SIREFEF.* part of virus name

Discussion in 'Malware Help (A Specialist Will Reply)' started by webuser, Jul 27, 2012.

  1. webuser

    webuser Private E-2

    Hello:
    Last night the MS SE on my home computer went red. Clicked on it to update and to become functional again, little panel came on can’t do. Clicked o help and it went to MS (it appeared to be from MS any way. It looked legitimate), “PC Utility Kit” that analyzed my system and said malware status was good and identified, among other things slowing down my computer, over 5 GB of files ( Not likely. On C drive I only have programs, no data files). When I found out that I have to put my CC#, with no internet protection, I backed out. I think this was the source of the virus.

    Uninstalled my MS SE and reinstalled it. It went OK. Got update and all.
    Then I got these popups on the windows explorer, not from internet, that “you are about to be logged off. windows have encountered a critical problem and will restart automatically. And it does restart automatically.

    I have shut down the internet connection and disconnected all external hard drives from the computer. The only things connected to my computer now are the mouse, the key board and the speakers. No data storage devices.

    I am in a loop. In the MS SE history there is this Trojan/ Win64/, Win32/, Virus., all ending with SIREFF. With different extensions. For example Trojan/SIREFF.A; Win64/Sireff.p; win32.sireff.aa., ETC., ETC. All of them are marked “removed” in the MS SE history. I counted them. Some time there are 3 of them, next time the computer restarts, there are 4, next time, there is 1, next time there are 31 of them. The number goes up and down each time the computer restarts itself. I don’t understand why they go down and then go up. However many there are, they are in the closed environment. Nothing comes from the internet. So if the MSSE has deleted some, why do more come up?

    When the system restarts, the MSSE sometimes tells me there is a virus that needs to clean. So I click to clean. Sometime MSSE pops up that I need to restart the computer to finish cleaning computer. What always happens is that the windows explorer pop up comes on with “you are about to be logged off……” and it restarts the computer and the loop.

    I tried to do a complete scan and even a quick scan, but the computer restarts before much scanning is done

    I tried to do a system restore. But the system said the computer cannot be shut down to do a restore.

    Is there any way out of this short of formatting the C drive and reinstalling all the programs again?

    The computer is Win7 64bit running Windows Home Premium.

    Sorry for the long post.

    Thank you for any suggestions.
    Webuser
     
    webuser, Jul 27, 2012
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes the below is the normal starting point.

    READ & RUN ME FIRST. Malware Removal Guide



    Also since you have Win 7, please do the below.

    Please do the below so that we can boot to System Recovery Options to run a scan.

    For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
    For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please attach this file to your next reply. (See: How to attach)
     
    chaslang, Jul 28, 2012
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds