snapper23 Posted April 4, 2011 Posted April 4, 2011 :mad:Help please pc was not working normally after a littlte investigating I ran combofix.exe and this deleted c:\windows\system32\_000003_.tmp.dll c:\windows\Zqixya.exe I also found a zfx.exe and zfr.exe which I deleted found running in taskmanager then I ran hijack this and the following line was present F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,,C:\Program files\nuafydlf\vbrrjduv.exe I tried to delete it with hijack this BUT reappears when i scan again I tried to delete the nuafydlf directory But I was not allowed to do this yet the folder appears empty I then went onto the internet and tried trend housecall free scan service - BUT - it was not allowed to load, kept saying you may net be connected to the internet anyone out there that can offer help regards Quote
RandyL Posted April 4, 2011 Posted April 4, 2011 An expert should be along to help you soon. Be patient please. This thread may get moved to the Security section. Just wanted to let you know. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Starbuck Posted April 6, 2011 Posted April 6, 2011 Hi snapper23 Step 1 Combofix is a program that shouldn't be run just for the sake of it. There are correct procedures to follow. As you have already run Combofix, Please include the C:\ComboFix.txt in your next reply. Step 2 Download OTL to your desktop. right click on the link and select 'Save Link/Target As'. if you have problems, try this download link: OTL Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. . http://img.photobucket.com/albums/v708/starbuck50/new/Otllatest.png Now copy the lines in bold below. netsvcs msconfig %SYSTEMDRIVE%\*.* %systemroot%\system32\Spool\prtprocs\w32x86\*.dll %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %systemroot%\System32\config\*.sav %PROGRAMFILES%\* HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU CREATERESTOREPOINT right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png . Click the Run Scan button. http://img.photobucket.com/albums/v708/starbuck50/runscan.png Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply. Once i have these reports, i'll move this thread if needed. Thanks Quote Member of:UNITE
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.