[MIXMASTERMIKE]

yeah maybe. maybe smokin too much spliff bit paranoid. however, i mean theoretically u could, i dont know anythin bout site, cant find any reviews for site or programs used. and i follow every step on this end diligently, u could be giving me the royal screw job.

[Advertisements]

HEY SORRY BOUT THE FREAK OUT EARLIER, JUST DUNNO HOW IM GETTIN ALL THESE VIRUSES?!?! ANYWAYS THANKS HERE ARE THE NEXT SET OF LOGS:

Explorer killed successfully
C:\Program Files\Online Services\Vonage\Xtras\regxtra121.x32 moved successfully.
File/Folder C:\WINDOWS\system32\cbXQjjJD.dll.vir not found.
File/Folder C:\program files\panda secutrity\active scan 2.0\pskavs.dll not found.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06052008_084014


nsi47.tmp;C:\Deckard\System Scanner\backup\DOCUME~1\HP\LOCALS~1\Temp;Tool.Prockill;Incurable.Deleted.;
1stRun.exe;C:\Program Files\eRightSoft\SUPER\spk;FDOS.Atomix.28;Deleted.;
inetchk.exe;C:\Program Files\music_now;Trojan.Click.2093;Deleted.;
AOLCINST.EXE\core.cab\GTDOWNAO_106.ocx;C:\Program Files\Online Services\Aol\United States\AOL90\COMPS\COACH\AOLCINST.EXE;Adware.Gdown;;
AOLCINST.EXE;C:\Program Files\Online Services\Aol\United States\AOL90\COMPS\COACH;Archive contains infected objects;Moved.;
PPCInstall.dll;C:\Program Files\Online Services\PeoplePC;Probably STPAGE.Trojan;Incurable.Deleted.;
musicnow1.exe\data008;C:\SWSetup\AOLMN\SP31524.exe\\musicnow1.exe;Trojan.Click.2093;;
\musicnow1.exe;C:\SWSetup\AOLMN\SP31524.exe\;Archive contains infected objects;;
SP31524.exe;C:\SWSetup\AOLMN;Archive contains infected objects;Moved.;
brandit.exe;C:\SWSetup\BrandIt\Disk1;Probably STPAGE.Trojan;Incurable.Deleted.;
A0014607.reg;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP43;Trojan.StartPage.1505;Deleted.;
data001\0011\E6\1stRun.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014612.exe\data002\data001;FDOS.Atomix.28;;
data001;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014612.exe\data002;Archive contains infected objects;;
data002;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014612.exe;Archive contains infected objects;;
A0014612.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Archive contains infected objects;Moved.;
A0014661.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;FDOS.Atomix.28;Deleted.;
A0014662.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Trojan.Click.2093;Deleted.;
A0014664.EXE\core.cab\GTDOWNAO_106.ocx;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014664.EXE;Adware.Gdown;;
A0014664.EXE;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Archive contains infected objects;Moved.;
musicnow1.exe\data008;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014665.exe\\musicnow1.exe;Trojan.Click.2093;;
\musicnow1.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014665.exe\;Archive contains infected objects;;
A0014665.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Archive contains infected objects;Moved.;


By the way my word documents now seem to be saving exact replica smaller files with ~$ at the front... why is that??

thanks again.

[MIXMASTERMIKE]

HEY SORRY BOUT THE FREAK OUT EARLIER, JUST DUNNO HOW IM GETTIN ALL THESE VIRUSES?!?! ANYWAYS THANKS HERE ARE THE NEXT SET OF LOGS:

Explorer killed successfully
C:\Program Files\Online Services\Vonage\Xtras\regxtra121.x32 moved successfully.
File/Folder C:\WINDOWS\system32\cbXQjjJD.dll.vir not found.
File/Folder C:\program files\panda secutrity\active scan 2.0\pskavs.dll not found.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06052008_084014


nsi47.tmp;C:\Deckard\System Scanner\backup\DOCUME~1\HP\LOCALS~1\Temp;Tool.Prockill;Incurable.Deleted.;
1stRun.exe;C:\Program Files\eRightSoft\SUPER\spk;FDOS.Atomix.28;Deleted.;
inetchk.exe;C:\Program Files\music_now;Trojan.Click.2093;Deleted.;
AOLCINST.EXE\core.cab\GTDOWNAO_106.ocx;C:\Program Files\Online Services\Aol\United States\AOL90\COMPS\COACH\AOLCINST.EXE;Adware.Gdown;;
AOLCINST.EXE;C:\Program Files\Online Services\Aol\United States\AOL90\COMPS\COACH;Archive contains infected objects;Moved.;
PPCInstall.dll;C:\Program Files\Online Services\PeoplePC;Probably STPAGE.Trojan;Incurable.Deleted.;
musicnow1.exe\data008;C:\SWSetup\AOLMN\SP31524.exe\\musicnow1.exe;Trojan.Click.2093;;
\musicnow1.exe;C:\SWSetup\AOLMN\SP31524.exe\;Archive contains infected objects;;
SP31524.exe;C:\SWSetup\AOLMN;Archive contains infected objects;Moved.;
brandit.exe;C:\SWSetup\BrandIt\Disk1;Probably STPAGE.Trojan;Incurable.Deleted.;
A0014607.reg;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP43;Trojan.StartPage.1505;Deleted.;
data001\0011\E6\1stRun.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014612.exe\data002\data001;FDOS.Atomix.28;;
data001;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014612.exe\data002;Archive contains infected objects;;
data002;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014612.exe;Archive contains infected objects;;
A0014612.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Archive contains infected objects;Moved.;
A0014661.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;FDOS.Atomix.28;Deleted.;
A0014662.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Trojan.Click.2093;Deleted.;
A0014664.EXE\core.cab\GTDOWNAO_106.ocx;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014664.EXE;Adware.Gdown;;
A0014664.EXE;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Archive contains infected objects;Moved.;
musicnow1.exe\data008;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014665.exe\\musicnow1.exe;Trojan.Click.2093;;
\musicnow1.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44\A0014665.exe\;Archive contains infected objects;;
A0014665.exe;C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP44;Archive contains infected objects;Moved.;


By the way my word documents now seem to be saving exact replica smaller files with ~$ at the front... why is that??

thanks again.

[MIXMASTERMIKE]

by the way i was recommended by a friend to do a system restore bak to the point when i first got the computer... i hope i havent ruined all of our process by doing so..

[Rorschach112]

Yep you have ruined all the work we did

Do this



Please visit this web page for instructions for downloading and running ComboFix

http://www.bleepingc...to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet.

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. Don't select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.




Also post a new HijackThis log

[Rorschach112]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.