To me this Hijacker is the worst ever-Am I wrong? This tutorial spells quite well the order of attack--something up till now I wasn't sure of.
I have one problem/concern/misunderstanding:
In step 5 you outline the procedure to go find the bad.dll files and delete them. You also state that the names of the files will be random. For instance the file-
"C:\WINDOWS|System32\hghda.dll" will on my infected machine will be different
IE. "C:\WINDOWS\System32\gjkxa.dll. The name of the file will be different. Do I have this correct? So when I open up the System32 a whole page of icons appear-many of which are .dll files. And many of which look random to an untrained eye (even worsely untrained than mine-if possible). However, (on WINXP) placing the mouse pointer over the file icon, up pops a popup which shows a description of the file, the company and importantly the date created. I wonder, then what pops up when the pointer goes onto the the nasty little C...\hghda.dll file shown above? To me, an important thing is the date-presuming the HJ er has not the ability to falsify the date created?
Anyway, great tutorial-when I understand it completly I will certainly use it. Thanks!
EDBEE from NMUSA- RENOWNED MALWARE FIGHTER AND SWORN ENEMY OF ALL INTERNET HIJACKERS