?
Solved

How can I get rid of Sirefef.gen!C Virus?

Posted on 2013-05-18
7
Medium Priority
?
984 Views
Last Modified: 2013-11-22
Running Vista 32-bit.

Chrome reports that I have the Sirefef.gen!C virus and that any secure login credentials could be compromised.

It also says that Microsoft Security Essentials "reportedly removes it."  Problem is that every time I try to download it, my browsers reject it as a virus.  I'm sure this is the virus trying to protect itself.  So, I need help removing this virus.

Can I download Microsoft's Security Essentials for 32-bit Vista via FTP?  If so, then how and where?  (The http link: http://windows.microsoft.com/en-us/windows/security-essentials-download.)

Any other ideas on best way to remove this virus?
0
Comment
Question by:SqueezeOJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 24

Expert Comment

by:aadih
ID: 39177297
Take a look here for solution(s):

http://www.experts-exchange.com/Security/Vulnerabilities/Q_28119810.html >

But, since you have a 32 bit system, first I'd try the "ZeroAccess removal tool":

http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/ZeroAccess removal tool >

Then I'd run MalwareBytes AntiMalware (free) to scan and clean (from safe mode if necessary and then in the normal mode also).

Then I'd run TDSSKiller.
0
 
LVL 22

Expert Comment

by:Haresh Nikumbh
ID: 39177384
How to manually delete Virus:Win32/Sirefef.gen!C?

To get rid of this virus, you need to search for and terminate its malicious program files, processes, .dll files and registry entries completely one-by-one. Please follow this guide here to start.

Step1. Press CTRL+ALT+DELETE to open the Windows Task Manager. Then stop all processes.

Step2. Click on the Processes tab, search for Virus:Win32/Sirefef.gen!C then right-click it and select End Process key.

Step3. Click Start button and select Run. Type regedit into the box and click OK to proceed. Once the Registry Editor is open, search for the registry keys and Delete them.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell”=”[SET OF RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MsConfig\startupfolder\[random names]

Step4. Search for infected files and delete it manually.

%AppData%\[random].exe
%Windows%\system32\[random].exe
0
 
LVL 92

Accepted Solution

by:
nobus earned 2000 total points
ID: 39178187
you can also hook the drive to a protected pc - and run the scans then
or run from  the windows offline defender cd  http://windows.microsoft.com/en-gb/windows/what-is-windows-defender-offline
0
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

 

Author Closing Comment

by:SqueezeOJ
ID: 39179449
This is exactly what I was looking for.
0
 
LVL 92

Expert Comment

by:nobus
ID: 39180128
and what was the solution you have choosen? just curious
0
 

Author Comment

by:SqueezeOJ
ID: 39180730
I attached the hard drive to another PC and ran a scan from there. Very easy compared to battling it head on. Thanks all for time & thought!
0
 
LVL 92

Expert Comment

by:nobus
ID: 39180988
ok -  tx for updating us
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question