Thanks for posting logs
You have been infected with a backdoor which means If you do any banking from your computer you need to change the passwords from a clean computer,
and you should check your bank accounts. And inform your bank that your computer as been infected with a password stealing keylooger
This is if you use online banking. and have give out personal account information.
--------------------------------------------------------------
Please do the following:
Download SDFix and save it to your desktop.
Please then reboot your computer in Safe Mode by doing the following :
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
- Instead of Windows loading as normal, a menu with options should appear;
- Select the first option, to run Windows in Safe Mode, then press "Enter".
- Choose your usual account.
- In Safe Mode, right click the SDFix.zip folder and choose Extract All,
- Open the extracted folder and double click RunThis.bat to start the script.
- Type Y to begin the script.
- It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- Your system will take longer that normal to restart as the fixtool will be running and removing files.
- When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
- Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log
To generate a startup list with HJT
Open HJT.exe
click on Open the misc. Tools section
click on generate startuplist log
Notepad will open copy and paste this in your next reply.
A tutorial if needed. http://www.bleepingcomputer.com/tutoria ... tartupList
--------------------------------------------------------------------------------------------------------------------------------
Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As") to download Silent Runners.
- Save it to the desktop.
- Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
- You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
- Once you receive the prompt "All Done!", double-click the new text file on the desktop, copy that entire log, and paste it here.
*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.
-----------------------------------------------------------------------------------------------------------------------------------------
Please post in your next reply.
SDfix Report.txt
startup list
silentrunners log
new HJT log