Author Topic: Sirefef Trojan - Site redirects and more damage to my laptop  (Read 14789 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #15 on: March 17, 2012, 09:28:29 PM »
Is it stuck on the empty temp command ? If so then stop OTL and proceed with the other bits  ;D

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #16 on: March 17, 2012, 09:34:29 PM »
After i executed OTL, the laptop has frozen. No response whatsoever.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #17 on: March 17, 2012, 09:36:03 PM »
OK reboot and proceed direct to to TDSSKiller

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #18 on: March 17, 2012, 10:03:21 PM »
After I rebooted, I can't see the desktop icons and the laptop freezes again. Can't do any action.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #19 on: March 17, 2012, 10:12:28 PM »
OK can you get to safe mode ?

All OTL did was remove some references to an infected USB drive


ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #20 on: March 17, 2012, 10:18:45 PM »
Never mind. Had to reboot 4 or 5 times before the system came back normal. Ran TDSKiller . No threats found. Running Combofix now.

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #21 on: March 17, 2012, 10:28:13 PM »
Combofix indicated that the laptop is infected with the zeroaccess malware. The popup said the laptop will be rebooted by Combofix and that I shouldnt do a manual reboot. But the laptop isn't rebooting. Only explorer was closed.

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #22 on: March 17, 2012, 10:31:33 PM »
Did a manual reboot.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #23 on: March 17, 2012, 11:44:42 PM »
Could you post the combofix log please


ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #24 on: March 18, 2012, 01:04:51 AM »
Both LAN and Wireless are disabled now. Can't connect to Internet. How do I get back to Internet? Also, there is an application called Mini Broswer running behind whenever I lock the desktop.

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #25 on: March 18, 2012, 01:13:35 AM »
I am attaching the files from another computer.
« Last Edit: March 24, 2012, 05:25:08 AM by ssrisa »

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #26 on: March 18, 2012, 02:23:51 AM »
Ran FSS (farbar service scanner) scan with "Internet services" and "Windows Firewall" options.
Attached is the log file.
« Last Edit: March 24, 2012, 05:25:18 AM by ssrisa »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #27 on: March 18, 2012, 02:00:40 PM »
Quote
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

Download sharedacces.reg from here http://windowsxp.mvps.org/reg/sharedaccess.reg to your desktop
Double click the file and allow it to merge
Reboot


Then Go Start > Run and type/copy/paste the following command :


CMD /K NETSH FIREWALL RESET

Enter the command

Reboot

Then re-run Farbar and let me know if the net is working

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #28 on: March 18, 2012, 07:42:20 PM »
Added the reg file info. Also ran the windows command followed by FSS. Internet still not working.

ssrisa

  • Guest
Re: Sirefef Trojan - Site redirects and more damage to my laptop
« Reply #29 on: March 18, 2012, 07:54:28 PM »
Also, when I try to open Windows Firewall it says "Windows cannot start the Windows Firewall/Internet connection Sharing (ICS) service".