Help with HijackThis

You can try a windows repair ( f8 at boot up) and follow the prompts. if there is some corrupted files that should solve the problem. you can also run in DOS SCF /scannow . see link SFC Scannow - How to Use SFC Scannow to Repair Protected Windows Operating System Files
you may have to run the scan in safe mode if you cannot run it as an administrator when windows open normally.

Carolyn said:

Follow the directions in this tutorial to change UAC to "Never Notify"
User Account Control - UAC - Change Notification Settings

=====================

Backup the Registry with ERUNT

This is a free program that allows you to keep a complete backup of your registry and restore it when needed.
ERUNT utility program

Download:

1. Please download ERUNT...by Lars Hederer. Save it to your desktop.
2. Double-click erunt-setup-exe to run the install process. Install ERUNT by following the prompts.
   VISTA/Windows 7 users must right-click erunt-setup-exe, select "Run As Administrator" to run the install process. Install by following prompts.
3. Use the default install settings... say "NO" to the section that asks you to add ERUNT to the Start-Up folder. You can enable this later.
4. Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
   VISTA /Windows 7 users must right-click the desktop icon, select "Run As Administrator" or start it at the end of the setup process.
5. Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is fine.
6. Make sure the first two check boxes -> (Create ERUNT and NTREGOPT desktop icons) are checked.
7. Click on OK ... then click on "YES" to create the folder.

Run:

This will create a full backup of your registry... ERUNT can be used to restore the registry from this backup, if needed.

1. Please navigate to Start >> All Programs >> ERUNT, then double-click ERUNT from the menu.
   Vista users: Right-click on ERUNT in the menu, then select "Run As Administrator". If UAC prompts, please allow it.
2. Click on OK within the pop-up menu.
3. In the next menu under C:\WINDOWS\ERDNT\DD-MM-YYYY under Backup options make sure both the following are selected:
   
   • System registry.
   • Current user registry.
4. Next click on "OK"... at the prompt... reply "Yes".
   After a short duration the Registry backup is complete! pop-up message will appear.
5. Now click on "OK". A registry backup has now been created.

< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

=====================

Follow the directions in this tutorial to change UAC to the "Default" setting.
User Account Control - UAC - Change Notification Settings

=====================

aswMBR - Scan


Please download aswMBR.exe ... © Avast Software ( 511KB ). Save it to your desktop.

1. Double click the aswMBR.exe to run it
2. Click the "Scan" button to start the scan.
3. On completion of the scan, "Scan finished successfully" press the "Save log" button.
4. You'll be prompted to save a file named "aswMBR.txt"... Save it to your desktop.
5. Please copy and paste the contents of aswMBR.txt in your next reply.

Note: A file will be created and placed on your desktop when you execute aswMBR, named MBR.dat... this is a copy of your MBR record, before we make changes, it can be used to recover the MBR record to it's previous condition, if problems exist after changes.

Please post the contents of aswMBR.txt for my review.

I cannot access the UAC settings either. it just sits there, it does nothing when I click on it.

i'm not really 100% sure, but I think I have to do most of the work in safe mode. nothing is opening for me. I cannot access the cmd.exe, or any other .exe files... it keeps giving me "the remote procedure call failed" when trying to access them.

Everything is backed up. :)

I tried running the file in normal mode, but no go. it would not let me at all. (It gives me an error: The pipe has been ended.)

so my other option; I tried running in Safe Mode, it says;

18:23:56.755 OS Version: Windows 6.1.7600
18:23:56.755 Number of processors: 2 586 0x1c02
18:23:56.755 ComputerName: (Username)-PC UserName: (Username)
18:23:57.269 Initialze error C0000061 - driver not loaded

I was able to get the UAC settings changed, and it seems that a few more things are working now. (Himachi wasn't autoloading before I did this).

I'll try the other steps now, hopefully this works.

ok, i'm making progress!!

here is the log file you requested. :) but it said the .dat file is invalid format.

Not sure if this will be of any help at this point...

I uploaded your HijackThis log file to the HijackThis Log File Analyser which suggests there is a dodgy Hosts entry which should be fixed?

O1 - Hosts: 76.74.236.88 webmail.rapidcitytransport.com Must be fixed!

Unfortunately there is little precise information to go with it, though I though I'd bring it you your attentions just in case...