Spyware Warrior

[Amyaayaa]

I accidentally executed a trojan because I thought it was a movie torrent. Huge lesson learned. Now this folder keeps appearing in my hidden files in both of my hard drives and in USB devices, including my ipod. This folder keeps reappearing about 30 seconds after I delete it over and over and over again. "Resycled" is the name of the folder, and it contains an executable file inside of it named "boot.com", and every time this appears, another file beside "resycled" appears named "autorun.inf". I am going to reinstall windows but I need to save some files onto USB drives first, HOWEVER, I don't want to reinstall windows only to find out that my removable storage (iPod, USB flash drives, etc.) have put this virus back onto my computer, because it is now on them as well. So I am wondering how to find out exactly what file is executing this to keep reappearing, and how I can access it? Any help would be greatly appreciated!! I downloaded HiJackThis and here is the anaylsis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:50:06 PM, on 11/2/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\VTTimer.exe
D:\iTunes\iTunesHelper.exe
C:\PROGRA~1\3DMouse\3DMouse.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
D:\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe

[km2357]

Hello and welcome to Spyware Warrior.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please post a fresh HiJackThis Log
_________________
Malware Removal University Master

Member of ASAP


If you've been helped by Spyware Warrior, please donate to help with the costs of this volunteer website. Thank You.

[km2357]

Amyaayaa? Do you still need help?
_________________
Malware Removal University Master

Member of ASAP


If you've been helped by Spyware Warrior, please donate to help with the costs of this volunteer website. Thank You.

[Gary R]