1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Attack of the trojans

By kathyh5185 ยท 7 replies
Aug 3, 2008
  1. hi all

    background info
    2 days ago
    had some virus/trojan /spyware/malware issues , looked on the forums ran hijack this.... ran superantispyware.... and it found so many problems 270 attacks......
    deleted all the problems so i thought......

    computer started up no spyware alarms etc thought it was fixed

    however... today usbs are not recongised access denied,
    go into windows explorer and can access file on usb open, copy, transfer everything.
    does anyone think that this maybe caused by my previous problems.

    please let me know what information you require so ii am not wasting your time.

    thanks from a newbie
  2. raybay

    raybay TS Evangelist Posts: 7,241   +10

    Download from Trend Micro the latest version of HiJack This, and mail us the resulting log.

    Also, consider using ComboFix, SuperAntispyware and or MBAM MalwareBytes and scan, sending us those resulting logs.

    When you run these scans, you might want to immediately shut down, and cold boot to SAFE MODE (pressing <F8> repeatedly until it boots to the low resolution screen, then attempt to install and scan once more with each in Safe Mode.

    Some of these evils will leap out into memory when you shut down, then reinstall themselves where you cannot find them upon reboot.
  3. kathyh5185

    kathyh5185 TS Rookie Topic Starter

    hijack this file

    here is the hijack this file that i just ran.
    i will do the other scan and post when done
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Download and Install SDFix
    • Download SDFix and save it to your Desktop.
    • Double click SDFix.exe and it will extract the files to %systemdrive%
      (Drive that contains the Windows Directory, typically C:\SDFix)

    Boot into Safe Mode
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

    Run SDFix
    • Open the extracted SDFix folder and double click RunThis.bat to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    • Attach Report.txt back here


    Then please follow these Viruses/Spyware/Malware, preliminary removal instructions and post back in this thread with the requested logs. There should be at least 3.

    1)MBAM log
    2)SAS log
    3)report.txt (sdfix)
    4)Hijackthis log (Last step)
  5. kathyh5185

    kathyh5185 TS Rookie Topic Starter

    reports as requested

    here are the reports as requested

    superantispyware 1st one that had 221 attacks 8-1-08

    hijackthis rpt
    superantispyware 2nd one that i have just done 8-4-08
    Sdfix report
    please let me know if you require anything else
    thanks for your help

    will have to take hijack this report from my previous reply as i wasnt able to upload it agin
  6. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    please follow the 2nd half of my instructions - and attach the MBAM log and fresh hijackthis after completing all steps
  7. kathyh5185

    kathyh5185 TS Rookie Topic Starter

    as requested

    Logs as requested

    thanks kathy
  8. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    First open MBAM again - click quarantine tab and make sure to delete anything there as you log says no action taken


    Next, your Java is still out of date did you follow all instructions in the removal steps? After you update please show me a new hijackthis log and we can move on
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...