Quote:

---

Killall::

File::
C:\Documents and Settings\William A. Hudson\DesktopTrojan.Win32.BlackBird.PIF
C:\WINDOWS\system32\rsmjacyj.dll
C:\WINDOWS\system32\rjyltlvp.dll
C:\WINDOWS\dsktbwfe.dll
C:\WINDOWS\nslbvxpgtkn.dll
C:\WINDOWS\ogxtsepr.dll
C:\WINDOWS\sgoblxtm.dll
C:\WINDOWS\system32\sloxafkp.exe
C:\WINDOWS\spnkfwad.exe
C:\WINDOWS\hookdllX.dll
C:\WINDOWS\.prj
C:\WINDOWS\system32\lwrkjolo.exe
C:\WINDOWS\iun6002.exe

Registry::
[-HKEY_LOCAL_MACHINE\~\BrowserHelperObjects\{97EBE3CC-10A7-4619-B127-9B5D4FA476A8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{57ABA3CE-E927-4C81-BE2E-E20CAEC6645F}"=-
[-HKEY_CLASSES_ROOT\clsid\{57aba3ce-e927-4c81-be2e-e20caec6645f}]
[-HKEY_CLASSES_ROOT\sgoblxtm.1]
[-HKEY_CLASSES_ROOT\TypeLib\{CBA0A72A-C5B0-47F8-9BD7-307B7708A58D}]
[-HKEY_CLASSES_ROOT\sgoblxtm]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zxcrqdht"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uaextvrz"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"kEU1gkL26I"=-
[-HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
[-HKEY_LOCAL_MACHINE\software\microsoft\windowsnt\currentversion\winlogon\notify\efcDUmjj]

---

Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.




Referring to the picture above, drag CFScript.txt into ComboFix.exe

Restart your computer.

When finished, it shall produce a log for you at C:\ComboFix.txt

Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please and
let me know how it is running.


*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*

then :-

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.

You don't stop laughing when you get old, you get old when you stop laughing!

Post Extras