Hello again
Go to start> click on my computer> Local Disk(C)> locate Combofix folder and double-click on it> does combofix.txt(there maybe more than one, for example C:\Combofix1.txt) exist. If so, post them in your reply.
Do not run Combofix at this time
======
Please
download OTMoveIt3 by OldTimer.
Save it to your
desktop.
Double-click on OTMoveIt3.exe
Using notepad copy the lines in the codebox below:
Quote:
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a82b002d-b784-4ccf-8b86-8d910baa2fe5}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vikideyozo"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Lsass Service"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\c00ADF46]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sys32]
:Files
C:\WINDOWS\system32\goyevayo.dll
C:\WINDOWS\system32\vumefesa.dll
C:\WINDOWS\SYSTEM32\c00ADF46.mat
C:\WINDOWS\system32\fagometo.dll
C:\WINDOWS\tasks\favwayzi.job
C:\Documents and Settings\Helen Fraser\Application Data\NI.GSCNS
C:\WINDOWS\system32\rqRKARiG.dll
C:\WINDOWS\system32\urqPghiG.dll
C:\WINDOWS\system32\sX3i19
:commands
[emptytemp]
|
Return to OTMoveIt3, right click in the
"Paste Instructions for Items to be Moved" window (under the yellow bar) and choose
Paste.
Click the red
Moveit! button.
Copy everything in the Results window (under the green bar), and paste it in your next reply.
Close OTMoveIt3
===========
Run RSIT again. and post the log.txt in your reply along with the log from OTMoveIt3