1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Trojan:Win32/sirefef.O and admirablesearchsystem.com

Discussion in 'Virus & Other Malware Removal' started by Rhi_Bax, Nov 7, 2011.

Thread Status:
Not open for further replies.
  1. Rhi_Bax

    Rhi_Bax Thread Starter

    Joined:
    Nov 18, 2010
    Messages:
    13
    Hi guys,

    I'm trying to sort out this virus that affected my computer really badly. I got a warning flag from windows defender saying that my firewall isn't enabled etc and it hadn't run a scan in a while. So I ran a scan, and it found the Trojan listed in the subject title. I tried to run malwarebytes, avg and superantispyware, they don't even open. They opened just after I installed them, but then I did a scan and it just exited. I clicked on them again and it came up with this message 'windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item' I am the only user of the computer, so I gave myself administrative privileges.

    It also re-directs my searches to different websites, meaning it's very difficult for me to search for antivirus software. I went through the instructions to do before posting and this is what happened:

    - I managed to successfully download hijackthis, but when I went to install, it said another file was installing, so I had to cancel. There was nothing else installing, it had opened two windows. I then attempted it again and it installed ok. I went to scan, and it was open for about 2 seconds before closing itself, I went to open it again and the windows message opened again. So I don't have a log.

    - DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by Rhi at 15:19:52 on 2011-11-07
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2048.1264 [GMT 0:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\106254957:2460855033.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\explorer.exe
    C:\Windows\SOUNDMAN.EXE
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\SpyNoMore\SNM.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Remote Mouse\RemoteMouse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\Remote Mouse\server\server.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\NLSSRV32.EXE
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\taskhost.exe
    C:\Users\Rhi\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2117678
    mStart Page = hxxp://search.myheritage.com
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: H - No File
    uWinlogon: Shell=c:\users\rhi\appdata\local\6d525506\X
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    {555d4d79-4bd2-4094-a395-cfc534424a05}
    uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [DriverScanner] "c:\program files\uniblue\driverscanner\launcher.exe" delay 20000
    uRun: [AdobeBridge]
    uRun: [Remote Mouse] c:\program files\remote mouse\RemoteMouse.exe
    uRun: [Google Update] "c:\users\rhi\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
    StartupFolder: c:\users\rhi\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: &Enviar a OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
    IE: E&xportar a Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
    LSP: mswsock.dll
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{3228D8AC-43C3-40A0-9E38-FD38EBE4ABBF} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9A2B1C56-EF6A-4461-A889-BB8143D0CEF3} : DhcpNameServer = 82.132.254.2 82.132.254.3
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\rhi\appdata\roaming\mozilla\firefox\profiles\eq7v1m0q.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - NCH Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&q=
    FF - component: c:\users\rhi\appdata\roaming\mozilla\firefox\profiles\eq7v1m0q.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\FFExternalAlert.dll
    FF - component: c:\users\rhi\appdata\roaming\mozilla\firefox\profiles\eq7v1m0q.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\RadioWMPCore.dll
    FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\rhi\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-8-21 53816]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R1 RapportCerberus_32029;RapportCerberus_32029;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\32029\RapportCerberus32_32029.sys [2011-10-18 227312]
    R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-8-21 66360]
    R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-8-21 158904]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-20 67904]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-8-21 870200]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    S2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-11 135664]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-11 135664]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-23 38224]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-9-8 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-29 1343400]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    .
    =============== Created Last 30 ================
    .
    2011-11-07 15:15:53 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8d36efc2-9474-440b-8c75-326b15894fce}\offreg.dll
    2011-11-07 15:15:35 388096 ----a-r- c:\users\rhi\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-11-07 15:15:35 -------- d-----w- c:\program files\Trend Micro
    2011-11-07 14:50:30 48016 --sha-w- c:\windows\system32\c_80325.nl_
    2011-11-07 14:43:51 -------- d-----w- c:\users\rhi\appdata\roaming\SUPERAntiSpyware.com
    2011-11-07 14:43:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2011-11-07 14:43:19 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-11-07 14:25:08 1152 ----a-w- c:\windows\system32\windrv.sys
    2011-11-07 14:24:59 -------- d-----w- c:\program files\SpyNoMore
    2011-11-07 13:49:13 6668624 ------w- c:\programdata\microsoft\windows defender\definition updates\{8d36efc2-9474-440b-8c75-326b15894fce}\mpengine.dll
    2011-11-04 13:08:45 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2011-11-04 13:04:11 -------- d-sh--w- c:\users\rhi\appdata\local\6d525506
    2011-10-28 11:14:58 -------- d-----w- c:\users\rhi\appdata\roaming\Helge Klein
    2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-16 14:17:44 -------- d-----w- c:\windows\rescache
    2011-10-15 16:41:52 -------- d-----w- c:\program files\iPod
    2011-10-15 16:41:50 -------- d-----w- c:\program files\iTunes
    2011-10-15 16:33:36 -------- d-----w- c:\windows\system32\SPReview
    2011-10-15 16:31:56 -------- d-----w- c:\windows\system32\EventProviders
    2011-10-15 16:28:46 -------- d-----w- c:\program files\Bonjour
    2011-10-14 16:13:13 -------- d-----w- c:\program files\Microsoft Analysis Services
    2011-10-14 15:28:51 -------- d-----w- c:\users\rhi\appdata\local\SoftGrid Client
    2011-10-14 15:28:48 -------- d-----w- c:\users\rhi\appdata\roaming\SoftGrid Client
    2011-10-14 15:26:27 -------- d-----w- c:\users\rhi\appdata\roaming\TP
    2011-10-13 16:24:17 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2011-10-13 16:24:16 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
    2011-10-13 16:24:16 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-10-13 16:24:16 204288 ----a-w- c:\windows\system32\MSNP.ax
    2011-10-13 16:24:15 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
    2011-10-13 16:24:12 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-13 16:24:12 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-13 16:24:07 2334720 ----a-w- c:\windows\system32\win32k.sys
    2011-10-12 17:57:27 -------- d-----w- c:\users\rhi\appdata\roaming\AVG2012
    2011-10-12 17:57:07 -------- d-----w- c:\programdata\AVG2012
    .
    ==================== Find3M ====================
    .
    2011-10-15 17:08:36 152576 ----a-w- c:\windows\system32\msclmd.dll
    2011-10-07 06:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-10-04 15:00:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-04 06:21:28 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
    2011-09-13 05:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-30 22:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
    2011-08-30 22:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
    2011-08-30 22:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
    2011-08-21 09:00:36 53816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
    .
    ============= FINISH: 15:21:18.77 ===============

    - Please find attached the Attach file.

    - The same thing happened with the GMER, it just wouldn't open.

    Any help is greatly appreciated, it's driving me insane so I will be checking my replies every hour!

    Thank you in advance,

    Rhiannon
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025838

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice