Trojan.Sirefef virus, problems removing it


  1. Posts : 2
    Windows 7 Professional x64
       #1

    Trojan.Sirefef virus, problems removing it


    Since a couple of days, Microsoft Security Essentials has been giving alerts about Trojan.Win32(and 64)/Sirefef.(various shit)

    Says it succeeds in removing them but they return every couple of minutes. Reboot after removal didn't help a thing, nor running Malwarebytes and TDSSkiller.

    Any advice? Preferably some fancy combofix method with logs, conventional antivirus solutions haven't shown to help so far.

    Thanks in advance!
      My Computer


  2. Posts : 1,533
    Windows 7 Professional x64 Service Pack 1
       #2

    iDennisW said:
    Since a couple of days, Microsoft Security Essentials has been giving alerts about Trojan.Win32(and 64)/Sirefef.(various shit)

    Says it succeeds in removing them but they return every couple of minutes. Reboot after removal didn't help a thing, nor running Malwarebytes and TDSSkiller.

    Any advice? Preferably some fancy combofix method with logs, conventional antivirus solutions haven't shown to help so far.

    Thanks in advance!
    Try running Malwarebytes in Safe Mode and be sure to remove everything that comes up (make sure their checkboxes are enabled) Also, clear out all of your browser's cache. In Internet Explorer, click on the gear in the top right and select internet options. Then, find where it says browsing history in the middle of the page and click on delete. In the window that pops up, check all of the checkboxes except the one at the top that says "preserve favorite's website data" and select delete.
      My Computer


  3. Posts : 2
    Windows 7 Professional x64
    Thread Starter
       #3

    Cleared the cache, went into safe mode to run MalwareBytes but it shut down the computer halfway through the scan twice in a row; weird.

    Anyway, MSE is still detecting the trojans every couple of minutes, got any more suggestions?
      My Computer


  4. Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       #4

    In a case where a PC is compromised by a rootkit, your best & safest option is to do a clean install. Cleaning out a rootkit isn't easy and there's always the chance that something was left behind.

    Clean Install Windows 7

    If however you do not have this option or wish to try & save the PC, have a look at this site & follow the directions:

    How to completely remove ZeroAccess/Sirefef rootkit (Removal Guide)

    If the infection is still present, try running one of these tools:

    Trojan.Zeroaccess Removal Tool | Symantec

    This tool is designed to remove the infections of Trojan.Zeroaccess and Trojan.Zeroaccess.B.

    Norton Power Eraser (This tool includes a rootkit scan)

    Norton Power Eraser | Free Tool |Easily remove scamware that traditional virus scanning can

    Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully. If you accidently remove a legitimate program, you can run Norton Power Eraser to review past repair sessions and undo them.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:31.
Find Us