. Welcome to Bleeping Computer.Backdoor Threat
I'm sorry to say that your computer is infected with one or more backdoor trojans.
This means that sensitive information could have been stolen
. I would advise to change any passwords for any accounts that you have accessed with the infected computer using a clean computer ASAP. If you have used this computer for banking, I would strongly suggest that you report the possible stolen information. Please do not
use the computer for any further transactions, or to enter any other information, if at all possible, until it is declared clean.
You may want to read this article
on how to handle identity theft.
You may also want to read this article
regarding preventing of identity theft.
This computer can still be cleaned, however, I cannot guarantee that it will be 100% safe even after disinfection.
Please read When Should I Format, How Should I Reinstall
.I will proceed assuming you wish to disinfect. If you want to do a reinstall, reply back saying so.Download and Run SDFix
You can find complete instructions on running SDFix in the link below:http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/SDfix is for Windows 2000 and Windows XP only,
How to Boot into Safe Mode
- Download SDfix setup onto your desktop.
- Run the installer. Leave the install location at your system root.
- After the install, boot into Safe Mode.
- Click your Start Menu. Click Run. Type in c:\sdfix\runthis.bat. Hit OK.
- The prompt window will open. Type Y and hit Enter.
- Wait for the scan to finish.
- You will be prompted to restart. Press anykey to do so. Allow Sdfix to boot the computer into normal boot.
- At reboot, the prompt window will pop-up, along with a log (\rapport.txt) shortly after. Copy the contents of the log back in your next reply.
Print out all intructions to be carried out in Safe Mode, or save them onto your desktop as you will not be able to access the forum where you are recieveing help.
If you are unfimiliar with the boot process, please jot down the boot instructions.
- Shutdown your computer.
- Press the power on button.
- Wait for your computer to beep.
- After hearing the beep, hit the F8 key repeatedly until you see a selection screen.
- Use your arrow keys to navigate the highlight to Safe Mode.
- Hit Enter.
- You will now be asked to choose your operating system. Again, use the arrow keys to select Microsoft Windows XP, if the highlight was not already on it.
- Hit Enter.
Your computer will proceed to booting into Safe Mode. During the boot process, you may see random code go past your screen. Simply wait for it to pass. Your computer should boot like usually, except with Safe Mode written in the corners of your screen. Your screen may also appear to be a different size because the video drivers are not loaded properly in Safe Mode.
After the boot, you will be asked whether you wish to use system restore, or to continue to Safe Mode. Select OK
to choose Safe mode.Install Antivirus
An anti-virus is essential in keeping your computer safe while surfing the Internet. I see that you have Adware and Windows Defender, but an antivirus is still needed.
Please install a free anti-virus program from one of the trusted venders below:Install HijackThis in a Permanent Location
You have HijackThis running from your desktop. The backups it creates are then easily deleted. Please delete the copy you have and install
Download and Run RSIT
- Download the installer for the new version HERE onto your desktop and double click it.
- You may be asked for confirmation for running an executable file. Select Run.
- You will be asked choose the install location. Please leave it at the default:
C:\Program Files\Trend Micro\HijackThis.
- Select Install.
- The installation process should only take a few seconds. A shortcut named HijackThis will be created on your desktop so there will be no need to access the HijackThis program directly. The HijackThis window will pop-up after the installation. Close it for now.
- Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
- Double click on RSIT.exe to run RSIT.
- Click Continue at the disclaimer screen.
- Once it has finished, two logs will open. Please post the contents of both
log.txt (< and
Please post back with:
-the SDFix log (C:\Rapport.txt)
-the RSIT logs (C:\rsit\log.txt) (C:\rsit\info.txt)
Also comment on how your computer is running. Are you still experiencing problems? If so describe them.