Jay Pfoutz
Posts: 4,279 +49
Okay, look forward to it. (y)
Solved Infected with Win64:Sirefef-A, Win32:Sirefef-PF and Win32:Atraps-PF - Windows XP SP3
- Thread starter Korcas
- Start date
- Status
Jay Pfoutz
Posts: 4,279 +49
Enable autorun by following steps outlined here: http://autorun.moonvalley.com/enable.htm
Okay, here we go again:
Cleaned System restore.
Ran OTC without issues.
Ran TFC, unfortunately that froze, and I had to redo it from safe mode. Didn't ask for a reboot, so I did it manually.
Ran Security check, here the log:
Results of screen317's Security Check version 0.99.42
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.62.0.1300
Free Windows Registry Cleaner 2.0
Java(TM) 6 Update 30
Java version out of Date!
Adobe Flash Player 11.3.300.262
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Alwil Software Avast5 afwServ.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive H::
````````````````````End of Log``````````````````````
This also leads me to my next few questions:
1. Do you believe, that, at this point, it's safe to log back into my e-mail account, paypal, etc? I've already changed my passwords at work, and didn't log into either with this computer since then.
2. How do I safely update Java and flash? Any surefire way?
After rebooting with OTC, for some reason my Avast chest popped up, with the two system volume files that I had previously deleted from quarantine back in there. I deleted them again, and am currently running an avast scan, to see if they were restored for some reason.
Cleaned System restore.
Ran OTC without issues.
Ran TFC, unfortunately that froze, and I had to redo it from safe mode. Didn't ask for a reboot, so I did it manually.
Ran Security check, here the log:
Results of screen317's Security Check version 0.99.42
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.62.0.1300
Free Windows Registry Cleaner 2.0
Java(TM) 6 Update 30
Java version out of Date!
Adobe Flash Player 11.3.300.262
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Alwil Software Avast5 afwServ.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive H::
````````````````````End of Log``````````````````````
This also leads me to my next few questions:
1. Do you believe, that, at this point, it's safe to log back into my e-mail account, paypal, etc? I've already changed my passwords at work, and didn't log into either with this computer since then.
2. How do I safely update Java and flash? Any surefire way?
After rebooting with OTC, for some reason my Avast chest popped up, with the two system volume files that I had previously deleted from quarantine back in there. I deleted them again, and am currently running an avast scan, to see if they were restored for some reason.
Jay Pfoutz
Posts: 4,279 +49
SystemVolumeInformation is just System Restore. No biggie.
Should be safe to do so. Although, this article might be worth reading: http://krebsonsecurity.com/2012/07/banking-on-a-live-cd/
Java Update!
Please download the newest version of Java from Java.com.
Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.
Once old versions are gone, please install the newest version.
Personal Tips on Preventing Malware
See this page for more info about malware and prevention.
If you would like, consider optionally donating.
Any other questions before I mark this topic solved?
Should be safe to do so. Although, this article might be worth reading: http://krebsonsecurity.com/2012/07/banking-on-a-live-cd/
Java Update!
Please download the newest version of Java from Java.com.
Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.
Once old versions are gone, please install the newest version.
Personal Tips on Preventing Malware
See this page for more info about malware and prevention.
If you would like, consider optionally donating.
Any other questions before I mark this topic solved?
Jay Pfoutz
Posts: 4,279 +49
Let's do one more run-through of this tool, then...
New log from ComboFix
We would like to see a ☆new log☆ from ComboFix. Please find the ComboFix icon on your Desktop, and double-click on it. Once it finishes running, post the new log.
New log from ComboFix
We would like to see a ☆new log☆ from ComboFix. Please find the ComboFix icon on your Desktop, and double-click on it. Once it finishes running, post the new log.
Jay Pfoutz
Posts: 4,279 +49
Okie dokie. Looking forward to it, friend!
Okay. It looks like I solved it. We don't need to worry anymore. The issue was just related to a few services running into dead ends while trying to start. I removed those services and/or fixed whatever else was going into the wrong direction. It looks like I'll have to do some more spring cleaning on this machine, but we seem to be virus free!
Jay Pfoutz
Posts: 4,279 +49
- Status
Similar threads
Latest posts
-
Ford is losing boatloads of money on every electric vehicle sold- letsgoiowa replied
-
Generative AI could soon decimate the call center industry, says CEO- pcnthuziast replied
