Viruses please help

Hi there I have completed the steps in the Read and Run me first and am now ready to post the findings. My computer was infected with win32.Netsky.P@mm and also a couple of other things that could not be removed so I am looking for further instruction on how to remove these other ones. Thanks for the help.

 

Whatever you are using MsConfig to disable, don't. I need to see everything.

Lets start by moving HijackThis to a better location. Download, unzip, then run the enclosed Visual Basic Script. Move_HijackThis

Unistall any of teh following; using Add or Remove Programs.

Now scan and have HJT Fix the following:

Download
- Pocket Killbox
- ExplorerXP

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

Ok first of all thanks so much for your help!!! I have completed all the steps you gave me and only had a few problems with it. I could not use the link you gave Move_Hijack This for some reason so I skipped that. Also could not find the path.... O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto in Hijack This. I didn't have any of the stuff you asked me to delete in Add/Remove programs. I also noticed that my PC was slow on reboot into normal mode note sure if that means anything? But here is my new HJT log. Thanks again.

 

Run this uninstaller, http://help.myway.com/uninstall/mwsUnins.exe, this should remove MyWebSearch.

Post a fresh Hijackthis log

 

Ok ran the uninstaller here is the HJT findings.

 

OK, MyWebSearch is gone.

How is your computer running?

 

Seems to be running ok still seems slow at start up though. Also when rebooting i get a window saying shell icon hidden window with the option to end now, not sure what that is. Thanks for the help I really appreciate it.

 

I need teh exact wording of the message.