DDS (Ver_10-12-12.02) - NTFSx86 Run by Jake Brown at 20:36:58.70 on Tue 01/18/2011 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.478.96 [GMT -5:00] AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\TurboTax\Deluxe 2009\32bit\TurboTax.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Jake Brown\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Page_URL = hxxp://yahoo.sbc.com/dsl mDefault_Search_URL = hxxp://www.google.com/ie mSearch Page = hxxp://rd.yahoo.com/customize/sbcydsl/defaults/sp/*http://www.yahoo.com mStart Page = hxxp://yahoo.sbc.com/dsl mSearch Bar = hxxp://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - uRun: [Google Update] "c:\documents and settings\jake brown\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com Trusted Zone: ucanchicago.org\citrix DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqnbk/downloads/sysinfo.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - hxxp://download.yahoo.com/dl/installs/ymail/ymmapi.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxsrvc.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\jakebr~1\applic~1\mozilla\firefox\profiles\72mnvr9v.default\ FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava11.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava12.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava13.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava14.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava32.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJPI142_03.dll FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPOJI610.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg8\Firefox ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-12 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2006-11-18 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-12 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-12 297752] S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\drivers\rcvpn.sys --> c:\windows\system32\drivers\rcvpn.sys [?] S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?] S3 wltwo48b;2Wire Wireless PC Card Driver;c:\windows\system32\drivers\wltwo48b.sys [2005-2-17 156160] =============== Created Last 30 ================ ==================== Find3M ==================== 1998-12-09 02:53:54 99840 ----a-w- c:\program files\common files\IRAABOUT.DLL 1998-12-09 02:53:54 70144 ----a-w- c:\program files\common files\IRAMDMTR.DLL 1998-12-09 02:53:54 48640 ----a-w- c:\program files\common files\IRALPTTR.DLL 1998-12-09 02:53:54 31744 ----a-w- c:\program files\common files\IRAWEBTR.DLL 1998-12-09 02:53:54 186368 ----a-w- c:\program files\common files\IRAREG.DLL 1998-12-09 02:53:54 17920 ----a-w- c:\program files\common files\IRASRIAL.DLL ============= FINISH: 20:38:12.56 =============== ark.zip
-
Thank you so much for all your help!
-
Figured it out. Had to switch from classic view and then follow these steps: http://support.microsoft.com/kb/957700#stepsforvista OK, I uninstalled and reinstalled, and now I'm no longer getting the default search provider error. Thanks!
-
-
How do you uninstall IE8 in Vista?
-
Yes, I still have the issue with the default search provider.
-
-------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Saturday, September 18, 2010 Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Friday, September 17, 2010 19:43:35 Records in database: 4217979 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: C:\ D:\ E:\ G:\ H:\ I:\ K:\ M:\ Scan statistics: Objects scanned: 320955 Threats found: 1 Infected objects found: 1 Suspicious objects found: 0 Scan duration: 05:04:18 File name / Threat / Threats count C:\Qoobox\Quarantine\C\Windows\system32\Drivers\volsnap.sys.vir Infected: Virus.Win32.TDSS.b 1 Selected area has been scanned.