Solved

How can I get rid of Sirefef.gen!C Virus?

Posted on 2013-05-18
7
923 Views
Last Modified: 2013-11-22
Running Vista 32-bit.

Chrome reports that I have the Sirefef.gen!C virus and that any secure login credentials could be compromised.

It also says that Microsoft Security Essentials "reportedly removes it."  Problem is that every time I try to download it, my browsers reject it as a virus.  I'm sure this is the virus trying to protect itself.  So, I need help removing this virus.

Can I download Microsoft's Security Essentials for 32-bit Vista via FTP?  If so, then how and where?  (The http link: http://windows.microsoft.com/en-us/windows/security-essentials-download.)

Any other ideas on best way to remove this virus?
0
Comment
Question by:SqueezeOJ
7 Comments
 
LVL 24

Expert Comment

by:aadih
ID: 39177297
Take a look here for solution(s):

http://www.experts-exchange.com/Security/Vulnerabilities/Q_28119810.html >

But, since you have a 32 bit system, first I'd try the "ZeroAccess removal tool":

http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/ZeroAccess removal tool >

Then I'd run MalwareBytes AntiMalware (free) to scan and clean (from safe mode if necessary and then in the normal mode also).

Then I'd run TDSSKiller.
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39177384
How to manually delete Virus:Win32/Sirefef.gen!C?

To get rid of this virus, you need to search for and terminate its malicious program files, processes, .dll files and registry entries completely one-by-one. Please follow this guide here to start.

Step1. Press CTRL+ALT+DELETE to open the Windows Task Manager. Then stop all processes.

Step2. Click on the Processes tab, search for Virus:Win32/Sirefef.gen!C then right-click it and select End Process key.

Step3. Click Start button and select Run. Type regedit into the box and click OK to proceed. Once the Registry Editor is open, search for the registry keys and Delete them.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell”=”[SET OF RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsConfig\startupfolder\[random names]

Step4. Search for infected files and delete it manually.

%AppData%\[random].exe
%Windows%\system32\[random].exe
0
 
LVL 91

Accepted Solution

by:
nobus earned 500 total points
ID: 39178187
you can also hook the drive to a protected pc - and run the scans then
or run from  the windows offline defender cd  http://windows.microsoft.com/en-gb/windows/what-is-windows-defender-offline
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Closing Comment

by:SqueezeOJ
ID: 39179449
This is exactly what I was looking for.
0
 
LVL 91

Expert Comment

by:nobus
ID: 39180128
and what was the solution you have choosen? just curious
0
 

Author Comment

by:SqueezeOJ
ID: 39180730
I attached the hard drive to another PC and ran a scan from there. Very easy compared to battling it head on. Thanks all for time & thought!
0
 
LVL 91

Expert Comment

by:nobus
ID: 39180988
ok -  tx for updating us
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now