Boot to xp cd,recovery,in recovery,follow the guide outlined by microsoft
in kb307545

"Mike S." wrote:

> I recently had my computer infected with four trojans due to them
> being new and undetected by the majority of anti-virus programs. So I
> submitted them to AVG who confirmed they were trojans and updated
> their virus definitions. This removed the four trojans from my
> computer. However, I still have problems that need to be fixed. One of
> which is a disabled registry.
>
> Here's what needs fixing (from my HijackThis log):
> F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files
> \System\svchost.exe"
>
> O2 - BHO: (no name) - {5277E001-1190-3001-0699-ca3230262a11} - C:
> \Program Files\Common Files\System\wship_help.acm (file missing)
>
> O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System,
> DisableRegedit=1
>
> O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System,
> DisableRegedit=1
>
>
> Some people have suggested using combofix, SDFfix, or just using
> HijackThis. Is there any reason why I can't just use HijackThis to fix
> them? SDFix seems more complicated and unnecessary. Or does what I use
> to fix those problems depend on my computer and whether it's up-to-
> date and backed up, etc.?
>
> I just want to use the safest, most reliable method to fix this
> problem.
>
> The only reason I'm even asking this here is because the people in the
> malware forums I've posted in won't answer these questions - I guess
> they're too busy. They just want to fix the problem and move on. I'm
> interested in using this as a learning experience.
>