Infected with Sirefef malware
Hello,
Somehow, I've got a virus.
Eset discovered...
11/7/2011 6:03:27 PM Startup scanner file Operating memory » explorer.exe(3844) probably a variant of Win32/Sirefef.DA trojan unable to clean OFFICE-PC\User1
I've just noticed an ESET pop-up now mentioning Sirefef.DB
I've found some sites on how to remove, but I don't have the directories (e.g. Win32) and registry keys that it says should be there.
Any help would be greatly appreciated!
Steve
Somehow, I've got a virus.
Eset discovered...
11/7/2011 6:03:27 PM Startup scanner file Operating memory » explorer.exe(3844) probably a variant of Win32/Sirefef.DA trojan unable to clean OFFICE-PC\User1
I've just noticed an ESET pop-up now mentioning Sirefef.DB
I've found some sites on how to remove, but I don't have the directories (e.g. Win32) and registry keys that it says should be there.
Any help would be greatly appreciated!
Steve
ESET do a removal tool for it - http://download.eset.com/special/encyclopaedia/ESETSirefefRemover.exe
You may find that it could also be a false positive.
You may find that it could also be a false positive.
ASKER
Thanks for the link. However, those files and registry entries don't exist on my PC.
ASKER
jakethecatuk:
I tried that earlier today. It tells me that Win32/Sirefef has NOT been found on my sytem.
I tried that earlier today. It tells me that Win32/Sirefef has NOT been found on my sytem.
In all likelyhood, you may have a false positive from ESET where it's detecting something that isn't there.
Suggest you run an online virus scan from another vendor. Most of the big vendors provide the facility - take your pick of any of these: -
http://www.google.co.uk/search?q=online+virus+scan&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
Suggest you run an online virus scan from another vendor. Most of the big vendors provide the facility - take your pick of any of these: -
http://www.google.co.uk/search?q=online+virus+scan&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
ASKER
Well, I have seen malware behavior. Browsers keep opening with some strange search engine site.
Explorer.exe was trying to access the Internet (and getting blocked by Windows Defender).
I've installed Malwarebytes and removed some backdoor agents. Running a full scan now to see if I've gotten anywhere.
Explorer.exe was trying to access the Internet (and getting blocked by Windows Defender).
I've installed Malwarebytes and removed some backdoor agents. Running a full scan now to see if I've gotten anywhere.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you could be infected with another strain of the malware that was unlucky enought to caught with heuristics antivirus like eset.
follow these instructions . http://www.spywareviruscleaner.com/How-to-Remove-Win32/Sirefef.C.html
hope that helps