Please download ComboFix by sUBs from HERE or HERE
You must download it to and run it from your Desktop
Physically disconnect from the internet.
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
Re-enable all the programs that were disabled during the running of ComboFix..
Note: Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
I downloaded it again using a mac which save the file as combofix2 and it was able to start running, unfortunately it got to where it said
registry is infected
it then backed up the registry but just keept blinkin _ after that and did nothing else - i figured it was taking its time to work so I left this running ALL DAY yesterday and still no change this morning
here is the hjk log after all of this
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:35:49 AM, on 4/7/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal