1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Trojan:Win32/sirefef.O and admirablesearchsystem.com

Discussion in 'Virus & Other Malware Removal' started by Rhi_Bax, Nov 8, 2011.

Thread Status:
Not open for further replies.
  1. Rhi_Bax

    Rhi_Bax Thread Starter

    Joined:
    Nov 18, 2010
    Messages:
    13
    Hi guys,

    This is the second time i've tried to post my problem on here. I think the virus is somehow deleting them :S

    I've attempted to run hijackthis, the first time it opened two windows and I was told the installation couldn't continue because there was already an installation running. I cancelled it and there was no other window open. The second time I managed to get it installed, the scan ran for 2 seconds before closing. I clicked on the icon again and it came up with "Windows cannot access the specified device, path or file. You may no have the appropriate permissions to access the item" I am the sole user of this computer, so I gave myself administrative privileges.

    No anti-virus software I have (malwarebytes, AVG 2012 or Superantispyware) will work. If it manages to open, as soon as I start a scan, it closes. Also, when I go to search something on a search engine, it attempts to re-direct me to a different site.

    I did, however, manage to download the DDS and the Attach files:

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by Rhi at 15:19:52 on 2011-11-07
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2048.1264 [GMT 0:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\106254957:2460855033.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\explorer.exe
    C:\Windows\SOUNDMAN.EXE
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\SpyNoMore\SNM.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Remote Mouse\RemoteMouse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\Remote Mouse\server\server.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\NLSSRV32.EXE
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\taskhost.exe
    C:\Users\Rhi\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2117678
    mStart Page = hxxp://search.myheritage.com
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: H - No File
    uWinlogon: Shell=c:\users\rhi\appdata\local\6d525506\X
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    {555d4d79-4bd2-4094-a395-cfc534424a05}
    uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [DriverScanner] "c:\program files\uniblue\driverscanner\launcher.exe" delay 20000
    uRun: [AdobeBridge]
    uRun: [Remote Mouse] c:\program files\remote mouse\RemoteMouse.exe
    uRun: [Google Update] "c:\users\rhi\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
    StartupFolder: c:\users\rhi\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: &Enviar a OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
    IE: E&xportar a Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
    LSP: mswsock.dll
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{3228D8AC-43C3-40A0-9E38-FD38EBE4ABBF} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9A2B1C56-EF6A-4461-A889-BB8143D0CEF3} : DhcpNameServer = 82.132.254.2 82.132.254.3
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\rhi\appdata\roaming\mozilla\firefox\profiles\eq7v1m0q.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - NCH Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&q=
    FF - component: c:\users\rhi\appdata\roaming\mozilla\firefox\profiles\eq7v1m0q.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\FFExternalAlert.dll
    FF - component: c:\users\rhi\appdata\roaming\mozilla\firefox\profiles\eq7v1m0q.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\RadioWMPCore.dll
    FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\rhi\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-8-21 53816]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R1 RapportCerberus_32029;RapportCerberus_32029;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\32029\RapportCerberus32_32029.sys [2011-10-18 227312]
    R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-8-21 66360]
    R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-8-21 158904]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-20 67904]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-8-21 870200]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    S2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-11 135664]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-21 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-11 135664]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-23 38224]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-9-8 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-29 1343400]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    .
    =============== Created Last 30 ================
    .
    2011-11-07 15:15:53 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8d36efc2-9474-440b-8c75-326b15894fce}\offreg.dll
    2011-11-07 15:15:35 388096 ----a-r- c:\users\rhi\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-11-07 15:15:35 -------- d-----w- c:\program files\Trend Micro
    2011-11-07 14:50:30 48016 --sha-w- c:\windows\system32\c_80325.nl_
    2011-11-07 14:43:51 -------- d-----w- c:\users\rhi\appdata\roaming\SUPERAntiSpyware.com
    2011-11-07 14:43:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2011-11-07 14:43:19 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-11-07 14:25:08 1152 ----a-w- c:\windows\system32\windrv.sys
    2011-11-07 14:24:59 -------- d-----w- c:\program files\SpyNoMore
    2011-11-07 13:49:13 6668624 ------w- c:\programdata\microsoft\windows defender\definition updates\{8d36efc2-9474-440b-8c75-326b15894fce}\mpengine.dll
    2011-11-04 13:08:45 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2011-11-04 13:04:11 -------- d-sh--w- c:\users\rhi\appdata\local\6d525506
    2011-10-28 11:14:58 -------- d-----w- c:\users\rhi\appdata\roaming\Helge Klein
    2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-16 14:17:44 -------- d-----w- c:\windows\rescache
    2011-10-15 16:41:52 -------- d-----w- c:\program files\iPod
    2011-10-15 16:41:50 -------- d-----w- c:\program files\iTunes
    2011-10-15 16:33:36 -------- d-----w- c:\windows\system32\SPReview
    2011-10-15 16:31:56 -------- d-----w- c:\windows\system32\EventProviders
    2011-10-15 16:28:46 -------- d-----w- c:\program files\Bonjour
    2011-10-14 16:13:13 -------- d-----w- c:\program files\Microsoft Analysis Services
    2011-10-14 15:28:51 -------- d-----w- c:\users\rhi\appdata\local\SoftGrid Client
    2011-10-14 15:28:48 -------- d-----w- c:\users\rhi\appdata\roaming\SoftGrid Client
    2011-10-14 15:26:27 -------- d-----w- c:\users\rhi\appdata\roaming\TP
    2011-10-13 16:24:17 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2011-10-13 16:24:16 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
    2011-10-13 16:24:16 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2011-10-13 16:24:16 204288 ----a-w- c:\windows\system32\MSNP.ax
    2011-10-13 16:24:15 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
    2011-10-13 16:24:12 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-10-13 16:24:12 233472 ----a-w- c:\windows\system32\oleacc.dll
    2011-10-13 16:24:07 2334720 ----a-w- c:\windows\system32\win32k.sys
    2011-10-12 17:57:27 -------- d-----w- c:\users\rhi\appdata\roaming\AVG2012
    2011-10-12 17:57:07 -------- d-----w- c:\programdata\AVG2012
    .
    ==================== Find3M ====================
    .
    2011-10-15 17:08:36 152576 ----a-w- c:\windows\system32\msclmd.dll
    2011-10-07 06:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-10-04 15:00:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-04 06:21:28 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
    2011-09-13 05:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-30 22:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
    2011-08-30 22:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
    2011-08-30 22:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
    2011-08-21 09:00:36 53816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
    .
    ============= FINISH: 15:21:18.77 ===============

    And please find the Attach file attached.

    The same thing happened with GMER as hijackthis. It just won't open.

    Any help would be greatly appreciated.

    Rhi
     

    Attached Files:

  2. Rhi_Bax

    Rhi_Bax Thread Starter

    Joined:
    Nov 18, 2010
    Messages:
    13
    Update: I had to do a clean install, seeing as I wasn't getting any responses, but maybe someone can help with my new issue.

    After the install, I wanted to change my theme on the desktop to AERO, it told me that it can't access the video card. I went into device manager, and under where my graphics card should be, it says "Standard VGA". I've tried updating the drivers for it, but it's no use as the computer can't even recognise it.

    My graphics card: Nvidia GeForce FX 5200.

    Someone please help?

    Thanks,
    Rhi
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025960

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice