Open up your Notepad editor (Start->Run, type in
notepad and click OK). Copy the text from the quotebox below into Notepad:
Quote:
DirLook::
C:\Documents and Settings\od819\Application Data\TmpRecentIcons
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{098C3707-9E80-4232-8C0A-3E8424B33159}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47B2E119-1A7B-435B-95F9-2BBF7DB057DB}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4C9C9447-3658-44C9-8490-D96B0AB57C88}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"5d775487"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SysCD"=-
"AlrtWin"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtUmKcAS]
|
Save this as
CFScript.txt in the same location as the ComboFix.exe tool.
Drag the CFScript.txt into ComboFix.exe
Follow the prompts. When finished, it shall produce a log for you. Post that log in your next reply.
Note: Do not click on combofix's window while it's running. That may cause it to stall.
Try renaming HijackThis.exe to HJTAdizzle.exe instead. Then run it.