My name is Syler and I will be helping you to solve your Malware issues.
One or more of the identified infections is a backdoor trojan/Rootkit
This allows hackers to remotely control your computer, steal critical system information
and download and execute files
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I Reinstall
We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
If you decide you want to proceed with trying to clean your machine please follow these next steps.
First of all it appears you are using a cracked version of NOD32, you need to uninstall this and install a legal AV, if this is the case.
- Download and install an antivirus program, and make sure that you keep it updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
Two good antivirus programs free for non-commercial home use are Avast!
You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.Next
Please download Malwarebytes' Anti-Malware
from HereNote: If you already have Malwarebytes' Anti-Malware, just update then run it.
Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.NextWe need to scan for Rootkits with GMER
- Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and Paste the entire report in your next reply .
- Please download GMER from one of the following locations, and save it to your desktop:
- Main Mirror
This version will download a randomly named file (Recommended)
- Zip Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
- Disconnect from the Internet and close all running programs, as this process may crash your computer.
- Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.
- Double click on Gmer to run it.
- Allow the gmer.sys driver to load if asked.
- You may see a rootkit warning window, If you do, click No.
- Click on and wait for the scan to finish.
- If you see a rootkit warning window, click OK.
- Push and save the logfile to your desktop.
- Copy and Paste the contents of that file in your next post.
Please post back here with the following logs:
- MBAM log
- Gmer log
- New DDS log