Finally, "Best Of" is GONE!!!!!/this is what i did

To Anyone dealing w/ this @#$%#$ worm, it takes a while, but you CAN kill it.

This is what worked for me.

First thing is to run task manager and look up all the running processes. (just the letters/numbers.exe). Some examples of bad files are: atloz32.exe, msme.exe, addbi32.exe, and about 20 more that I had to remove because every time I stopped a process, another bad file would plant itself in my processes folder. In actuallity, there are probaly hundreds of these files out there. Also, the avg. size of these files is about 3000kb, so you know what to focus on.
Be careful what you delete! Some of these files are very important to your computers operation. For instance, csrss.exe, smss.exe, and isass.exe are all needed precesses on my computer. Depending on what programs you have on yours, you may have several more of these *.exe files that are "good".
So here goes CLOSE OR EXIT ANY UNNECESARY PROGRAMS
INCLUDING MESSANGERS, PRINTERS, I/O DEVICES, ETC.
STEP 1 open task manager and write down all of the *.exe programs that are running that you don't recognize.
2 google search each of these files, and if google doesn't turn up an answer, then it is a nasty. (this is exactly what the "techs"at microsoft do!)
3 run hijack this. Print the log and Google all the files you don't recognize
Anything with -----.dll/sp.html96676 is definately bad
Also, my system had alot of runonce files that weren't supposed to
be there. ie. google had no idea what they were.
4 You can also cross reference files w/ ones listed at :http://www.liutilities.com/products/wintaskspro/processlibrary/ , this has pretty much all of the normal windows processes, I printed all these out as well.
5 Now that you know what all the good files are (from checking google), you can start the clean-up process.
STEP 6 This is the most important part, I think. DISCONNECT FROM THE INTERNET
Every time I deleted a bad file, another one replaced it. I think this is how
it survives.
6.5 this might be overkill, but I deleted all messsenger services(you can always get them back again later)
7 Open task manager and "end process" on all the files you can't confirm belong there.
8 Run hijackthis and "fix" all the files that you can't confirm belong there. If you're not sure about a specific file, ask someone before "fixing" it!
9 Go to search "all files and folders" and enter the "bad" file names( ex. netqx.exe). It will find 2 files; the main program file and a prefetch file. Delete them both. I clicked on properties and if the description was unknown, it was out-a-there.
10 empty recycle bin
11 run ad-aware and delete all the nasties ( by the way, norton is useless for this worm)
12 now defrag the hard drive. Reason: even when you empty recycle bin, the files still exist untill they are overwriten. defrag moves files around, writing over some of these areas. It may be overkill again, but I was getting frustrated.
13 enter the home page of your choice in internet options, apply, and restart your computer. Internet still disconnected.
14 see if your selected home page is still in internet options.
14 check task manager for any new nasties and run hijackthis. Hopefuly all the nasties are still gone. If not, you may have to do it again, but this is what totaly got rid of this crap on my system.
15 fire up the internet........................GOOD LUCK!!!!!!!!!!


PS I think the big key here is to not be on-line when your cleaning up your system!!

 

Almost forgot, save (don't open) hijackthis to your desktop so you can use it while your offline.