Hi Julie,
Lets try System File Checker to see if the infection corrupted any of Window's system files.
Allow the scan to complete, it may take a while.
- Click on the Start button and select Run.
- Type cmd and press OK.
- At the command prompt type the following command and press Enter.
Code:sfc /scannow]
Reboot the PC and let me know if there is any change in its performance.
diver79.
Proud Graduate of the MalWare Removal University
When I started the scan it came up with a window labeled "Windows File Protection".....this is what it said in the window......
Files that are required for Windows to run properly must be copied to the DLL Cache. Insert your Windows XP Professional Service Pack 3 CD now.
The problem is, I don't have that CD. Any suggestions?
jimjul9804
Hi Julie,
I had hoped it wouldnt do that.
I will ask my colleagues what the best course of action is now.
I'll get back to you as soon as I can.
diver79
Proud Graduate of the MalWare Removal University
Hi Julie,
I think Malwarebyte's real-time protection was interfering with the OTL fix. I'd like to run the fix again with real-time protection disabled.
Once the fix has completed we will run some Hard drive maintenance to look for errors on the hard disk (These checks may take some time to complete).
Disable MBAM Real-Time protection
- Right-click on the MBAM icon in the System Tray and uncheck Enable Protection.
- When asked, "Are you sure you want to disable the MBAM Protection Module?", click Yes.
- Right-click on the MBAM icon again and then uncheck Start with Windows.
- Restart your computer for the changes to take effect.
Run OTL Script
- Double-click OTL.exe to start the program.
- Copy and Paste the following code into the
textbox. Do not include the word Code
Code::otl FF - prefs.js..extensions.enabledItems: {495efdc3-a12c-48db-9377-c368f4cb4257}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.367 [2012/02/18 12:18:51 | 000,000,000 | ---D | M] (The Enforcers Community Toolbar) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\quflwt9q.default\extensions\{495efdc3-a12c-48db-9377-c368f4cb4257} [2012/02/06 22:38:36 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\quflwt9q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2010/03/16 14:39:16 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\quflwt9q.default\searchplugins\conduit.xml O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.) :files C:\Documents and Settings\LocalService\Local Settings\Application Data\Conduit C:\Documents and Settings\LocalService\Local Settings\Application Data\Zynga :commands [EMPTYTEMP] [CREATERESTOREPOINT]- Then click the Run Fix button at the top.
- Click
.
- OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Hard-Drive Maintenance/Repair:
- Click Start >> Run... then type in CMD and click on OK.
- At the Command Prompt C:\ > type the following and hit the Enter/Return key;
Code:CD C:\- Now type the following and hit the Return key;
Code:DEFRAG C: -F- An Analysis report will be displayed and then Windows will start the Defragmention run automatically.
- This may take some time, when completed the Command Prommpt C:\ > will appear.
- Now type in the following and hit the Enter/Return key.
Code:CHKDSK C: /R- When prompted with:
CHKDSK cannot run because the volume is in use by another process
Would you like to schedule this volume to be checked next time the system
restarts (Y/N)
- Hit the Y key
- At the Command Prompt C:\ > Type in EXIT and and hit the Enter/Return key.
- Now Reboot(Restart) your computer.
Note: Upon Reboot(Restart) the CHKDSK(check-disk) will start and carry out the repairs required.
You should see a screen like this just after the Post(power on self test) screen:
Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be canceled and you computer will continue to boot-up as normal.
Proud Graduate of the MalWare Removal University
Hi Julie,
Do you still require assistance?
diver79
Proud Graduate of the MalWare Removal University
Due to inactivity, this thread will now be closed.
Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.
Member of UNITE and ASAP
Posting Permissions
