Attack of the trojans

[kathyh5185]

hi all

background info
2 days ago
had some virus/trojan /spyware/malware issues , looked on the forums ran hijack this.... ran superantispyware.... and it found so many problems 270 attacks......
deleted all the problems so i thought......

computer started up no spyware alarms etc thought it was fixed


however... today usbs are not recongised access denied,
go into windows explorer and can access file on usb open, copy, transfer everything.
does anyone think that this maybe caused by my previous problems.

please let me know what information you require so ii am not wasting your time.


thanks from a newbie
kathy

 

[raybay]

Download from Trend Micro the latest version of HiJack This, and mail us the resulting log.

Also, consider using ComboFix, SuperAntispyware and or MBAM MalwareBytes and scan, sending us those resulting logs.

When you run these scans, you might want to immediately shut down, and cold boot to SAFE MODE (pressing <F8> repeatedly until it boots to the low resolution screen, then attempt to install and scan once more with each in Safe Mode.

Some of these evils will leap out into memory when you shut down, then reinstall themselves where you cannot find them upon reboot.

 

[kathyh5185]

hijack this file

here is the hijack this file that i just ran.
i will do the other scan and post when done

 

[Blind Dragon]

Download and Install SDFix

• Download SDFix and save it to your Desktop.
• Double click SDFix.exe and it will extract the files to %systemdrive%
  (Drive that contains the Windows Directory, typically C:\SDFix)

Boot into Safe Mode

• Restart your computer and start pressing the F8 key on your keyboard.
• Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

Run SDFix

• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
• Attach Report.txt back here

============================================================

Then please follow these Viruses/Spyware/Malware, preliminary removal instructions and post back in this thread with the requested logs. There should be at least 3.

1)MBAM log
2)SAS log
3)report.txt (sdfix)
4)Hijackthis log (Last step)

 

[kathyh5185]

reports as requested

here are the reports as requested

superantispyware 1st one that had 221 attacks 8-1-08

hijackthis rpt
superantispyware 2nd one that i have just done 8-4-08
Sdfix report
please let me know if you require anything else
thanks for your help
kathy

will have to take hijack this report from my previous reply as i wasnt able to upload it agin

 

[Blind Dragon]

please follow the 2nd half of my instructions - and attach the MBAM log and fresh hijackthis after completing all steps

 

[kathyh5185]

as requested

Logs as requested

thanks kathy

 

[Blind Dragon]

First open MBAM again - click quarantine tab and make sure to delete anything there as you log says no action taken

=============================================

Next, your Java is still out of date did you follow all instructions in the removal steps? After you update please show me a new hijackthis log and we can move on