Hello Pet0r.Backdoor Threat
I'm sorry to say that your computer is infected with one or more backdoor trojans.
This means that sensitive information could have been stolen
. I would advise to change any passwords for any accounts that you have accessed with the infected computer using a clean computer ASAP. If you have used this computer for banking, I would strongly suggest that you report the possible stolen information. Please do not
use the computer for any further transactions, or to enter any other information, if at all possible, until it is declared clean.
You may want to read this article
on how to handle identity theft.
You may also want to read this article
regarding preventing of identity theft.
This computer can still be cleaned, however, I cannot guarantee that it will be 100% safe even after disinfection.
Please read When Should I Format, How Should I Reinstall
.I will proceed assuming you wish to disinfect. If you want to do a reinstall, reply back saying so.Peer-to-Peer Programs Warning
Your log shows that you are using so called peer-to-peer
programs (in your case BitTorrent
). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime
has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.
It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer
and Risks of File-Sharing Technology
It is also important to note that sharing entertainment files and proprietary software
infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA
for music files, or the MPAA
for movie files in the USA) or the authors of the files themselves.
Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."
It is your decision whether or not you wish to keep your program(s). However, please refrain from using them until your computer has been declared clean.Uninstall Outdated AVG
AVG 7 is now outdated, and will not provide you with sufficient protection. It has been combined with AVG antispyware into AVG8. Please uninstall "AVG Free Edition" using Add/Remove Programs
.Disable Realtime Protection
Antimalware programs can interfere with the tools we need to run.
To disable Adware:
Install Recovery Console and Run ComboFix
- Right click on the Ad-Watch icon in the system tray.
- At the bottom of the screen there will be two checkable items called "Active" and "Automatic".
- Active: This will turn Ad-Watch On\Off without closing it.
- Automatic: Suspicious activity will be blocked automatically.
- Uncheck both of those boxes.
- (When done, you can re-enable it using the same steps but this time check both boxes.)
from any of the links below, and save it to your desktop
. Link 1
, Link 2
, Link 3
Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System.
Leave your computer alone while ComboFix is running.
- Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
- Download the file and save it as it's originally named onto your desktop.
- Close any open windows, including this one.
- Drag the setup package onto ComboFix.exe and drop it.
- Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.
- At the next prompt, click Yes to run the full ComboFix scan.
- When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
ComboFix will restart your computer if malware is found; allow it to do so.