Reply to thread

Message: <blockquote data-quote="Fiery" data-source="post: 115915" data-attributes="member: 9">Hello <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile    :)" loading="lazy" data-shortname=":)" />Here is a good summary of what a backdoor infection is: http://www.geekstogo.com/190/what-is-a-backdoor-trojan/Regarding the OTL fix, I don't think you copied the entire script. Please do so again.STEP 1:Open OTL. Under custom scan/fixes, copy and paste the following:<ul> <li data-xf-list-type="ul"> :OTL O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D98D3097-8A4D-4F1A-947B-C59AD700C145}: DhcpNameServer = 8.8.8.8 [2011/08/14 19:01:33 | 000,000,256 | ---- | C] () -- C:\Users\FW56E\AppData\Roaming\090024D6292A4E [2010/04/30 01:46:49 | 000,005,009 | ---- | C] () -- C:\ProgramData\tbuxfygh.lbm @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8CEFE51A @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:CE2C623F :Files ipconfig /flushdns /c :Commands [EMPTYTEMP]</li> </ul>Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.STEP 2Next, we will use FRST to remove some drivers.Open notepad and copy & paste the following:and save it as fixlist.txt onto your flash drive.Then, boot to system recovery, plug in your flash drive, open FRST and click fix. Post the generated log.STEP 3Please download ComboFix from one of these locations:<a title="External link" href="http://download.bleepingcomputer.com/sUBs/ComboFix.exe" rel="external"><>Link 1</></a><a title="External link" href="http://www.infospyware.net/antimalware/combofix/" rel="external"><>Link 2</></a><ul>    <li>Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsSee <a title="External link" href="http://www.bleepingcomputer.com/forums/topic114351.html" rel="external">HERE</a> for help</li>    <li>Double click on Combo-Fix & follow the prompts.</li>    <li>As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's ly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.</li>    <li>Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.</li></ul>**Please note: (This applies to Windows XP systems only) If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.<img src="http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif" alt="Posted Image" />Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:<img src="http://img.photobucket.com/albums/v706/ried7/whatnext.png" alt="Posted Image" />Click on <>Yes</>, to continue scanning for malware.When finished, ComboFix will produce a log, please post it in your next reply<>Note:</>1. Do not mouseclick combofix's window while it's running. That may cause it to stall!2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet.</blockquote>

Verification

Top