Sirefef Removal!

[NeroDevil]

Help guys, BitDefender just alerted me about being infected by the Sirefef trojan. These are the two particular variants BitDefender can't seem to remove:

*Sirefef.A - C:/Windows/System32/services.exe
*Sirefef.GY - C:/Windows/Installer/{84d3bf12-3c1a-e026-8b4e-76a071be099b}/U/00000004.@

Any idea how I can remove this bugger? :huh: Running Windows 8 Consumer Preview x64

 

[Borg 386]

Since this is a rootkit, the best/safest option would be a clean install.

You can try this tool - TDSSKiller

Anti-rootkit utility TDSSKiller

When the removal tool first launches, make sure to click on "Change parameters" & check all the boxes.

You could try the Windows 8 Recovery Options also:

http://www.dedoimedo.com/computers/windows-8-recovery.html

 

[Petey7]

I would take a look here: sirefef dot com :: virus removal instructions

It has specific instructions for manually removing sirefef. According to them TDSSKiller will not remove competely by itself.

Personally, I recommend a clean install, or if you have a system image, restore that.

 

[ernesteengle]

sirefe!cfg Virus

The particuarly viscious virus named sierfe!cfg totally locked me out of my computer. I got around it by using Windows SAFE boot and then did a complete system scan using Microsoft Security Essentials and it foune and deleted the Trojan Virus named sirefe!cfg All is OK now. However I am concerned that Microsoft Security Essentials permitted the virus to enter my computer ???? !!!!

The upon system lockout the virus present a screen that appears to be from the FBI telling me that I have violated some federal regulation and that the only way to unlock my computer is to purchase a Green Dot Money Card and then enter the ID number of that card into the "FBI" screen. The Gree Dot Card was to cost $200.00

I sent everything to the FBI and to Microsoft hopiing they can prevent this from happening to others.

E3

 

[Jacee]

ernesteengle, this is 'ransom' ware .... don't send any money!!

 

[Layback Bear]

To be safe I recommend changing all passwords using a computer that has not been infected.

 

[alikhan]

The particuarly viscious virus named sierfe!cfg totally locked me out of my computer. I got around it by using Windows SAFE boot and then did a complete system scan using Microsoft Security Essentials and it foune and deleted the Trojan Virus named sirefe!cfg All is OK now. However I am concerned that Microsoft Security Essentials permitted the virus to enter my computer ???? !!!!

The upon system lockout the virus present a screen that appears to be from the FBI telling me that I have violated some federal regulation and that the only way to unlock my computer is to purchase a Green Dot Money Card and then enter the ID number of that card into the "FBI" screen. The Gree Dot Card was to cost $200.00

I sent everything to the FBI and to Microsoft hopiing they can prevent this from happening to others.

E3

GOod Job that you contact microsoft .I hope they will update about this trojan in their updates....... Thanks for sharing the info with us .