I did all the steps in the 'READ ME Before Posting A Request For Assistance!' post, still seems to all be there

Download ComboFix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Click on the Save button and then when it asks you where to save it, make sure you save it directly to your Windows Desktop.
Once the download is complete you will see the Combofix on the desktop.


Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
Doubleclick the combofix icon on the desktop to run the program.





Windows will issue a prompt asking whether you wish to run the program, click Run
You will then see a Disclaimer screen asking you to agree to the disclaimer. Press the number 1 key to accept the disclaimer.

Now just sit back and allow the program to run

Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.

When all is complete then please post back here with that log.

ok done that..
still running slow

ok done that..
still running slow
I am sure it is. There are still some things that have to be done yet. Give me awhile to go through this log and I will let you know what else needs to be done. We should be able to get it back up to speed but it will take a bit, ok?

Do me a favor...ABSOLUTELY NO FILE SHARING RIGHT NOW OK? This is more than likely what got you into this mess, believe me.
TURN OFF....BitTorrent, and leave turned off Bear Share. As you can see, by file sharing you are literally playing with fire, to say nothing about legalities and copyright laws
Judy

Please turn off ANYTHING not needed...all those file sharing programs for one thing...
Then please run the ESET SCANNER (http://www.eset.com/onlinescan/) again and have it FIX EVERYTHING found.


You will need to use Internet Explorer to to complete this scan.
You will need to temporarily Disable your current Anti-virus program.
Be sure the option to Remove found threats is checked at this time, and the option to Scan unwanted applications is Checked.
When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.



Post back here with the log.

ok kool..
turned it off.. and doing the scan now

done the scan..

Ok, now give me a NEW HiJackThis scan and save the log and post it here.

I keep getting read errors when trying to burn a dvd could this be because of the viruses?

here's the log..

Why are you burning a DVD while waiting to see if the computer is clean?

You had, maybe still have a very infected computer. If you want it clean you will stop unnecessary stuff until a fix can be worked out. If you don't want to wait, then forget it, I am done.
.

Ah i tried burning before just incase i had to reformat the computer.. but i dont want to go that way. Don't worry i won't do anything till the computers clean

I would like to have you use ComboFix to remove some files.
Make sure that Combofix is still on the desktop. If it is not then this will not work.

Open Notepad and copy/paste the text in the below

KILLALL::


FILE::

C:\\StubInstaller.exe
C:\WINDOWS\005681_.tmp
C:\WINDOWS\003375_.tmp
C:\WINDOWS\TEMP\mc22.tmp
C:\WINDOWS\system32\dllcache\hwxjpn.dll
C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\scripting
C:\WINDOWS\system32\en
C:\WINDOWS\ntoskrnl.exe
C:\WINDOWS\system32\sprecovr.exe
C:\WINDOWS\system32\dllcache\OLD5EF.tmp
C:\WINDOWS\system32\dllcache\OLD60A.tmp
C:\WINDOWS\system32\dllcache\OLD60D.tmp
C:\WINDOWS\system32\dllcache\OLD5B2.tmp
C:\WINDOWS\system32\dllcache\OLD584.tmp
C:\WINDOWS\system32\dllcache\OLD58B.tmp
C:\WINDOWS\system32\dllcache\OLD581.tmp
C:\WINDOWS\system32\dllcache\OLD554.tmp
C:\WINDOWS\system32\dllcache\OLD537.tmp
C:\WINDOWS\system32\dllcache\OLD53D.tmp
C:\WINDOWS\system32\dllcache\OLD482.tmp
C:\WINDOWS\system32\dllcache\OLD47F.tmp
C:\WINDOWS\system32\dllcache\OLD4AE.tmp
C:\WINDOWS\system32\dllcache\OLD478.tmp
C:\WINDOWS\system32\dllcache\OLD4B8.tmp
C:\WINDOWS\system32\dllcache\OLD475.tmp
C:\WINDOWS\system32\dllcache\OLD42C.tmp
C:\WINDOWS\system32\dllcache\OLD466.tmp
C:\WINDOWS\system32\dllcache\OLD454.tmp
C:\WINDOWS\system32\dllcache\OLD462.tmp
C:\WINDOWS\system32\dllcache\OLD429.tmp
C:\WINDOWS\system32\dllcache\OLD451.tmp
C:\WINDOWS\system32\dllcache\OLD426.tmp
C:\WINDOWS\system32\dllcache\OLD3D6.tmp
C:\WINDOWS\system32\dllcache\OLD3D1.tmp
C:\WINDOWS\system32\dllcache\OLD37F.tmp
C:\WINDOWS\system32\dllcache\OLD37C.tmp
C:\WINDOWS\system32\dllcache\OLD36F.tmp
C:\WINDOWS\system32\dllcache\OLD386.tmp
C:\WINDOWS\system32\dllcache\OLD338.tmp
C:\WINDOWS\system32\dllcache\OLD171.tmp
C:\WINDOWS\system32\dllcache\OLD6F.tmp
C:\WINDOWS\system32\dllcache\OLD55.tmp
C:\WINDOWS\system32\dllcache\OLD1F.tmp
C:\Documents and Settings\Owner\yfcsdx.exe
C:\Documents and Settings\Owner\xahoey.exe
C:\Documents and Settings\Owner\fgwalc.exe
C:\Documents and Settings\Owner\rjbrif.exe
C:\Documents and Settings\Owner\zyrgam.exe
C:\Documents and Settings\Owner\cpyrcp.exe
C:\Documents and Settings\Owner\toisbd.exe
C:\Documents and Settings\Owner\mxhjpr.exe
C:\Documents and Settings\Owner\vebowc.exe
C:\Documents and Settings\Owner\zxylws.exe
C:\Documents and Settings\Owner\mmcuft.exe
C:\Documents and Settings\Owner\zwymkd.exe
C:\Documents and Settings\Owner\aonlul.exe
C:\Documents and Settings\Owner\wndbpf.exe
C:\Documents and Settings\Owner\chlbvf.exe
C:\Documents and Settings\Owner\mzqvoe.exe
C:\Documents and Settings\Owner\jvrwzq.exe
C:\Documents and Settings\Owner\qtzlag.exe
C:\Documents and Settings\Owner\ndxfzf.exe
C:\Documents and Settings\Owner\bjegxw.exe
C:\Documents and Settings\Owner\esvqek.exe
C:\Documents and Settings\Owner\jkscyq.exe
C:\Documents and Settings\Owner\wwvedp.exe
C:\Documents and Settings\Owner\hvauby.exe
C:\Documents and Settings\Owner\ybhtvh.exe
C:\Documents and Settings\Owner\egaxec.exe
C:\Documents and Settings\Owner\bsjcrd.exe
C:\Documents and Settings\Owner\grjtwf.exe
C:\Documents and Settings\Owner\vvesdr.exe
C:\Documents and Settings\Owner\jgrmqx.exe
C:\Documents and Settings\Owner\jbmaru.exe
C:\Documents and Settings\Owner\brnhil.exe
C:\Documents and Settings\Owner\ryxkec.exe
C:\Documents and Settings\Owner\cmjjhf.exe
C:\Documents and Settings\Owner\rvwiss.exe
C:\Documents and Settings\Owner\soltke.exe
C:\Documents and Settings\Owner\bsipls.exe
C:\Documents and Settings\Owner\ufmxar.exe
C:\Documents and Settings\Owner\xeusen.exe
C:\Documents and Settings\Owner\qclnng.exe
C:\Documents and Settings\Owner\dyonnd.exe
C:\Documents and Settings\Owner\gijage.exe
C:\Documents and Settings\Owner\pjikzv.exe
C:\Documents and Settings\Owner\stnrju.exe
C:\Documents and Settings\Owner\cjsicq.exe
C:\Documents and Settings\Owner\jfacoc.exe
C:\Documents and Settings\Owner\skqbpo.exe
C:\Documents and Settings\Owner\bavlik.exe
C:\Documents and Settings\Owner\vgvbiy.exe
C:\Documents and Settings\Owner\svswyx.exe
C:\Documents and Settings\Owner\rkruvj.exe
C:\Documents and Settings\Owner\beefoh.exe
C:\Documents and Settings\Owner\zooywx.exe
C:\Documents and Settings\Owner\mgvvhc.exe
C:\Documents and Settings\Owner\sktzbb.exe
C:\Documents and Settings\Owner\ykfrkw.exe
C:\Documents and Settings\Owner\stxbjf.exe
C:\Documents and Settings\Owner\svssbl.exe
C:\Documents and Settings\Owner\jccwgl.exe
C:\Documents and Settings\Owner\uxhrla.exe
C:\Documents and Settings\Owner\duxphv.exe
C:\Documents and Settings\Owner\ibcert.exe
C:\Documents and Settings\Owner\bzufmu.exe
C:\Documents and Settings\Owner\xcbskf.exe
C:\Documents and Settings\Owner\gimvzq.exe
C:\Documents and Settings\Owner\atfymw.exe
C:\Documents and Settings\Owner\ybojta.exe
C:\Documents and Settings\Owner\diqget.exe
C:\Documents and Settings\Owner\liyuiq.exe
C:\Documents and Settings\Owner\simrxd.exe
C:\Documents and Settings\Owner\inyamz.exe
C:\Documents and Settings\Owner\qfyjar.exe
C:\Documents and Settings\Owner\wkrnbv.exe
C:\Documents and Settings\Owner\gajvlu.exe
C:\Documents and Settings\Owner\njtnaj.exe

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe
* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt

Post back here with that log.

I think the computer just rebooted itself as it was still in the combofix prompt..
it came up with a microsoft windows error.. :(
I'll run it again and hope it runs smoothly this time.

here's the log, what do I have to do now?

There are still some unknowns I wonder about so please do this;
Go to http://virusscan.jotti.org/

Upload the following files one at a time;
C:\Documents and Settings\Owner\eejjch.exe
C:\Documents and Settings\Owner\aksnol.exe
C:\Documents and Settings\Owner\famkff.exe
C:\Documents and Settings\Owner\pogkdx.exe
C:\Documents and Settings\Owner\dddzsi.exe

This site will scan each file by various virus scanners and produce a report telling us if it is an infection. If it isn't we won't worry about it, if it is hopefully we will better know how to remove it.
Post back here with the results for each file.

Service load: 0% 100%

File: eejjch.exe
Status: INFECTED/MALWARE
MD5: becb617c2b02b8460d9cce6f6b36eaa2
Packers detected: PE_PATCH

Scanner results
Scan taken on 14 Sep 2008 15:39:21 (GMT)
A-Squared Found MemScanBackdoor.Bifrose.NQ
AntiVir Found HEUR/Crypted
ArcaVir Found nothing
Avast Found Win32:Adware-gen
AVG Antivirus Found Downloader.Generic5.GF
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found MemScanBackdoor.Bifrose.NQ
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found W32/Agent.CUOW
Panda Antivirus Found nothing
Sophos Antivirus Found Mal/Behav-285
VirusBuster Found nothing
VBA32 Found nothing



Service load: 0% 100%

File: aksnol.exe
Status: OK
MD5: 9dcc05bdd820162e9947d5e8f5fbad3a
Packers detected: PE_PATCH

Scanner results
Scan taken on 14 Sep 2008 15:41:24 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing


C:\Documents and Settings\Owner\famkff.exe
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
(I had this file partially scanned once.. for some reason it wont scan it again.. it was a virus anyways)

C:\Documents and Settings\Owner\pogkdx.exe
Error: unable to connect to database. The administrator has already been notified, it is not necessary to contact us.

and same i got for:
C:\Documents and Settings\Owner\dddzsi.exe

Print out this information because you are going to have to disconnect from the internet to complete these steps. When I say disconnect, I mean actually shut down and remove the internet cable from the computer.
You also need to ENABLE VIEWING (http://articles.networktechs.com/437-p1.php) of Hidden Files and Folders.

Next do this;

Download Killbox (http://download.bleepingcomputer.com/spyware/KillBox.exe)
this is a program that can be used to get rid of files that stubbornly refuse to allow you to delete them.

Usage Information:

Download this file and run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, allow it to do so.

These are the files you want it to search for and delete;
C:\Documents and Settings\Owner\eejjch.exe
C:\Documents and Settings\Owner\aksnol.exe
C:\Documents and Settings\Owner\famkff.exe
C:\Documents and Settings\Owner\pogkdx.exe
C:\Documents and Settings\Owner\dddzsi.exe

You may very well get the message that one or some of the files cannot be found, that is fine, just write down which ones.
Once the program is complete then it should shut down and reboot the computer if it doesn't then please do so on your own.
Of course then you will have to shut down again, re-attach the internet cable and then reboot.
Come back here with the results of the running of Killbox

well i ran it and it seems to have deleted the files. hmm the computer is still taking like 60 seconds to load when rebooted.. before it used to be a few seconds.

60 seconds ..... that is one minute. That is fast. There is absolutely no way this computer would boot in seconds completely with all that you have running at start up. Believe me, I KNOW. I have probably 1/3 the programs you have autostarting and my computer takes 60 seconds.

You still have some things to do here.
First of all you need to uninstall combofix


Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.

When shown the disclaimer, Select "2"

You MUST uninstall this to remove all the bad files in quarantine there.
Reboot the computer.

Next, I want you to download combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) again and run it again and post back here with the log.

here's the log

Looks pretty good. Your thread title Help please lots of viruses was an Understatement.
Malwarebytes' Anti-Malware remove-55 infections
You did two scans with ESET Scanner, the first one showed 255 infections but you didn't clean them at that time according to the instrucitons by PP.
At that time I noticed you had P2P File sharing programs running ALL THE TIME in the background so I told you to turn them off and leave them off until we were finished and you did. I could have quit this thread at that time, but I chose not to. So I had you run ESET again and that time have it clean...on the second scan 257 infections were found and removed, so 2 more were added between the scans.

Then I had you run combofix. The first run showed and removed12 infected files, but I found numerous other Unknowns in that log and had you remove those using the CFScript. That was an additional 117 unknown and very likely files created by these infections.
But there were 5 files in that CFScript which were not removed so I had you upload those to virusscan. Two of them showed as infected the other three were unknowns or unable to be scanned.
So I had you use Killbox to remove all five.
We are talking here about 446 infected files on your computer.
Now I have to say something here because it is obvious to me that most of your infections were the result of P2P file sharing. Quite frankly, we rarely will even consider helping with a computer which has infections which are obviously the result of file sharing. It is not something we condone or approve of. I had gotten far enough into the clean up of your computer before I discovered, while checking through the various logs that most of your problem was the result of file sharing. Most of the time if we know this we tell people to go else where, we don't approve, we don't condone it, we don't encourage it.
Our Forum Guidelines state very clearly:
Discussion of illegal activities such as software and music piracy and other intellectual property violations are not allowed. Yes, sharing copyrighted material IS a CRIME, a felony in fact.

We do not ask you to stop this without reason.
P2P programs open a direct line onto your computer, security measures are easily avoided, and Malware writers are increasingly using them to spread their nasty infections onto your computer. Add to that, if your P2P program is not configured correctly you may be sharing more files than you intended. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.

When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these downloads are being targeted to carry infections.

We see no reason in taking our time cleaning your machine if you use P2P programs, as it is pretty much certain that if you continue to use them then you will get infected again. The only reason I continued on yours was because I felt I had gotten too far in the process to stop. But I say here, and now, I will NOT do it again.

You MUST really give serious thought to getting rid of those file sharing programs. No matter how safe they claim they are they can offer no guarantees.

I use this analogy often when speaking of P2P file sharing;
If you sat down at a table in a restaurant and there was a sandwich sitting there on a plate with just a tiny bite taken out of it...would you eat it? I am sure your answer would be no. Why? Because it might contain just 1 germ from the person who took the bite (and you have NO IDEA who that is), which if YOU took a bite, could kill you. By using P2P file sharing you allowed 446 infected files onto your computer, any one of which could have killed your computer.
Think about it.
And I say again, if your computer is reinfected due to file sharing, we will not help you clean it.

ok thanks for all your help, I appreciate it.
Alex

hey again.. I'm having problems with my internet connection i've only realised it today that these problems have occured around the time I did this clean up of all these viruses.. I don't know if it was the clean up or something else.. but I'm just checking here to see if you think there could have been something?

I'm Always connected to the internet.. but sometimes my connection drops speed or something.. it's still connected to the net but it cannot browse and noone can send msgs to me on my IM, then after abit it's all fine and everythings working perfectly.. it does this throughout the day.

Do you have any idea?

We need to see at least a HJT log.

ok here

I have been trying to search on google this problem but only thing i could find was a windows update problem or maybe the clean up we did.

Can I ask you to re-read the LAST line of my last post to you back in September?
And I say again, if your computer is reinfected due to file sharing, we will not help you clean it.This new log shows me that this is still your "hobby"
O4 - HKCU\..\Run: "C:\Program Files\DNA\btdna.exe"
Running automatically when the computer starts.
This is processes running when you did this log;
C:\Program Files\BearShare\BearShare.exe
Please read this information concerning BearShare
The bearshare.exe application is the main application for the BearShare filesharing software. Some versions of this software contain spyware so it is advisable to terminate the bearshare.exe process.
bearshare.exe is considered to be a security risk, not only because spyware removal programs flag BearShare as spyware, but also because a number of users have complained about its performance.
BearShare is likely spyware and as such, [B]presents a serious vulnerability which should be fixed immediately! Delaying the removal of bearshare.exe may cause serious harm to your system and will likely cause a number of problems, such as slow performance, loss of data or leaking private information.
And to that I say, sorry, since you did not previously heed the advice I gave you concerning file sharing, you are on your own.

I ran this program http://www.snapfiles.com/get/winsockxpfix.html
winsock XP fix program.. everything seems to be working fine so far but I'll let you know if the problem is still there.

=dirtySLART;41630]I have been trying to search on google this problem but only thing i could find was a windows update problem or maybe the clean up we did.
I ran this program http://www.snapfiles.com/get/winsockxpfix.html
winsock XP fix program.. everything seems to be working fine so far but I'll let you know if the problem is still there.

I can tell you right now this had absolutely NOTHING to do with the Fixes done earlier so please do not imply this. You had 446 infected files on your computer. Maybe the removal of these infections affected your connection...yes...because you were infected with multiple Downloader Trojans, and what do those do? Downloader.Trojan accesses and downloads from various sites. And what do they download? More infections, your logs proved that. Yes, the clean up maybe broke some connections used by these trojans but the clean up was supposed to clean the computer of infections, it did. But you are still participating in file sharing which was the likely root of the 446 infections in the first place.