RootKit&TrojanViruses

Page 1 of 2 12 LastLast

  1. Posts : 20
    windows 7
       #1

    RootKit&TrojanViruses


    I have a Gateway computer, 64 bit, DX4822-01, with Intel pentium E5300 Dual Core, 2.6GHZ each, 6GB ram, and 1TB HDD, running Windows 7 Home Premium x 64 bit.

    I've been getting a red warning on my screen that says I have (1) a Rootkit.Sirefef.spy and (2) a Trojan.fakAV-Download viruses. I've had trouble downloading with message 'cannot be downloaded'. Occasionally one gets through.

    Does anyone out there have the expertise to help me delete these viruses.

    Any help will be appreciated.

    Haplyss
      My Computer


  2. Posts : 2,470
    Windows 7 Home Premium
       #2

    Welcome to the forum, haplyss!

    Please use the following diagnostic tool. It has a powerful detection mechanism, and may help us get to the cause of your issues:

    Please use the Farbar Recovery Scan Tool.
    Download: Farbar Recovery Scan Tool Download
    Select the version that applies to your system 64-bit
    Save it to your Desktop.
    Double-click the downloaded file to run it.

    When the tool opens click Yes to the disclaimer.
    At the program's console, press the Scan button.

    When done, the tool produces a log, FRST.txt, in the same directory from which the tool is run (Desktop).
    Please provide the FRST.txt in your reply.

    The first time the tool is run, it also makes another log: Addition.txt
    Also post the Addition.txt in your reply.


    Also, use the Farbar Service Scanner.
    Download: Downloading Farbar Service Scanner

    We will get a view of all services and dependencies scoped by the tool...

    Make sure the following options are checked:
    Internet Services
    Windows Firewall
    System Restore
    Security Center
    Windows Update
    Windows Defender

    Press: Scan
    When done, FSS creates a log, FSS.txt, on the Desktop.

    Please provide the FSS.txt in your reply.

    Thank you.
      My Computer


  3. whs
    Posts : 26,210
    Vista, Windows7, Mint Mate, Zorin, Windows 8
       #3

    From what did you get the warning. It could be a fake warning from some site that wnats your money.
      My Computer


  4. Posts : 20
    windows 7
    Thread Starter
       #4

    Hi, WHS,

    I hope I did this right. I'm sending all that was created, when running these programs.
    RootKit&TrojanViruses Attached Files
    Last edited by haplyss; 08 Mar 2014 at 21:06. Reason: Had trouble with FRST.txt
      My Computer


  5. Posts : 1,413
    Windows 7 Home Premium 64Bit
       #5

    You have three anti virus programs running, please choose one, i would recommend MSE or Avira.
    I noticed Ilivid which can be a pain.


    Please download Junkware Removal Tool to your desktop.

    • Shutdown your antivirus to avoid any conflicts.
    • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next reply message
    • When completed make sure to re-enable your antivirus

    Please download AdwCleaner by Xplode and save to your Desktop.


    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
    • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • Look over the log especially under Files/Folders for any program you want to save.
    • If there's a program you may want to save, just uncheck it from AdwCleaner.
    • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
    • If you're ready to clean it all up.....click the Clean button.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
    • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
    • To restore an item that has been deleted:
    • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
      My Computer


  6. Posts : 2,470
    Windows 7 Home Premium
       #6

    haplyss,

    In my previous instructions it was requested you post the FRST.txt, the Addition.txt, and the FSS.txt.

    Please post the FRST.tx in your reply!! Really need to see it.

    Thanks.


      My Computer


  7. Posts : 20
    windows 7
    Thread Starter
       #7

    I've been under the weather for several days. I've attached the only FRST.txt I have, and I've attached a copy of the virus warning notice. I sure hope these are helpful.
    Attached Thumbnails Attached Thumbnails RootKit&TrojanViruses-virus030520141150pm.jpg  
    RootKit&TrojanViruses Attached Files
      My Computer


  8. Posts : 2,409
    Windows 7 Professional 32-bit/Windows 8 64-bit/Win7 Pro64-bit
       #8

    haplyss said:
    I've been under the weather for several days. I've attached the only FRST.txt I have, and I've attached a copy of the virus warning notice. I sure hope these are helpful.
    That seems legitimate. Do you remember installing MSE? Do not use it if it asks for money because the real MSE is free. If it does, you should install Malwarebytes FREE and run a full scan.
      My Computer


  9. Posts : 20
    windows 7
    Thread Starter
       #9

    I think my brain is still in disaster area. I sent wrong file on virus warning. The attached is the current one I copied.
    Attached Thumbnails Attached Thumbnails RootKit&TrojanViruses-warninginfectedpc.1.png  
      My Computer


  10. Posts : 2,409
    Windows 7 Professional 32-bit/Windows 8 64-bit/Win7 Pro64-bit
       #10

    Now that's a fake warning. Install Malwarebytes and run it. Also, you should have no problem running mse afterwards.
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 22:25.
Find Us