Page 5 of 10 FirstFirst 123456789 ... LastLast
Results 41 to 50 of 100

Thread: IDP & Crypt AQLW Trojan DDS Log pasted.

  1. 2012-04-26, 09:47 #41
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default Malewarebytes Scan results

    Malwarebytes Anti-Malware (Trial) 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.04.21.06

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Dr Michael Foster :: KNIGHTS-2EE6007 [administrator]

    Protection: Disabled

    26/04/2012 06:36:11
    mbam-log-2012-04-26 (06-36-11).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 190327
    Time elapsed: 5 minute(s), 7 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  2. 2012-04-26, 14:28 #42
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default eset scan - still scanning after 4 hours!

    Hi! The ESET Scan is still running and has been doing so for the last four hours. It is at 57% - so by 17:00 hrs BST I should be able to paste a report.
    The nuisance is that AVG keeps kicking in after 15 minutes – and I do not always get back to the machine to top up the 15 minutes in time. Good Job, I am working from home today! I have not found any real method to extend the 15 minutes. Mind you my worry is that AVG let the Trojan in, in the first place, so I will need advice on a decent Anti Virus/Trojan program, man enough for the job. By 18:00 BST I will have to go out to a work meeting, but should get back, but I guess I will have other jobs with which to catch up.
  3. 2012-04-26, 14:28 #43
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default Ps

    Mind you it has found some 404 infected files thus far!
  4. 2012-04-26, 16:44 #44
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default Update on ESET Scanning

    Its only 59% after 6 1/2 hours, so I guess it will not be complete until at least 20:00 hrs BST.
  5. 2012-04-26, 16:45 #45
    jeffce
    jeffce is offline
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    If you are having problems with AVG and want to change antivirus programs anyway you could always just uninstall it and then run ESET again. ESET may take quite some time though which is normal.

    If you do remove it, be sure to only come here and to ESET until we get another antivirus program on your system.
  6. 2012-04-26, 18:08 #46
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default Scan complete

    It zoomed from 59%, at which it was stuck a good long time and suddenly it was 100%!

    The Scan is below. The entries for the F Drive are Tools (usually to do with rescuing the machine) or Jokes - the Joke programs were from my old win 95 machine - like doing tricks with the cursor but always exited on pressing the Esc key.


    SCAN RESULTS

    C:\Qoobox\Quarantine\C\WINDOWS\system32\flutilssvc.dll.vir Win32/Sirefef.ER trojan
    C:\Qoobox\Quarantine\C\WINDOWS\system32\InterBaseGuardian.dll.vir Win32/Sirefef.ER trojan
    C:\Qoobox\Quarantine\C\WINDOWS\system32\mountmgr.dll.vir Win32/Sirefef.ER trojan
    C:\Qoobox\Quarantine\C\WINDOWS\system32\queuemgr.dll.vir Win32/Sirefef.ER trojan
    C:\Qoobox\Quarantine\C\WINDOWS\system32\siswlsvc.dll.vir Win32/Sirefef.ER trojan
    C:\Qoobox\Quarantine\C\WINDOWS\system32\VirtualCam.dll.vir Win32/Sirefef.ER trojan
    C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\afd.sys.vir Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP542\A1999103.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP543\A1999133.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP543\A1999146.exe a variant of Win32/Kryptik.AEMK trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP543\A1999151.exe Win32/TrojanDownloader.Prodatect.BL trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999202.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999222.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999234.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999329.exe a variant of Win32/Kryptik.AELC trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999330.exe a variant of Win32/Kryptik.AELC trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999337.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999349.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999350.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999351.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999352.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999353.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999354.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999355.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999356.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999392.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999427.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999467.dll a variant of Win32/Kryptik.AEMZ trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999473.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999495.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999514.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999515.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999516.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999517.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999518.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP544\A1999537.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2000537.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001537.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001550.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001551.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001552.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001553.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001554.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001555.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001556.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001557.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001558.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001559.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001560.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001561.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001562.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001563.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001564.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001565.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001566.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001567.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001568.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001569.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001570.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP545\A2001571.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP546\A2002046.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2003063.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2003076.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2003144.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2003170.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2003231.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2004231.sys Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005231.sys a variant of Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005351.sys a variant of Win32/Sirefef.DA trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005393.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005394.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005395.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005396.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005397.dll Win32/Sirefef.ER trojan
    C:\System Volume Information\_restore{478AB6F6-415F-4FEB-AA31-13E8A304D821}\RP547\A2005398.dll Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0000\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0001\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0002\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0003\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0004\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0005\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0006\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0007\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0008\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0009\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0010\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0011\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0012\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0013\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0014\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0015\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0016\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0017\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0018\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0019\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0020\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0021\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0022\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0023\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0024\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0025\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0026\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0027\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0028\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0029\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0030\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.23.43\zaea0031\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0000\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0001\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0002\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0003\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0004\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0005\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0006\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0007\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0008\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0009\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0010\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0011\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0012\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0013\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.29.39\zaea0014\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0000\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0001\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0002\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0003\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0004\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0005\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0006\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0007\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0008\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0009\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0010\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0011\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0012\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0013\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0014\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0015\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0016\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0017\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0018\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0019\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0020\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0021\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0022\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0023\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0024\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0025\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0026\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0027\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0028\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0029\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0030\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0031\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0032\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0033\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0034\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0035\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0036\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0037\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0038\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0039\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0040\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0041\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0042\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0043\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0044\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0045\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0046\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0047\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0048\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0049\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0050\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0051\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0052\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0053\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0054\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0055\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0056\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0057\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0058\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0059\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0060\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0061\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0062\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0063\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0064\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0065\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0066\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0067\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0068\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0069\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0070\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0071\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0072\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0073\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0074\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0075\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0076\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0077\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0078\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0079\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0080\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0081\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0082\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0083\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0084\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0085\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0086\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0087\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0088\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0089\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0090\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0091\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.36.06\zaea0092\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0000\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0001\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0002\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0003\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0004\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0005\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0006\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0007\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0008\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0009\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0010\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0011\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0012\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0013\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0014\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0015\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0016\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0017\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0018\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0019\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0020\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0021\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0022\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0023\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0024\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0025\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0026\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0027\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0028\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0029\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0030\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0031\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0032\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0033\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0034\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0035\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0036\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0037\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0038\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0039\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0040\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0041\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0042\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0043\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0044\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0045\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0046\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0047\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0048\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0049\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0050\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0051\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0052\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0053\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0054\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0055\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0056\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0057\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0058\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0059\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0060\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0061\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0062\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0063\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0064\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0065\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0066\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0067\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0068\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0069\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0070\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0071\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0072\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0073\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0074\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0075\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0076\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0077\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0078\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0079\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0080\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0081\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0082\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0083\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0084\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0085\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0086\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0087\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0088\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0089\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0090\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0091\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.38.59\zaea0092\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0000\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0001\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0002\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0003\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0004\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0005\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0006\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0007\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0008\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0009\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0010\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0011\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0012\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0013\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0014\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0015\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0016\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0017\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0018\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0019\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0020\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0021\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0022\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0023\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0024\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0025\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0026\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0027\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0028\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0029\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0030\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0031\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0032\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0033\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0034\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0035\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0036\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0037\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0038\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0039\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0040\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0041\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0042\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0043\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0044\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0045\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0046\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0047\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0048\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0049\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0050\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0051\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0052\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0053\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0054\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0055\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0056\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0057\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0058\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0059\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0060\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0061\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0062\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0063\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0064\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0065\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0066\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0067\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0068\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0069\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0070\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0071\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0072\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0073\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0074\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0075\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0076\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0077\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0078\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0079\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0080\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0081\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0082\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0083\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0084\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0085\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0086\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0087\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0088\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0089\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0090\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0091\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0092\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    C:\TDSSKiller_Quarantine\22.04.2012_20.42.54\zaea0093\svc0000\tsk0000.dta Win32/Sirefef.ER trojan
    F:\WinInstallers\1stAidDisk\virus&trojans\trojankiller-setup.exe probably a variant of Win32/Adware.IeDefender.NHA application
    F:\WinInstallers\adblockplus\cnet_simpleadblock1_0_9_msi.exe a variant of Win32/InstallCore.D application
    F:\WinInstallers\Games\Snake\eipcsnake.exe multiple threats
    F:\WinInstallers\Mp3 Wma Converter\Setup_FreeConverter.exe Win32/Toolbar.Widgi application
    F:\WinInstallers\Pranks\avoid.zip probably a variant of Win32/Agent.DKIVYTJ trojan
    F:\WinInstallers\Pranks\followme.zip probably a variant of Win32/Agent.FTGMOC trojan
    F:\WinInstallers\Pranks\printme.zip probably a variant of Win32/Agent.CDYNSKQ trojan
    F:\WinInstallers\Pranks\avoid\avoid.exe probably a variant of Win32/Agent.DKIVYTJ trojan
    F:\WinInstallers\Pranks\followme\followme.exe probably a variant of Win32/Agent.FTGMOC trojan
    F:\WinInstallers\Pranks\printme\printme.exe probably a variant of Win32/Agent.CDYNSKQ trojan
    F:\WinInstallers\Virus&trojans\trojankiller-setup.exe probably a variant of Win32/Adware.IeDefender.NHA application
    F:\WinInstallers\Virus&trojans\avg\AVG9\registrybooster.exe a variant of Win32/RegistryBooster application
    F:\WinInstallers\WExplorers\FreeCommander\fc_setup2-2009.exe a variant of Win32/Adware.ADON application
    F:\WinInstallers\Wipe\Unlocker\Unlocker1.9.1-x64.exe Win32/Adware.ADON application
    F:\WinInstallers\Wipe\Unlocker\Unlocker1.9.1.exe Win32/Adware.ADON application
  7. 2012-04-26, 19:43 #47
    jeffce
    jeffce is offline
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    The entries for the F Drive are Tools (usually to do with rescuing the machine) or Jokes - the Joke programs were from my old win 95 machine - like doing tricks with the cursor but always exited on pressing the Esc key.
    I see them. I am removing the ones that are threats only. If you want to still have them wait until we are complete to put them back on.
    ----------

    Run OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :Services

:Files
F:\WinInstallers\1stAidDisk\virus&trojans\trojankiller-setup.exe	
F:\WinInstallers\Games\Snake\eipcsnake.exe	
F:\WinInstallers\Pranks\avoid.zip	
F:\WinInstallers\Pranks\followme.zip	
F:\WinInstallers\Pranks\printme.zip	
F:\WinInstallers\Pranks\avoid\avoid.exe	
F:\WinInstallers\Pranks\followme\followme.exe	
F:\WinInstallers\Pranks\printme\printme.exe	
F:\WinInstallers\Virus&trojans\trojankiller-setup.exe	
F:\WinInstallers\WExplorers\FreeCommander\fc_setup2-2009.exe	
F:\WinInstallers\Wipe\Unlocker\Unlocker1.9.1-x64.exe	
F:\WinInstallers\Wipe\Unlocker\Unlocker1.9.1.exe	

:Commands
[purity]
[resethosts]
[emptytemp]
[clearallrestorepoints]
[start explorer]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot when it is done
    • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )


    In your next reply please post the logs made by OTL and let me know how your system is running now.
  8. 2012-04-27, 10:32 #48
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default OTL Report

    Hi

    here is the OTL Report;

    All processes killed
    ========== SERVICES/DRIVERS ==========
    ========== FILES ==========
    F:\WinInstallers\1stAidDisk\virus&trojans\trojankiller-setup.exe moved successfully.
    F:\WinInstallers\Games\Snake\eipcsnake.exe moved successfully.
    F:\WinInstallers\Pranks\avoid.zip moved successfully.
    F:\WinInstallers\Pranks\followme.zip moved successfully.
    F:\WinInstallers\Pranks\printme.zip moved successfully.
    F:\WinInstallers\Pranks\avoid\avoid.exe moved successfully.
    F:\WinInstallers\Pranks\followme\followme.exe moved successfully.
    F:\WinInstallers\Pranks\printme\printme.exe moved successfully.
    F:\WinInstallers\Virus&trojans\trojankiller-setup.exe moved successfully.
    F:\WinInstallers\WExplorers\FreeCommander\fc_setup2-2009.exe moved successfully.
    F:\WinInstallers\Wipe\Unlocker\Unlocker1.9.1-x64.exe moved successfully.
    F:\WinInstallers\Wipe\Unlocker\Unlocker1.9.1.exe moved successfully.
    ========== COMMANDS ==========
    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Dr Michael Foster
    ->Temp folder emptied: 1506333 bytes
    ->Temporary Internet Files folder emptied: 17139549 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 8985244 bytes
    ->Flash cache emptied: 456 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 494 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 26.00 mb

    Restore points cleared and new OTL Restore Point set!

    OTL by OldTimer - Version 3.2.40.0 log created on 04272012_072107

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Dr Michael Foster\Local Settings\Temp\~DFBF80.tmp not found!
    File\Folder C:\Documents and Settings\Dr Michael Foster\Local Settings\Temporary Internet Files\Content.Word\~WRS0001.tmp not found!
    C:\Documents and Settings\Dr Michael Foster\Local Settings\Temporary Internet Files\Content.IE5\11IADA0Y\showthread[3].htm moved successfully.

    Registry entries deleted on Reboot...

    SYSTEM BEHAVIOUR.
    Window's Explorer keeps crashing
    I have an odd directory/folder appear ComboFix in the C:/ Directory - when you click on it, it duplicates the "My Computer" window! See attached jpgs.
    I must have lost a few system files. I had certainly lost ping.exe, but replaced it with a copy from the other PC.

    Is there any way I can restore lost system files?

    Again thanks for your help
  9. 2012-04-27, 14:12 #49
    jeffce
    jeffce is offline
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    Please visit the site here and download vagetatool and save it directly to your C:\ folder. Once it is there run the tool and post the log that is related.
  10. 2012-04-27, 16:05 #50
    osjknights
    osjknights is offline
    Member
    Join Date
    Apr 2012
    Posts
    66

    Default Scan now halted

    Hi -
    I got this message at the start of the Vegetatool (which refers to itself as ComboFix) - "You are infected with Rootkit.ZeroAccess!
    It has inserted itself into the tcp/ip stack. This is a particularly difficult infection.
    If for any reason that you’re unable to connect to the internet after running ComboFix, reboot....." The app then moved onto a scan so I did not get the rest of the message - but basically suggests rebooting twice to return the connection to the Internet.

    However, after stage 50 was reached and files and folders have been deleted, it has hung up, and been like that for the last half hour!
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules