I Did Everything for the iworm_attck_v122.02a

Hi and Welcome


Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

Do pay close attention to the installing and running of Hijackthis instructions, as yours was installed in the exact place we mention not to and was run with browser and other none essential applciations running.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis


When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

 

Sorry but if you had really read the guide fully you would have known not to post your logs inline, but to attach them, and also to not have applcations like........

Internet Explorer
MSN Messenger
Yahoo Messenger

etc running?

http://forums.majorgeeks.com/showthread.php?t=35407

Your panda and Bitdefender logs you mentioned you attached are not.


Skipping steps, leads to removing your malware slower and not completly, so its paramount to follow the guide verbatim to catch all malware exploits.

 

Okay! In the future, please do not edit your older messages in the thread. Just attach the files to your new message that you are posting. The attachments you now added to message # 1 should have been added to message # 5.

Pleae run the steps in the below and attach the requested smitfiles.txt log.

SpywareQuake & SpyFalcon Removal Procedure

Afterwards also attach a new HijackThis log but make sure you follow the directions in step 7 because you previously had HijackThis running from one of the exact locations we specify not to run it from: C:\Documents and Settings\Chiqui\Desktop\HijackThis.exe

 

It does not matter whether you find the files or not! The instructions even tell you that in the very first Note at the top of the page. You MUST FOLLOW DIRECTIONS. The procedure asked you to attach the smitfiles.txt log. You did not attach it. Do not run it again. Just attach the smitfiles.txt log that was created when you ran the procedure.

Also we have also told you multiple time and it is also specified in the READ & RUN ME that all logs (including HJT logs) must be attachments to your message. They must not be posted inline like you are doing.

In your first HJT log, you were running HJT from: C:\Documents and Settings\Chiqui\Desktop\HijackThis.exe which was a problem!
Now you are running it from: C:\HJT\HijackThis.exe which is not what we requested but it is acceptable.

The READ & RUN ME also specifies not to use MSconfig to control startups, you did not follow those directions in step 7. You have the below in your log:

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

Please select Normal Startup and then reboot and ATTACH a new HJT log and also the missing smitfiles.txt log.

You should also tell us how things are running now!