[Inactive-A] Google tells me Sirefef.gen!c

[Broni]

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE

• Double-click SystemLook.exe to run it.
• Vista users:: Right click on SystemLook.exe, click Run As Administrator
• Copy the content of the following box and paste it into the main textfield:

Code:

:filefind
netbt.sys

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

[Obsession]

done.



SystemLook 30.07.11 by jpshortstuff
Log created at 19:04 on 16/05/2013 by Meo
Administrator - Elevation successful

========== filefind ==========

Searching for "netbt.sys"
C:\Windows\snack\netbt.sys --a---- 184320 bytes [09:54 01/05/2013] [02:24 21/01/2008] 7C5FEE5B1C5728507CD96FB4A13E7A02
C:\Windows\System32\drivers\netbt.sys ------- 184320 bytes [02:24 21/01/2008] [02:24 21/01/2008] CE8D311EAFB7FBA83920351FAD56843E

-= EOF =-

[Broni]

Did you create some "snack" folder in Windows directory:
C:\Windows\snack

I uploaded netbt.sys file from my Vista installation here: http://www.sendspace.com/file/9d7wsk since you don't have any healthy replacement.
Download it and paste it to the root C:\ directory.
Re-run System Look so I can see the file is in a right location.

[Obsession]

No i didnt create any folder in there. NO idea where the snack folder came from.

Its the vista that came preinstalled with the acer laptop - although that most likely should not make any difference in the makeup of the operating system- just tought id mention it.


i put the new downloaded file in the c:/ Root


SystemLook 30.07.11 by jpshortstuff
Log created at 23:25 on 16/05/2013 by Meo
Administrator - Elevation successful

========== filefind ==========

Searching for "netbt.sys"
C:\netbt.sys --a---- 185856 bytes [21:21 16/05/2013] [21:21 16/05/2013] ECD64230A59CBD93C85F1CD1CAB9F3F6
C:\Windows\snack\netbt.sys --a---- 184320 bytes [09:54 01/05/2013] [02:24 21/01/2008] 7C5FEE5B1C5728507CD96FB4A13E7A02
C:\Windows\System32\drivers\netbt.sys ------- 184320 bytes [02:24 21/01/2008] [02:24 21/01/2008] CE8D311EAFB7FBA83920351FAD56843E

-= EOF =

[Broni]

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:

FCopy::
C:\netbt.sys | C:\Windows\System32\drivers\netbt.sys 

Folder::
C:\Windows\snack

ClearJavaCache::

3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.




6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt

[Obsession]

got the combo fix on for 20 minutes now and its still doing the operation pretty sure somethings wrong gonna reboot and try to do it in safe mode.

[Broni]

OK...

[Broni]

Still with me?

[Obsession]

hmmm.. it didnt work
I took off for the weekend. back again, report later today gonna retry
otherwise il comeback with the error message.

[Broni]

Did you try to run Combofix fix from safe mode?

[Broni]

Still with me?

[Obsession]

Ive been real busy since my off time is over.
i'l try to come back to this somewhere during the week but i'l have to see.

I'd appreciate it if you can keep the thread open because i will get back to finish this.
regardless though thanks for all the help so far in cleaning up my laptop

il try to get back to this this week

[Broni]

[Broni]

Still with me?

[Broni]

This topic is marked as abandoned and closed due to inactivity.
This member will NOT be eligible to receive any more help in malware removal forum.