Malware removal - please HELP!

Attached are the files from your detailed instructions and I hope I've followed everything correctly. Please, my son has downloaded so much I can't keep the Family PC clean anymore. I can't get to any major website without being hijacked. What can I do?

 

Post the logs from GetRunKeys and ShowNew.

 

I just uploaded both txt files for your request. Let me know if you can't reach them.

 

Download
- Pocket Killbox

You are running an anti-spyware program which is not trusted or recognised to be safe,
this link provides some details:-
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Therefore it is recommended that you remove it using the Add/Remove option on your computer:

Start->Control Panel->Add/Remove

Look for the following program and remove it: SpyKiller

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 8 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Using Add or Remove Programs in the Control Panel; uninstall the following:

You are using MsConfig to prevent several items from loading at Windows start. MsConfig is a diagnostic tool, and not intended to be used in the manner you are using MsConfig. Enable everthing you used MsConfig to disable. If you are recieving error messages, related to these items, at system start; we can fix this without using MsConfig.

You are running 2 Resident Antvirus applications. You only need 1. Having more that 1 resident Antivirus application on your computer will cause problems. They will interfer with each of and create conflicts, causing system performance to suffer. Pick one uninstall the other.

Follow the directions for Running Hoster.

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files

Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.