Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
need some help with removing trojan win64\sirefef.y
« previous
next »
Print
Pages:
1
2
3
[
4
]
5
6
...
9
Go Down
Author
Topic: need some help with removing trojan win64\sirefef.y (Read 38963 times)
0 Members and 1 Guest are viewing this topic.
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #45 on:
June 19, 2012, 07:32:52 PM »
ok
«
Last Edit: June 19, 2012, 07:35:59 PM by cool_gecko
»
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #46 on:
June 19, 2012, 07:34:58 PM »
Got it
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #47 on:
June 19, 2012, 07:40:48 PM »
Download fixlist.txt to the same USB as FRST
Run FRST as before but this time select FIX
After the fix has completed reboot to normal windows
If that fails then I will search and replace the services file
«
Last Edit: June 19, 2012, 07:49:04 PM by essexboy
»
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #48 on:
June 19, 2012, 07:44:59 PM »
got it.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #49 on:
June 19, 2012, 07:55:42 PM »
If you achieve normal windows then do the following
Download and Install Combofix
Download
ComboFix
from one of the following locations:
Link 1
Link 2
VERY IMPORTANT !!!
Save ComboFix.exe to your
Desktop
*
IMPORTANT
-
Disable your AntiVirus and AntiSpyware applications
, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link
here
Double click on
ComboFix.exe
& follow the prompts.
Accept the disclaimer and allow to update if it asks
When finished, it shall produce a log for you.
Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #50 on:
June 19, 2012, 08:01:22 PM »
opened fixlog from notepad*, the 1st item was "moved successfully", the other 3 were "not found".
edit: *this is from system recovery options -> command prompt.
«
Last Edit: June 19, 2012, 08:04:34 PM by cool_gecko
»
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #51 on:
June 19, 2012, 08:13:18 PM »
about a minute or two after the desktop is done loading, MSE still tries to remove it, and says it has to reboot. it's services.exe.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #52 on:
June 19, 2012, 08:24:41 PM »
OK lets replace it via FRST
Start FRST and in the search box Type:
services.exe
Then press search .. It will then list the locations of all instances of that file
Copy that here and I will make a replace fix
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #53 on:
June 19, 2012, 08:35:57 PM »
ok.
«
Last Edit: June 30, 2012, 11:11:25 AM by cool_gecko
»
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #54 on:
June 19, 2012, 08:40:11 PM »
Same again to switch .. Download fixlist.txt to the USB
Allow it to over write then again press Fix
You should now get into windows to start combofix
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #55 on:
June 19, 2012, 09:06:43 PM »
in Windows now. that error message is gone now. trying to disable all security software when it told me it found something running (which I thought I disabled already), then clicked OK. No window popped up from combofix or anything, so I went to see if it was running. everything froze up.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #56 on:
June 19, 2012, 09:09:27 PM »
OK lets skip combofix now as I was going to use that to replace the services.exe
If you could run an OTL quick scan selecting all users and attach the log
Also let me know how the computer is behaving at the moment .. Any anomolies
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #57 on:
June 19, 2012, 09:12:13 PM »
after killed some security tasks (old av that didn't do anything), and clicked OK, I can't get to task manager, start menu, or anything, but the widgets appear to be running. so is combofix running or should I reboot?
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: need some help with removing trojan win64\sirefef.y
«
Reply #58 on:
June 19, 2012, 09:14:04 PM »
If you have hard drive activity and the balck/green box is counting through the stages then it is working
If not then reboot
Logged
cool_gecko
Guest
Re: need some help with removing trojan win64\sirefef.y
«
Reply #59 on:
June 19, 2012, 09:26:15 PM »
ok, rebooted. running OTL scan now.
Logged
Print
Pages:
1
2
3
[
4
]
5
6
...
9
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
need some help with removing trojan win64\sirefef.y