One or more of the identified infections is a backdoor trojan
This allows hackers to remotely control your computer, steal critical system information
and download and execute files
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I Reinstall
We can still clean this machine but I can't guarantee that it will be 100% secure afterwards.
For the time being I will proceed on the assumption you wish to clean up your computer. If you do not and would rather reformat or reinstall let me know in your next reply.We
need to make sure any anti-virus program you have is disabled.
Please visit the page linked below to find any program you may be running and temporarily disable it.http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/Next
delete any older versions of ComboFix you may have and proceed on to the instructions below.We'll
give another try to ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.
Please continue as follows:
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include the following reports for further review, and so we may continue cleansing the system:C:\ComboFix.txt
New RSIT log.
Let me know if you have any problems and it still won't run.