Please see this threat for further information; http://www.bleepingcomputer.com/forums/t/206736/run-cmdexe-causes-explorer-to-crash/
Computer is XP Home edition w/SP3, and IE 6.
I've run Avira free edition, Malwarebytes free edition, Superantispyware free edition, AVG free edition does not install, Safety.live online scanner. I've run ATF-cleaner and CCleaner (against my better judgement) with no success.
I've tried to run SDFix.exe, Combofix.exe, Smitfraudfix.exe with the same results. Because CMD is being blocked, all three of those programs fail to run.
On the thread linked they could run combofix to cure their issue, it will not run for me, not off a thumb drive, from the desktop, from C drive.
In the thread linked they could rename CMD to CMD2 and it would work. On my computer I had to rename cmd to 1234. If I left CMD in the name it would not run and would crash explorer. Explorer will always return after about 5 seconds or less. Using cmd renamed to 1234 I tried to execute combofix and SDfix both with failed success.
I've gained access to the registry by renaming regedit to regedit123. But I found nothing in the HKey/local machine that looked out of place. If screenshots are requested of registry I can do that.
This is a customers business computer which I've had for 3 days now. She's persistant and doesn't care to give me much more time.
I've come to this threat trying to follow protocol, althought judging by the other threat I believe I will be told to post a hjthis log in the appropriate forum. Still I'd appreciate any assistance I can get. Thank you.