1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

virus Win32/sirefef.o

Discussion in 'Virus & Other Malware Removal' started by coryana12, Nov 1, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. coryana12

    coryana12 Thread Starter

    Joined:
    Nov 1, 2011
    Messages:
    5
    I REALLY need help my computer has this virus and I have tried everything to get it off. Windows defender cannot remove it and the virus wont let me use any of the anti virus programs and It is going crazy If someone could help me I would really appreciate it! Oh and the virus is Win32/Sirefef.o and also I dont know how to do the logs.
     
  2. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
    • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
    • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
    • The fixes are specific to your problem and should only be used for the issues on this machine.
    • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
    • It's often worth reading through these instructions and printing them for ease of reference.
    • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
    • Please reply to this thread. Do not start a new topic.


    IMPORTANT NOTE : Please do not delete anything unless instructed to.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
    Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.


    Vista and Windows 7 users:
    These tools MUST be run from the executable (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.
    ----------

    Please download DDS from either of these links

    LINK 1
    LINK 2

    and save it to your desktop.

    • Disable any script blocking protection
    • Double click dds to run the tool.
    • When done, two DDS.txt's will open.
    • Save both reports to your desktop.
    ---------------------------------------------------
    Please include the contents of the following in your next reply:

    DDS.txt

    Attach.txt
    ----------

    GMER

    Download GMER Rootkit Scanner from here or here.

    • Extract the contents of the zipped file to desktop.
    • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

      [​IMG]
      Click the image to enlarge it
    • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in your reply.


    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
    .
    ----------

    In your next reply please post the logs created by DDS and GMER. :)
     
  3. coryana12

    coryana12 Thread Starter

    Joined:
    Nov 1, 2011
    Messages:
    5
    Thank you so much. It wouldn't let me do the gmer but i was able to do the dds. the gmer would bring up a window then close out on its own.
     

    Attached Files:

  4. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi coryana12,

    **WARNING**Unfortunately one or more of the infections I have identified are Backdoor Trojans, IRCBots or other Malware capable of stealing very important information. You need to stop using all Internet Banking sites, change passwords to all sites with sensitive information from a clean computer and phone your bank to inform them that you may be a victim of identify theft. More often than not, we advise users that a full reinstallation of their Operating System is the only way to ensure that their computer will ever be 100% clean again.

    It looks like you have the ZeroAccess Rootkit on your system. It is one of the worst infections out there right now hands down. Even if we are able to remove the infection, it is possible that you will lose your internet connection completely. I would highly recommend that you format and reinstall your operating system completely.

    If you would like to format and reinstall your Operating System please let me know and I can assist you with that.

    If you would like to continue with the cleaning, please continue with the following instructions and I will be more than happy to help. :)
    ----------

    Please download TDSSKiller.zip
    • Extract it to your desktop
    • Double click TDSSKiller.exe
    • Press Start Scan
      • Only if Malicious objects are found then ensure Cure is selected
      • Then click Continue > Reboot now
    • Copy and paste the log in your next reply
      • A copy of the log will be saved automatically to the root of the drive (typically C:\)
     
  5. coryana12

    coryana12 Thread Starter

    Joined:
    Nov 1, 2011
    Messages:
    5
    i would like to reinstall my operating system if that would be the safest thing.
     
  6. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi coryana12,

    For the best guidance I would recommend that you post a new topic in the Windows Vista forum found here. They will be better able to help you with this more than I am able to do here. Be sure to post the link to the topic here so that the helpers there can see what it is that has been completed. :)
     
  7. coryana12

    coryana12 Thread Starter

    Joined:
    Nov 1, 2011
    Messages:
    5
    thank you
     
  8. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    You are more than welcome. :)
     
  9. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Since this topic seems to be resolved I will be unsubscribing. If you require further assistance please start a new topic. Glad that I could help. :)
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1024926

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice