Hello. I am new here. I have Windows 7. I was an idiot and downloaded this ^#%##$# fake Amazon email file to my computer the other day (see file name in Topic Title) and it got into everything. It kept popping up a window asking me if I wanted to run C:windows\syswow64\cmd.exe " \c c:\progr~3\msewhx.exe.
I have McAfee and it kept shutting off the firewall. I got it to stop doing that. I downloaded Malwarebytes and it found three trojans which it quarantined and deleted. I booted into safe mode and found the msewhe.exe file it wanted to run and I deleted that. I then created an entirely new administrator profile, moved all my docs and pics over and deleted the old profile. I can now boot up without the window popping up incessantly. However, my IE LAN connection settings keep reverting to "open with proxy server" which then cannot be found and the internet stops working. I keep resetting them to "Automatically Detect" so I can use my wireless to get on here.
I have run Hijack this. From the desktop shortcut, it kept telling me that it had no access to my hosts file and every time that I tried to "analyze this", it told me I had no internet connection. I went directly to the program and right-clicked it to "run as administrator" and that now works and I now have a log file. A web search on ORDER_JB462 brings up a malwr analysis of the executable and what it exactly does, but I do not know how to undo everything. A look into my registry shows some suspicious things. What can I do with my HijackThis log file and how can I go through and eradicate everything that the executable did? I am concerned that it is spyware and that it has made system changes and taken over certain administrator rights.