Please help
ComboFix seems to have found it and deleted it
ComboFix 12-07-16.01 - Tytanis 07/16/2012 19:15:05.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.3048 [GMT -4:00]
Running from: c:\users\Tytanis\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C}
FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
SP: Bitdefender Antispyware *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
c:\program files (x86)\alotappbar
c:\program files (x86)\alotappbar\alotUninst.exe
c:\program files (x86)\alotappbar\bin\alotappbar.dll
c:\program files (x86)\alotappbar\bin\alothelper.dll
c:\program files (x86)\alotappbar\bin\alotsettings.exe
c:\program files (x86)\alotappbar\bin\alotwidgets.exe
c:\program files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
c:\program files (x86)\Blinkx
c:\program files (x86)\Blinkx\blinkx.ico
c:\program files (x86)\Blinkx\blinkxss.exe
c:\program files (x86)\Blinkx\blinkxstop.exe
c:\program files (x86)\Blinkx\lang.dll
c:\program files (x86)\Blinkx\templates\beat.ico
c:\program files (x86)\Blinkx\templates\index.html
c:\program files (x86)\Blinkx\templates\noflash.html
c:\program files (x86)\Blinkx\templates\offline.html
c:\program files (x86)\Blinkx\templates\offline.swf
c:\program files (x86)\Blinkx\templates\uninstall.exe
c:\program files (x86)\Brand Affinity Technologies
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\ChromeInstaller.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\ChromeInstaller.InstallState
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\Fantapper.crx
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\Fantapper.xpi
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FirefoxInstaller.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FirefoxInstaller.InstallState
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FT_Enabled.ico
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FT_Plugin_Installer.jpg
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\IEInstaller.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\OpenIE.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\OpenIE.InstallState
c:\program files (x86)\Brand Affinity Technologies\Fantapper Updater\FantapperUpdater.exe
c:\program files (x86)\Brand Affinity Technologies\Fantapper Updater\FantapperUpdater.InstallState
c:\program files (x86)\Brand Affinity Technologies\Fantapper Updater\FT_Enabled.ico
c:\program files (x86)\Brand Affinity Technologies\Fantapper Updater\FT_Plugin_Installer.jpg
c:\programdata\1341363811.1148.bin
c:\programdata\1341363811.1892.bin
c:\programdata\1341363811.3444.bin
c:\programdata\1341363811.4756.bin
c:\programdata\1341363811.6604.bin
c:\programdata\1341363811.6836.bin
c:\programdata\1341363811.8172.bin
c:\programdata\1341363811.8472.bin
c:\programdata\1341363811.8876.bin
c:\programdata\1341363811.9200.bin
c:\programdata\1341363811.9444.bin
c:\users\Tytanis\AppData\Local\{d4a2ec13-02dc-4b9b-ce71-f13f92251fb5}
c:\users\Tytanis\AppData\Local\{d4a2ec13-02dc-4b9b-ce71-f13f92251fb5}\L\1afb2d56
c:\users\Tytanis\AppData\Local\{d4a2ec13-02dc-4b9b-ce71-f13f92251fb5}\n
c:\users\Tytanis\Documents\lol.exe
c:\windows\7Loader.TAG
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
Hello
The removal tools for Sirefef are posted in a pinned topic:
http://forum.bitdefender.com/index.php?showtopic=29525
Thank you!
Hello The removal tools for Sirefef are posted in a pinned topic: http://forum.bitdefender.com/index.php?showtopic=29525 Thank you!
Yes, I did try the BitDefender tool first but it did not succeed.
Try Tool from XXXXX
(Run as administrator of course)
Try Tool from XXXXX(Run as administrator of course)
Don't need to. As I stated, ComboFix worked flawlessly and removed other malware that were not detected as well.
We will further investigate your case.
In order to be able to further investigate the reported situation we need a bit more information from your computer as follows:
. A BDSYS log;
[how to GENERATE A BDSYS LOG]
. Save and extract the BDSYS tool to a location of your choice:
http://www.bitdefender.com/files/Knowledge.../BDSysLog_i.exe
. Make sure you close all active applications and then run "BDSysLog_i.exe"; If you receive a firewall alert,select to Allow the application to connect;
. Click the "Create log" button to start generating the log; A progress bar is indicating that the tool is creating the report;
. When the small window appears with the message "Log saved" then the report is complete and a new file named "bdsyslog.zip" has appeared on your Desktop;
. Upload that file on
http://www.sendspace.com
or
http://www.mediafire.com
and send me a PM with the download link.
If you were already asked to generate the log file, disregard the message above and just post the ticket ID.
IMPORTANT:
.During this process the Real Time Protection in Bitdefender must be temporarily disabled;
.If you receive a Bitdefender Firewall alert to inform you that BDSysLog_i.exe tries to connect to the internet,then you need to select Allow;
[how to DISABLE THE ANTIVIRUS PROTECTION in Bitdefender 2012]
In order to disable the antivirus protection, please open Bitdefender and click the "Settings" button in the upper side part of the interface"; In the new window go to "Antivirus" > "Shield" tab and click on "ON" under On-access scanning. Select the time interval that suites your troubleshooting needs and click "OK". The On-access scanning should be enabled back after finishing the troubleshooting procedure.
[how to DISABLE THE ANTIVIRUS PROTECTION in Bitdefender 2013]
Also, please send me the contents of this folder:
c:\Qoobox
We will get back to you as soon as the analysis is complete.
Have a nice day.
