Trojan win64/ sirefef.b and .J


  1. Posts : 82
    Win 7 64bit Ultimate
       #1

    Trojan win64/ sirefef.b and .J


    Dell laptop has sirefef.b trojan sirefef.j trojan and win32/alureon.TK

    These are all trojans.

    The laptop has MicSecEssentials, and malwarebytes free version, both of which I put onto the computer after the viruses were there.

    system Specs:
    Dell Inspiron
    intel i3 2130 2.3 ghz
    4gb ddr3 ram
    hd graphics 3000
    Win 7 64

    I wanted professional help to deal with these problems and I do not trust many random websites. Please assist! Any help will be greatly appreciated.

    -Mike
      My Computer


  2. Posts : 3,139
    Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
       #2
      My Computer


  3. Posts : 82
    Win 7 64bit Ultimate
    Thread Starter
       #3

    I was reading that one of these trojans will edit registry files and that the removal of the virus is complicated until these registry files are fixed.

    Is this true? If so, what tool should I use.

    Also, the Microsoft security essentials keeps detecting the threats and "successfully" removing them, but then it re-detects them 5 minutes later. What can I do to change this? Will the program that you linked me to be more effective at removing these viruses?

    Sorry about all the questions, Please advise

    -Mike
      My Computer


  4. Posts : 3,139
    Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
       #4

    You can boot off AVG's CD

    Rescue CD | PC Rescue and Repair Toolkit | AVG Worldwide

    This should help...
      My Computer


  5. Posts : 82
    Win 7 64bit Ultimate
    Thread Starter
       #5

    Also I ran the scan tool from microsoft and it did not find anything in quick scan??? yet MSE still reports these trojans??
      My Computer


  6. Posts : 3,139
    Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
       #6

    For what it's worth, I read in a post Kapersky was the only one to remove win32/alureon.T. Again, your mileage may vary. Also, remember not to keep two virus scanners on one system.
      My Computer


  7. Posts : 82
    Win 7 64bit Ultimate
    Thread Starter
       #7

    upon removal of the sirefef.b trojan sirefef.j trojans the computer would not even boot into windows.

    I really need some way to fix the registry before removing the virus, as the removal of the virus destroys the files and subsequently does not allow windows boot.

    Anyhow, that is what I believe is going on
      My Computer


  8. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #8

    Hi, Beast52702.

    What is going on is, based on the findings of MSE, it appears your computer is infected with a rootkit known as ZeroAccess.

    ZeroAccess (Max++) Rootkit (aka: Sirefef) is a sophisticated rootkit that uses advanced technology to hide its presence in a system and can infect both x86 and x64 platforms. ZeroAccess is similar to the TDSS rootkit but has more self-protection mechanisms that can be used to disable anti-virus software resulting in "Access Denied" messages whenever you run a security application. For more specific information about this infection, please refer to:


    This type of infection allows hackers to access and remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

    If you do any banking or other financial transactions on the PC or if it contains any other sensitive information, then from a clean computer, change all passwords where applicable. It would also be wise to contact those same financial institutions to appraise them of your situation.

    I suggest you take a look at the following link: How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?. If you wish to format, there are very helpful tutorials here at Seven Forums on how to proceed.

    Should you wish to attempt cleanup, we can try, however, no guarantees that you can trust it will be 100% secure afterwards. In addition, since you have already attempted removal, not knowing what has been done, those attempts may make it more difficult to remove.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 19:24.
Find Us