Help with Backdoor.Generic3.KTL and who knows what else

Click START>>>RUN>>>type in services.msc and hit Enter
In the next window, look on the right hand side for the below service name
NPEBLJ

Double click on it and then STOP the service!
In the drop down menu, change the startup type to Disabled

Repeat the above for the below two services:
O
UXZJEXUKR

Now delete all files and subfolders in the below folder except ones from the current date (Windows will not let you delete the files from the current day).
C:\Documents and Settings\Owner\Local Settings\Temp

Now run HijackThis and click on the "Open the Misc Tools Section" button on the open page. Then select Delete an NT service on the left-hand side. A Delete a Windows NT Service window will pop up. Try entering the following into the box and then click OK:

NPEBLJ

If you get an error message just ignore it and continue.

Now repeat the Delete an NT Service process for the below two:
O
UXZJEXUKR

Again ignore any error messages.

Now exit HijackThis and reboot if it tells you it needs to. After reboot run a scan with HijackThis and look for the below lines and select them (if found) and and then click Fix checked.

O23 - Service: NPEBLJ - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\NPEBLJ.exe (file missing)
O23 - Service: O - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\O.exe (file missing)
O23 - Service: UXZJEXUKR - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\UXZJEXUKR.exe (file missing)

After clicking Fix, exit HJT.

You need to empty all of your Quarantine folders and you need to manually delete all those email entries shown by Bitdefender. You also need to empty your email Deleted Items folder!

Also look for and delete the below file:
c:\windows\system32\MYDLL.dll

Additional step to delete files in the Downloaded Program Files folder :
- Click Start, Run, and enter cmd in the box and click OK. This opens a command prompt windows.
- Enter the following command lines each followed by the enter key
cd C:\WINDOWS\Downloaded Program Files\
attrib -r -h -s SbCIe026.inf
del SbCIe026.inf
exit

Now attach a new log from HJT and tell me how things are working.

 

Your log is clean. If you are not having any other malware problems, it is time to do our final steps:

1. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and enable System Restore to create a new clean Restore Point.
2. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!