Solved

How can I get rid of Sirefef.gen!C Virus?

Posted on 2013-05-18
7
910 Views
Last Modified: 2013-11-22
Running Vista 32-bit.

Chrome reports that I have the Sirefef.gen!C virus and that any secure login credentials could be compromised.

It also says that Microsoft Security Essentials "reportedly removes it."  Problem is that every time I try to download it, my browsers reject it as a virus.  I'm sure this is the virus trying to protect itself.  So, I need help removing this virus.

Can I download Microsoft's Security Essentials for 32-bit Vista via FTP?  If so, then how and where?  (The http link: http://windows.microsoft.com/en-us/windows/security-essentials-download.)

Any other ideas on best way to remove this virus?
0
Comment
Question by:SqueezeOJ
7 Comments
 
LVL 24

Expert Comment

by:aadih
Comment Utility
Take a look here for solution(s):

< http://www.experts-exchange.com/Security/Vulnerabilities/Q_28119810.html >

But, since you have a 32 bit system, first I'd try the "ZeroAccess removal tool":

< http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/ZeroAccess removal tool >

Then I'd run MalwareBytes AntiMalware (free) to scan and clean (from safe mode if necessary and then in the normal mode also).

Then I'd run TDSSKiller.
0
 
LVL 21

Expert Comment

by:Haresh Nikumbh
Comment Utility
How to manually delete Virus:Win32/Sirefef.gen!C?

To get rid of this virus, you need to search for and terminate its malicious program files, processes, .dll files and registry entries completely one-by-one. Please follow this guide here to start.

Step1. Press CTRL+ALT+DELETE to open the Windows Task Manager. Then stop all processes.

Step2. Click on the Processes tab, search for Virus:Win32/Sirefef.gen!C then right-click it and select End Process key.

Step3. Click Start button and select Run. Type regedit into the box and click OK to proceed. Once the Registry Editor is open, search for the registry keys and Delete them.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell”=”[SET OF RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsConfig\startupfolder\[random names]

Step4. Search for infected files and delete it manually.

%AppData%\[random].exe
%Windows%\system32\[random].exe
0
 
LVL 91

Accepted Solution

by:
nobus earned 500 total points
Comment Utility
you can also hook the drive to a protected pc - and run the scans then
or run from  the windows offline defender cd  http://windows.microsoft.com/en-gb/windows/what-is-windows-defender-offline
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Closing Comment

by:SqueezeOJ
Comment Utility
This is exactly what I was looking for.
0
 
LVL 91

Expert Comment

by:nobus
Comment Utility
and what was the solution you have choosen? just curious
0
 

Author Comment

by:SqueezeOJ
Comment Utility
I attached the hard drive to another PC and ran a scan from there. Very easy compared to battling it head on. Thanks all for time & thought!
0
 
LVL 91

Expert Comment

by:nobus
Comment Utility
ok -  tx for updating us
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
lol ransomeware 15 101
Norton Blue Screen 11 79
antispam / virus gateway 5 46
Spam mails from a compromised internal computer 5 24
The intent of this Article is to provide the basic First Aid steps for working through most malware infections. The target audience includes experienced IT professionals and the casual user who just wants to make the infection go away. **********…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now