?
Solved

How can I get rid of Sirefef.gen!C Virus?

Posted on 2013-05-18
7
Medium Priority
?
1,029 Views
Last Modified: 2013-11-22
Running Vista 32-bit.

Chrome reports that I have the Sirefef.gen!C virus and that any secure login credentials could be compromised.

It also says that Microsoft Security Essentials "reportedly removes it."  Problem is that every time I try to download it, my browsers reject it as a virus.  I'm sure this is the virus trying to protect itself.  So, I need help removing this virus.

Can I download Microsoft's Security Essentials for 32-bit Vista via FTP?  If so, then how and where?  (The http link: http://windows.microsoft.com/en-us/windows/security-essentials-download.)

Any other ideas on best way to remove this virus?
0
Comment
Question by:SqueezeOJ
7 Comments
 
LVL 24

Expert Comment

by:aadih
ID: 39177297
Take a look here for solution(s):

http://www.experts-exchange.com/Security/Vulnerabilities/Q_28119810.html >

But, since you have a 32 bit system, first I'd try the "ZeroAccess removal tool":

http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/ZeroAccess removal tool >

Then I'd run MalwareBytes AntiMalware (free) to scan and clean (from safe mode if necessary and then in the normal mode also).

Then I'd run TDSSKiller.
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39177384
How to manually delete Virus:Win32/Sirefef.gen!C?

To get rid of this virus, you need to search for and terminate its malicious program files, processes, .dll files and registry entries completely one-by-one. Please follow this guide here to start.

Step1. Press CTRL+ALT+DELETE to open the Windows Task Manager. Then stop all processes.

Step2. Click on the Processes tab, search for Virus:Win32/Sirefef.gen!C then right-click it and select End Process key.

Step3. Click Start button and select Run. Type regedit into the box and click OK to proceed. Once the Registry Editor is open, search for the registry keys and Delete them.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell”=”[SET OF RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsConfig\startupfolder\[random names]

Step4. Search for infected files and delete it manually.

%AppData%\[random].exe
%Windows%\system32\[random].exe
0
 
LVL 93

Accepted Solution

by:
nobus earned 2000 total points
ID: 39178187
you can also hook the drive to a protected pc - and run the scans then
or run from  the windows offline defender cd  http://windows.microsoft.com/en-gb/windows/what-is-windows-defender-offline
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 

Author Closing Comment

by:SqueezeOJ
ID: 39179449
This is exactly what I was looking for.
0
 
LVL 93

Expert Comment

by:nobus
ID: 39180128
and what was the solution you have choosen? just curious
0
 

Author Comment

by:SqueezeOJ
ID: 39180730
I attached the hard drive to another PC and ran a scan from there. Very easy compared to battling it head on. Thanks all for time & thought!
0
 
LVL 93

Expert Comment

by:nobus
ID: 39180988
ok -  tx for updating us
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question