My winXp Pc also infected with virus. 1. I turned of system restore facility, rebooted system. (right click my computers ->properties->system restore tab->check option for disabling system restore) 2.REBOOT immediately. 3. After restarting goto task manager (press ctrl +Alt +del) select processes, kill msblaster.exe. This will stop shutting down the PC automatically. 4. Search for files msblaster*.*, and delete them.Also search for TFTP*.PF (prefetch files) and delete them. 5. Start Regedit, find entries 'msblaster' and then delete them , especially for the Regword 'WindowsUpdate' 6. Goto command prompt, at C:\Windows\system32 subdirectory ,Rename TFTP.exe to x_TFTP.exe(This is very important so that you can connect to internet and download patch from Microsoft site) 7. Connect to internet, 'directly' paste this URL and download the patch http://download.microsoft.com/download/9/8/b/98bcfad8-afbc-458f-aaee-b7a52a983f01/WindowsXP-KB823980-x86-ENU.exe 8. Run this Patch. Restart the PC. After restarting, you may get atmost twice the message 'unable to read from memory location etc' but ignore. 9. Repeat steps 4 and 5 . (All above steps take atmost 15 minutes) 10. Download latest DAT file for your antivirus and scan from virus Once your PC working fine , rename x_tftp.exe to TFTP.exe ( pl. see step 6) . Dont forget PS : I observed one thing. After disabling system restore facility on my XP PC, it is running as 'fast' as my favourite Windows 98 PC especially while booting, restarting etc.

You could try this REALLY easy one click solution… Worm Blaster remover http://www.dslreports.com/forum/remark,7662765~root=security,1~mode=flat Quote: “As I designed the cleaner I thought about usability and simplicity. I tried to offer a "one click solution". Thats why the cleaner does things that seems to be illogical. But well ... lets explain why it does all that things. Normally you will first clean your system and than install the patch. That means after desinfecting you are still vulnerable. So you have high chance to get infected again. I registered about every half minute a port access to 135. That means it would only take 30 seconds to get infected again. Well ... I guess its impossible to download and install the patch within 30 seconds. Thats why the cleaner stays active after cleaning. It prevents the worm from installing again. Quite simple - isn't it? The cleaner also adds itself to the auto start so its started every time the system boots. That has 2 simple reasons: 1. If the download server of Microsoft is to busy you are still protected until you get the patch - even if you restart your computer. 2. Some of you will install the patch using Windows Update. In fact Windows Update will first install service packs etc. that need a reboot. To stay protected after the reboot the cleaner has to be loaded again. I guess many people will forget this step and while they download the updates they will get infected again. So I decided to let the cleaner start automatically until you uninstall it using the "Add/Remove software" function inside your "Control Panel".”