Help appreciated

Hi and welcome to the Daniweb forums :).

==========

Try a system restore first, going back far enough to be sure it was before this infection.
Once done, try running MBA-M again. Update it first, then do a full scan and remove what is found. Be sure to restart the pc.
Post it's log when done.

EDIT: Sorry crunchie - didn't see you. Let me get a look at this log and then I'll get out of your way.
PP :)

@rexassassin
Have a try with my post below before doing what crunchie requested

Please download FindIt.zip and Extract the FindIt folder to your desktop.
-- Inside the folder, you'll see RunThis.bat - DoubleClick it and let it run. (10-20 seconds)
A log should pop up - please post that for me.

PP :)

Looking for cngaudit.dll

Looking for eventlog.dll

Looking for logevent.dll

Looking for netlogon.dll

Looking for scecli.dll

thanks for the assistance much appreciated

thanks for the assistance much appreciated

Happy to help :)

You need to EXTRACT the the FindIt folder from the Zip to your desktop, or it won't work properly.
Rightclick on the ZIP and choose Extract All
Then run it.

-- What happened when you tried System Restore as crunchie advised? Ideally, we would like to restore your compy to a state where MBA-M and other tools can be run.

I am going to get out of crunchie's way - I've got limited time + too many cooks will ruin the broth, as they say . . .. .

Best Luck :)
PP

also cd-r's are not being recognized by my drive please help it was working fine then all of a sudden stopped in thinking this has to do with the trojan please assist with this problem as well

when i ran that this came up

Looking for cngaudit.dll

No matches found.

Looking for eventlog.dll

C:\WINDOWS\I386\
eventlog.dl_ Wed Aug 4 2004 8:00:00a ..... 30,131 29.42 K

C:\WINDOWS\SYSTEM32\
eventlog.dll Wed Aug 4 2004 8:00:00a A.... 55,808 54.50 K

C:\WINDOWS\SYSTEM32\DLLCACHE\
eventlog.dll Wed Aug 4 2004 8:00:00a A.... 55,808 54.50 K

C:\WINDOWS\SOFTWA~1\DOWNLOAD\DD9AB5~1\
eventlog.dll Sun Apr 13 2008 8:11:54p A.... 56,320 55.00 K

4 items found: 4 files, 0 directories.
Total of file sizes: 198,067 bytes 193.42 K

Looking for logevent.dll

No matches found.

Looking for netlogon.dll

C:\WINDOWS\I386\
netlogon.dl_ Wed Aug 4 2004 8:00:00a ..... 181,419 177.16 K

C:\WINDOWS\SYSTEM32\
netlogon.dll Wed Aug 4 2004 8:00:00a A.... 407,040 397.50 K

C:\WINDOWS\SYSTEM32\DLLCACHE\
netlogon.dll Wed Aug 4 2004 8:00:00a A.... 407,040 397.50 K

C:\WINDOWS\$HF_MIG$\KB968389\SP2QFE\
netlogon.dll Fri Feb 6 2009 2:46:10p A.... 408,064 398.50 K

C:\WINDOWS\SOFTWA~1\DOWNLOAD\DD9AB5~1\
netlogon.dll Sun Apr 13 2008 8:12:02p A.... 407,040 397.50 K

5 items found: 5 files, 0 directories.
Total of file sizes: 1,810,603 bytes 1.73 M

Looking for scecli.dll

C:\WINDOWS\I386\
scecli.dl_ Wed Aug 4 2004 8:00:00a ..... 71,807 70.12 K

C:\WINDOWS\SYSTEM32\
scecli.dll Wed Aug 4 2004 8:00:00a A.... 180,224 176.00 K

C:\WINDOWS\SYSTEM32\DLLCACHE\
scecli.dll Wed Aug 4 2004 8:00:00a A.... 180,224 176.00 K

C:\WINDOWS\SOFTWA~1\DOWNLOAD\DD9AB5~1\
scecli.dll Sun Apr 13 2008 8:12:06p A.... 181,248 177.00 K

4 items found: 4 files, 0 directories.
Total of file sizes: 613,503 bytes 599.12 K

when i ran that this came up

Those look OK to me.

Try crunchie's advice and stand by for his reply.

PP:)

hey crunchie i have no way of going back to august for some reasom to restore it wont click over to the previoius month arghh please advise

Try this;

Delete the MBA-M installation file that is on your pc at present.
Go back to download MBA-M again. Click on the link to download it. Select the "Save" option.
When the panel pops up to ask you where you wish to save the file, before choosing where to save it, rename the file to BamBam.
Once you have saved it, try again to install and run it.

I tried that crunchie and it stll did not load. I get this when i scan with ad-aware - Win32TrojanTdss File: C:\WINDOWS\system32UACbyuuhyljiy.dll
And when i scan with counterspy i get this - Trojan.Win32.Generic!BT. They both say they cleaned it and restart the comp. but when i do restart and
run the antispyware programs again i get the same issue. over and over. I also have not been able to write to cd-r's for some reason i have checked
some dvd's and they work but do not "autoplay" In addition i keep getting a google installer failed to load msg. saying to send the error report i
i cant get rid of this it is really frustrating me. please please help anybody please it would be greatly appreciated. if all else fails i would do
a full format but since this is a hand me down laptop i dont have the disks and i dont know how to do this if anyonebody knows
please help. Thank you so much - RA

Please do not run anything other than what we request please. Can/will make things harder :).

Please download ComboFix by sUBs from HERE or HERE You must rename combofix BEFORE saving it to your pc.


You must download it to and run it from your Desktop
Physically disconnect from the internet.
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
Re-enable all the programs that were disabled during the running of ComboFix..
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

tried to install and load it. It installed but when i run it nothing happens. please help!!

Did you rename it before downloading it?

Try it in safe mode.