|
CSW shredder will not work on this - I got this fucking hijack this week, it is such a pain in the ass to get rid of..........
follow these steps:
The hidden culprit (using Windows XP Pro) that keeps reinfecting the machine is the registry key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
You need to remove it. Some folks say to change the registry key value to random characters using the free reglite utility (which may work as well) but I removed the key. The value of the key is hidden and causes Windows to load the trojan DLL every time any application is run.
The way to remove the registry key is not obvious. If you just delete it from regedit, the trojan DLL will undo your handy work. Here's what worked for me:
1. Rename the HLM\Software\Microsoft\Windows NT\CurrentVersion\Windows folder to Windows2.
2. delete the AppInit_DLLs key under the Windows2 folder.
3. Rename the Windows2 folder back to Windows.
Now that AppInit_DLLs is gone, run your favorite spyware/adware utilities such as Adaware 6, CWShredder, and Hijack This. I also run Norton Utilities, which helps if you don't trust your instincts for repairing registry files. Remember, I'm not a geek and just want to use computers & software rather than reinvent them from the ground up.
4. Reboot your machine. Your computer should be free at last.
|