Thanks....those need to go. I'd like to collect them also. Sorry to make you go through an extra step.
Open
notepad and copy/paste the text in the quotebox below into it:
Quote:
http://www.techsupportforum.com/security-center/hijackthis-log-help/210918-search-daily-hijack.html
File::
C:\WINDOWS\SYSTEM32\dhesaybh.dat
C:\WINDOWS\SYSTEM32\duaepeqa.dat
C:\WINDOWS\SYSTEM32\mwtmqymy.dat
C:\WINDOWS\SYSTEM32\lvuqxizx.dat
C:\WINDOWS\SYSTEM32\ygszobyi.dat
Folder::
C:\WINDOWS\SYSTEM32\AppCert
Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"=hex(7):73,63,65,63,6c,69,00,00
Collect::
C:\WINDOWS\SYSTEM32\AppCert\filter.drv
C:\WINDOWS\SYSTEM32\AppCert\hb13a.dll
C:\WINDOWS\SYSTEM32\AppCert\options.dat
C:\WINDOWS\SYSTEM32\AppCert\prx97w.dll
C:\WINDOWS\SYSTEM32\AppCert\wsil32.dll
|
Save this as
CFScript.txt
Refering to the picture above, drag CFScript.txt into ComboFix.exe
When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis.
Ensure you are connected to the internet and click OK. A browser will open. Simply follow the instructions to copy/paste/send the requested file.
---------------------------------------------------------------------------------------------
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006