Saturday 4 February 2012

Το laptop της αδερφής μου.

Πριν μια βδομάδα με πήρε τηλέφωνο η αδερφή μου για να της φτιάξω το pc. Στο τηλέφωνο μου είπε ότι είχε προσβληθεί από κάποιο virus και δεν μπορούσε να μπει σε κανένα site. Ήθελε να του ρίξω μια ματιά με το logmein, ένα πρόγραμμα απομακρυσμένης βοήθειας. 

Βασικά δεν το είπε ακριβώς έτσι. Αυτό που είπε ήταν:

"Νίκο, αρρώστησε το computer μου και θέλω να το θεραπεύσεις. Δεν με βάζει στις σελίδες του google."

Ναι, δεν γνωρίζει την σωστή ορολογία των υπολογιστών. Για την ακρίβεια, οι γνώσεις της πάνω στους υπολογιστές είναι λίγο καλύτερες από του Ανδρέα, δηλαδή ξέρει να κάνει unzip.

Σήκωσα τα μανίκια και ξεκίνησα το logmein. Είχα νεύρα, γιατί ήξερα ότι όποτε αναλαμβάνω να βοηθήσω την αδερφή μου (ή τον πατέρα μου) με κάποιο πρόβλημα του υπολογιστή, αυτοί συνήθως πάνε και βλέπουν τηλεόραση, ενώ εγώ, με το remote desktop ξοδεύω το υπόλοιπο της ημέρας μου.

Τα πράγματα στον υπολογιστή της δεν ήταν τόσο απλά. Ανακάλυψα ότι κάποιο παράξενο redirect virus είχε εγκατασταθεί σε όλους του internet browsers με αποτέλεσμα οποιοδήποτε result του google search να σε κάνει redirect σε μια μαλακία σελίδα κάποιο malware με όνομα abnow.org.

Αλλά δεν ήταν μόνο αυτό. Δεν μπορούσα να κάνω update το service pack για κάποιο λόγω (ίσως δεν το υποστήριζε πια η microsoft). Επίσης δεν μπορούσα να κάνω reboot σε safe mode γιατί θα έχανα την σύνδεση της απομακρυσμένης βοήθειας. Και τέλος, με φρίκη είδα ότι τόσο καιρό το antivirus (avira antivir) όχι μόνο δεν ήταν updated αλλά δεν είχε ενεργοποιηθεί και ποτέ. Όταν δοκίμασα να κάνω update, μου είπε ότι δεν γίνετε μέχρι να βάλω service pack 3. Τα οποία όπως είχα πει πιο πριν, δεν γινόντουσαν update.. Αποφάσισα να κάνω ένα virus scan με τα outdated definintions. Πέρασαν 45 βασανιστικά λεπτά. Το αποτέλεσμα ήταν το πιο φρικτό θέαμα που είχα δει τον τελευταίο μήνα.


Avira / Windows Version 1.9.150.0
Copyright (c) 2010 by Avira GmbH
All rights reserved.

engine set:         8.2.8.48
VDF Version:        7.11.22.73

key file:           B:\Temp\HBCD\Avira\hbedv.key




Statistics :              
    Directories............... : 9819
    Files..................... : 123678
        Infected.............. : 335
            Ignored........... : 335
        Warnings.............. : 4
        Suspicious............ : 0
    Infections................ : 335
    Time...................... : 00:44:10




Για τους computerάδες το full log είναι στο τέλος της ανάρτησης. 

Για να μην πολυλογώ, αποκαρδιώθηκα. Όχι μόνο γιατί βρήκα περισσότερους ιούς από τους βουλευτές της βουλής, αλλά και γιατί το antivirus δεν μπόρεσε να τους σβήσει, και τους αγνόησε. Άρα έκανα μια τρύπα στο νερό. Πήγα για ύπνο, είδα εφιάλτες και το πρωί πήγα στην δουλεία.

Όταν με πήρε τηλέφωνο η αδερφή μου για να με ρωτήσει τι έγινε και τις εξήγησα το μέγεθος της καταστροφής, πανικοβλήθηκε. Την ρώτησα αν χρησιμοποιεί κάνεις άλλος τον υπολογιστή και μου είπε όχι. Μου έκανε εντύπωση, γιατί για να κολλήσεις 335 ιούς (αν και για την ακρίβεια είναι 335 μολυσμένα αρχεία), θέλει προσπάθεια. Δεν μπορεί να το κάνει ο οποιοσδήποτε. Τις εξήγησα, ότι δεν μπορώ να ασχοληθώ άλλο με το laptop της και καλύτερα να κάνει ένα backup και να τα σβήσει όλα. Ήταν σαν να της είπα να κάνει ευθανασία στο σκυλάκι της. Σχεδόν βόγκηξε από το τηλέφωνο. Μου είπε ότι θα πάει να αγοράσει ένα antivirus και της απάντησα ότι δεν χρειάζεται. Τα δωρεάν antivirus είναι πολύ καλύτερα από τα bloatware του Norton και McAfee. Δεν μπορούσε να το πιστέψει, και τις εξήγησα ότι και να τα αγόραζε δεν θα μπορούσε να τα εγκαταστήσει γιατί θα θελαν να βάλει το service pack 3 το οποίο όμως δεν έμπαινε γιατί η microsoft δεν υποστήριζε πια τα windows xp, οπότε έπρεπε ή να βάλει τα vista ή windows 7. Θα μπορούσα να μίλαγα και Καντονέζικα. Τα ίδια πράγματα θα καταλάβαινε. 

Αφού είδε ότι δεν θα την βοήθαγα άλλο, και δεν δεχόταν να κάνει format, αποφάσισε να ζητήσει την βοήθεια του συναδέλφου της που δούλευε στο τμήμα της μηχανοργάνωσης. Όταν είδα το γράμμα που του είχε γράψει, προκειμένου να σώσω την οικογενειακή μας υπόληψη, της είπα να φέρει το laptop σπίτι και θα το φτιάξω εγώ. Πέντε μέρες τώρα, με αυτό παιδεύομαι. Μέχρι και Ubuntu της έβαλα (δεν ξέρω τι με έπιασε, το έχω μετανοιώσει ήδη. Με ρώτησε τι διαφορές έχουν  τα 'Μπού-Ντού' από τα 'άλλα').


Το γράμμα της ντροπής
Και για όσους δεν βλέπετε καλά το γράμμα/εικόνα, ακολουθεί μετάφραση.

"Κύριε Πέτρο, 


Σας παρακαλώ τη βοήθεια σας!


Το lapatop μου έχει ιούς και θεραπεύεται μόνο με reset (σημ.μετ: εννοεί format)! Θα μπορούσατε να το κάνετε reset και να περάσετε τα απαραίτητα προγράμματα, windows 7 (τα έχετε?), office, κάποια καλά antivirus, logmein, firefox (σημ.μ: τρομάρα της, δεν θέλει και τo browser της microsoft), ένα για να βλέπω dvd και ένα για να βλέπω photos, nero, ένα λεξικό από και προς ελληνικά-αγγλικά, internet θα έχω wireless, adobe reader για να διαβάζω phd files (σημ.μετ. εδώ σκέφτηκα να κόψω τις φλέβες μου και να αλλάξω επίθετο), winzip, (skype το κατεβάζω και εγώ) (σημ.μετ.: αλίμονο! για ποια την περάσατε?), και είχα ένα πρόγραμμα olympus digital wave player για μικροφονάκι (σημ.μετ: ιδέα δεν έχω τι εννοεί), ή να το ξαναβρώ (download)


Ακόμα έχω ένα φάκελο, συντόμευση για incoming τραγούδια από e-mule (σημ.μετ: τώρα καταλάβατε πως κόλλησε 335 ιούς ε?), δεν τα έχω σώσει γιατί δεν ξέρω αν έχουν ιους. Μπορείτε να δείτε και ότι είναι οκ να το σώσετε στο σκληρό.


ΘΑ ΜΕ ΣΩΣΕΤΕ!


Δεν έχω λόγια να σας ευχαριστήσω!


Βάνια


(ακολουθεί το κινητό της)"
-


Και το πλήρες log του virus scan. 


Avira / Windows Version 1.9.150.0
Copyright (c) 2010 by Avira GmbH
All rights reserved.


engine set:         8.2.8.48
VDF Version:        7.11.22.73 


key file:           B:\Temp\HBCD\Avira\hbedv.key
registered user:    Avira AntiVir Personal - Free Antivirus
serial number:      0000149996
key expires:        Nov 30 2012


Command line: scancl.exe --logformat=singleline --quarantine=c:\Quarantine --logappend --log=scan.log --colors --heurlevel=2 --defaultaction=clean --suspiciousaction=clean c: 


configuration file: B:\Temp\HBCD\Avira\scancl.conf
 ALERT: [TR/ATRAPS.Gen2] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\00000001.@ <<< Is the Trojan horse TR/ATRAPS.Gen2
 ALERT: [TR/Redirector.BF.1] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\000000c0.@ <<< Is the Trojan horse TR/Redirector.BF.1
 ALERT: [TR/Redirector.BF] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\000000cb.@ <<< Is the Trojan horse TR/Redirector.BF
 ALERT: [TR/Dldr.Agent.gyal] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\000000cf.@ <<< Is the Trojan horse TR/Dldr.Agent.gyal
 ALERT: [TR/Offend.kdv.488489] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\800000c0.@ <<< Is the Trojan horse TR/Offend.kdv.488489
 ALERT: [TR/ATRAPS.Gen2] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\800000cb.@ <<< Is the Trojan horse TR/ATRAPS.Gen2
 ALERT: [TR/Sirefef.J.615] c:\Documents and Settings\User\Local Settings\Application Data\e96fbce3\U\800000cf.@ <<< Is the Trojan horse TR/Sirefef.J.615
WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (1073741824) reached] c:\Documents and Settings\User\?p?f??e?a e??as?a?\BACKUP PHD 1.2.2010\ACTIONS PROGRAMMES\crime\daphneiii-factsheet-2008 daphne.pdf
WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (1073741824) reached] c:\Documents and Settings\User\?p?f??e?a e??as?a?\BACKUP PHD 1.2.2010\EUROPEAN UNION\???es e?e??e?\eurobarometer.pdf
WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (1073741824) reached] c:\Program Files\Ahead\Nero BackItUp\NeroBackItUp_eng.pdf
WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (1073741824) reached] c:\Program Files\Ahead\Nero SoundTrax\NeroSoundTrax_eng.pdf
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\$NtServicePackUninstall$\hidserv.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Rootkit.Gen] c:\WINDOWS\$NtServicePackUninstall$\redbook.sys <<< Is the Trojan horse TR/Rootkit.Gen
 ALERT: [TR/ATRAPS.Gen2] c:\WINDOWS\assembly\GAC_MSIL\Desktop.ini <<< Is the Trojan horse TR/ATRAPS.Gen2
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\A88xTuner.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\A88xXBar.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\acedrv07.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\acnusvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\acrotray.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\addfiltr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\adpu320.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\advservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\afd.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\AFGMp50.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\AFGSp50.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ahcix86s.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\AIRPLUS.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\aliadwdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\amusbprt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\anio.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\apfiltrservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ARSVC.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\AsDsm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ASInsHelp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\aslm75.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\asp.net_1.1.4322.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\atapi.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\atiavpci.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\atikmdag.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\atinrvxx.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ativraxx.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\atmarpc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\avg7alrt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\avg7core.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\avgclean.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\avgems.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\avinitnt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\AVWLP_USB.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\aw_host.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\backupclientsvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\BCM43XV.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\bc_tdi_f.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\bdselfpr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\beatjamupnpmusicserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\beep.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\bocdrive.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\BoiHwsetup.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\BRGSp50.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\bthenum.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\btwusb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\c-dillacdac11ba.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cbidf.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cccredmgr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cdr4_xp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cdvp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cics.region2.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\citrixwmiservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\clnt_clientman.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cmuda3.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\com4qlb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\compbatt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cportclm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\cq_mem.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\CTEDSPFX.DLL.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\CTEXFIFX.DLL.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ctxcpusched.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ctxcpuusync.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\CX88ENC.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\db2.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\db2governor.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\DELTA.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\DfwWebAgent.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\DivisCTS.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\dlaudfam.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\dlbx_device.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\dm1service.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\dot4.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\dsproct.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\dtscsi.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\E1000.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\eabfiltr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\EACSvrMngr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\eaphost.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\EAWDMFD.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\EL2000.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\enecbpth.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\epfw.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\Epiusb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\epoxusdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ESMCR.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\eventclientmultiplexer.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\F700iat.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\FINEPIX_PCC.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\fsbwsys.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\fsdfwd.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ftpds.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\FTSER2K.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\g400.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GBFSHook.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GcKernel.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GENERICDRV.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ggsemc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GoBack2K.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GoogleDesktopManager-010708-104812.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\googledesktopmanager.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GT891x.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\gv3.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\GV600_4.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\haspnt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hcwPP2.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hddsvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hidgame.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hnmsvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hpconfig.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\HPFECP20.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hpqddsvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\hSONYPVh.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\iaimfp1.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ibmasrex.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\iisadmin.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\InCDsrvR.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\int15.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\Intels51.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ip6fw.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ipinip.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ipnat.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\issuser.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\iwebcal.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\jaguar.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\JavaQuickStarterService.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\jukebox3.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\k750mdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\KMW_SYS.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\lckfldservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\LMIRfsDriver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\lpds.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\lusbaudio.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\lvpopflt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\lxbs_device.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\MailService.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\MASPINT.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\MA_CMIDI.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mclserviceatl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mcsysmon.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mctskshd.exe.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mediaviewer.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\messenger.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mfeavfk.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\milshieldcleaner.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mod7700.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mpfp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mrobeservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\MSTAPE.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mstdc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mstdfrgs.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\Mtlmnt5.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\mwspollserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\MXOPSWD.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\n3900.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\napagent.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ndis.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ndproxy.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\netbt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\netrcacm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NETw4v32.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\nfsds.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\nipxirmu.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\nm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NsTrcNT.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ntpr_nic_service2.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NTSIM.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\nv4.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NVR0FLASHDev.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NWADI.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NWDNS.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\NxNetMon.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\odysseyIM3.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\OEM02Vfx.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\omniinet.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\omniserv.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\omniusbl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\oracleorahometnslistener.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\oracleservicesecinst.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ossrv.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ovepstatusengine.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\OVT511Plus.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pageserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\parvdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pcandis5.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pccsmcfd.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pcctlcom.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pclepci.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pcmcia.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pcradminserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\PCTINDIS5.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\PD0620VID.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pdagent.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pdlnecfg.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pdreli.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pelusblf.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\PEVSystemStart.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pfmodnt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pgpsdkservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pinetmgr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\PNDIS5.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pnkbstrb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ppped.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ProcObsrv.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\prosync1.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pvservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pwisvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\pxfhmdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\PXRDDriver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\qbcfmonitorservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\RDID1007.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\rdpdr.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\regmon701.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\relational.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\retrowdsvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\revudfservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\RimSerPort.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\roxwatch9.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\RR2Vbi.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\rslinxng.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\rsvp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\rt2500usb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\RTLE8023xp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\s217mdfl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\s217mgmt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SaiNtBus.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SbcpHid.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sbiesvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sdcoreservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\se26unic.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SE27mdfl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SE2Ebus.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\se45unic.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SenFiltService.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sfhlp02.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sfsync02.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SGHIDI.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sis162u.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\slapd-data52.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\slave.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SMCB000.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\smcirda.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\smservauth.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\smservaz.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SMTPSVC.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\smwdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SNDO763.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\snpstd.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\spbbcsvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\speakerphone.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\Spsmqvsm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SQTECH9080.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sr_watchdog.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sscdmdfl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ssm_mdm.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ssscsisv.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\stisvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\StkAMini.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\StkScan.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\SymIMMP.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\symproxysvc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\sym_hi.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\TcUsb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\tdpipe.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\tdrpman174.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\termdd.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\TestHandler.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\tfsnudf.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\thinkpadmodemservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\tifm21.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\tosrfusb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\tvs.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\U2SP.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\udfs.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\UimBus.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ulcdrhlp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\UMPass.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ups.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\USA49W.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\USBCamera.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\usbccgp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\usbmate.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\USBMN1X1.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\usbsermptxp.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\USB_RNDIS.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\USB_RNDIS_XP.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\usr11g.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\v124.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\VAIOMediaPlatform-MusicServer-UPnP.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\vaiomediaplatform-photoserver-appserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ventrilo.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\vet-filt.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\viamraid.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\vmnetuserif.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\vpnva.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\VrAcFil.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\vtserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wacommousefilter.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wampmysqld.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wanusb.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\websenselogserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\websenseuserservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\websensewfreportserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wencrservice.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wg5n.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\WIBUKEY.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\winpower.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\winpowerrmi.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\WINUSB.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wlmel51b.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wmccds.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wmiaprpl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\WMIService.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\ws2ifsl.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\wsearch.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\Wtcls2k.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\XDva004.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\xfactorae1.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\xnacc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\xpadminserver.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\YahooAUService.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\zebrbus.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\zebrmdmc.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\zendcoreapache.dll <<< Is the Trojan horse TR/Sirefef.BP.1
 ALERT: [TR/Sirefef.BP.1] c:\WINDOWS\system32\{95808DC4-FA4A-4c74-92FE-5B863F82066B}.dll <<< Is the Trojan horse TR/Sirefef.BP.1
                                                                               

Statistics :              
    Directories............... : 9819
    Files..................... : 123678
        Infected.............. : 335
            Ignored........... : 335
        Warnings.............. : 4
        Suspicious............ : 0
    Infections................ : 335
    Time...................... : 00:44:10