Continue with the instructions below, once done give me an update on the computers performance.
We need to run an OTL Fix
- Double-click OTL.exe to start the program.
- Copy and Paste the following code into the textbox. Do not include the word Code
- Code: Select all
:processes killallprocesses :otl FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found [2011/09/11 11:29:43 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\RDIADMIN\LOCAL SETTINGS\APPLICATION DATA\{D69C9FCF-9CA3-487D-86A3-37CCBCC8CC78} O15 - HKU\S-1-5-21-4274134260-3623583512-2864591513-1005\..Trusted Domains: aecium.com ([cffc.peak] https in Trusted sites) O15 - HKU\S-1-5-21-4274134260-3623583512-2864591513-1005\..Trusted Domains: localhost ([]* in Local intranet) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17) O20 - Winlogon\Notify\dimsntfy32: DllName - (dimsntfy32.dll) - C:\WINDOWS\System32\dimsntfy32.dll () O20 - Winlogon\Notify\mdhcp32: DllName - (mdhcp32.dll) - C:\WINDOWS\System32\mdhcp32.dll () C:\Documents and Settings\rdiadmin\Local Settings\Application Data\ApplicationHistory [2011/09/17 10:35:55 | 000,479,232 | ---- | C] (WatanabeBudweiser Talmud Castro MalaysiaBurchDanbury Wilhelmina EdnaSocrates) -- C:\WINDOWS\System32\ihzp.exe [2011/09/14 20:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla! [2011/09/11 11:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\rdiadmin\Local Settings\Application Data\{D69C9FCF-9CA3-487D-86A3-37CCBCC8CC78} [2011/06/23 13:36:30 | 001,136,337 | -H-- | C] (Qjam evfg hlmfa p) -- C:\Documents and Settings\All Users\Application Data\asotocomfo.dat [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2011/10/01 16:11:33 | 076,004,920 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\ofmocotosa.dat [2011/10/01 16:01:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\837401196 [2011/09/26 19:03:25 | 000,296,374 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll [2011/09/21 20:51:09 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\{2521BB91-29B1-4d7e-9137-AC9875D77735} [2011/09/21 20:47:45 | 000,049,152 | ---- | M] () -- C:\WINDOWS\System32\sname [2011/09/21 20:46:53 | 000,013,248 | ---- | M] () -- C:\WINDOWS\System32\0.045629815589275036.exe [2011/09/21 20:34:45 | 000,000,077 | ---- | M] () -- C:\WINDOWS\System32\dimsntfy.ocx [2011/09/21 20:32:08 | 000,049,152 | ---- | M] () -- C:\WINDOWS\System32\mdhcp32.dll [2011/09/21 20:31:55 | 000,135,680 | ---- | M] () -- C:\WINDOWS\System32\dimsntfy32.dll [2011/09/21 20:31:29 | 000,013,248 | ---- | M] () -- C:\WINDOWS\System32\0.8686894774185765.exe [2011/09/17 10:36:00 | 000,479,232 | ---- | M] (WatanabeBudweiser Talmud Castro MalaysiaBurchDanbury Wilhelmina EdnaSocrates) -- C:\WINDOWS\System32\ihzp.exe [2011/09/14 18:18:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Plitevul.bin [2011/09/21 20:51:09 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\{2521BB91-29B1-4d7e-9137-AC9875D77735} [2011/09/21 20:49:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\837401196 [2011/09/21 20:47:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sname [2011/09/21 20:46:52 | 000,013,248 | ---- | C] () -- C:\WINDOWS\System32\0.045629815589275036.exe [2011/09/21 20:32:11 | 000,296,374 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll [2011/09/21 20:32:08 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mdhcp32.dll [2011/09/21 20:31:55 | 000,135,680 | ---- | C] () -- C:\WINDOWS\System32\dimsntfy32.dll [2011/09/21 20:31:29 | 000,013,248 | ---- | C] () -- C:\WINDOWS\System32\0.8686894774185765.exe [2011/09/11 11:29:44 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pvakucow.dat [2011/09/11 11:29:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Plitevul.bin @Alternate Data Stream - 816 bytes -> C:\WINDOWS\837401196:2470778574.exe @Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A24211BA @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95 @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 :files ipconfig /flushdns /c :commands [emptyflash] [emptytemp] [resethosts] [clearallrestorepoints] [REBOOT]
- Then click the Run Fix button at the top.
- Click .
- OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Next.
- First go to Start > Computer > C: and delete the TDSSKiller log that was created there.
- Next double click on TDSSKiller.exe to launch it.
- Click on Start Scan, the scan will run.
- When the scan has finished Ensure Cure ( the default) is selected... then click Continue > Reboot now.
- When finished re-booting, a log of the cleanup will be found at C:\TDSSKiller.2.4.0.0_DD.MM.YYYY_HH.MM.SS_log.txt.
- To find the log go to Start > Computer > C:
- Post the contents of that log in your next reply please.
Logs/Information to Post in your Next Reply
- OTL log.
- TDSSKiller log.
- Please give me an update on your computers performance.