Good news and you're very welcome
Your computer appears
to be free from malware.
Now, some clean-up steps:OTL-Cleanup
You should still have this on your desktop, if so, please ignore the download instructions.
Please download OTL Save it to your Desktop
If you did not reboot your computer normally, please do so now, before continuing. Create a new System Restore Point (SRP)
- Double click on OTL.exe to run it.
Vista-W7 users: Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
- Press the CleanUp button.
- When done, you will be prompted to reboot your system to finish file removal... please select OK to reboot your computer.
Now that you're clean, it's the best time to create a clean System Restore Point, and delete the previous, infected ones.
Remove old SRP entries
- Go to Start > All Programs > Accessories > System Tools > System Restore
- Select Create a restore point and press Next.
- Type a name for the new SRP like All Clean then press Create.
- When finished press Close.
- Go to Start > Run type in: cleanmgr and press OK.
Wait until Disk Cleanup finish calculating.
- Then select the More Options tab.
- In the System Restore section, press Clean up.
- Reply Yes to the prompt.
All existing restore points will be deleted, except the new one you just created.
Don't forget to re-enable your security programs! Update your Antivirus programs and other programs regularly.
This is one good way to avoid new threats. The following websites can be used to check if you need any update.Secunia Personal Software InspectorF-secure Health CheckFileHippo.com Update Checker
- © Copyright FileHippo.com Stay informed.
To help minimize the chances of becoming re-infected, please read.Computer Security - a short guide to staying safer online
If your computer is running slowly after your clean up, please read.What to do if your Computer is running slowly
Some further advice related to the infection we detected at the beginning: All passwords should be changed immediately
to include those used for banking, email, eBay, Paypal and online forums.
You should consider them to be compromised
. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
Although the backdoor has been identified and appears to have been removed
, your PC may be compromised and there is no way to be sure the computer can ever be trusted again.It is dangerous and incorrect to assume that because the backdoor has been removed the computer is now secure
Further, in some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.
Many experts in the security community believe
that once infected with this type of trojan, the best course of action
would be to do a reformat and re-installation of the operating system (OS). This decision will have to be made by you...Please reply to this post so I know you have read it. If you don't have any further questions this thread will be closed.