Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SIREFEF.* part of virus name [Closed]


  • This topic is locked This topic is locked

#1
webuser

webuser

    New Member

  • Member
  • Pip
  • 1 posts
Hello:
Last night the MS SE on my home computer went red. Clicked on it to update and to become functional again, little panel came on can’t do. Clicked o help and it went to MS (it appeared to be from MS any way. It looked legitimate), “PC Utility Kit” that analyzed my system and said malware status was good and identified, among other things slowing down my computer, over 5 GB of files ( Not likely. On C drive I only have programs, no data files). When I found out that I have to put my CC#, with no internet protection, I backed out. I think this was the source of the virus.

Uninstalled my MS SE and reinstalled it. It went OK. Got update and all.

Then I got these popups on the windows explorer, not from internet, that “you are about to be logged off. windows have encountered a critical problem and will restart automatically. And it does restart automatically.

I have shut down the internet connection and disconnected all external hard drives from the computer. The only things connected to my computer now are the mouse, the key board and the speakers. No data storage devices.

I am in a loop. In the MS SE history there is this Trojan/ Win64/, Win32/, Virus., all ending with SIREFF. With different extensions. For example Trojan/SIREFF.A; Win64/Sireff.p; win32.sireff.aa., ETC., ETC. All of them are marked “removed” in the MS SE history. I counted them. Some time there are 3 of them, next time the computer restarts, there are 4, next time, there is 1, next time there are 31 of them. The number goes up and down each time the computer restarts itself. I don’t understand why they go down and then go up. However many there are, they are in the closed environment. Nothing comes from the internet. So if the MSSE has deleted some, why do more come up?

When the system restarts, the MSSE sometimes tells me there is a virus that needs to clean. So I click to clean. Sometime MSSE pops up that I need to restart the computer to finish cleaning computer. What always happens is that the windows explorer pop up comes on with “you are about to be logged off……” and it restarts the computer and the loop.

I tried to do a complete scan and even a quick scan, but the computer restarts before much scanning is done.

I tried to do a system restore. But the system said the computer cannot be shut down to do a restore.

Is there any way out of this short of formatting the C drive and reinstalling all the programs again?

The computer is Win7 64bit running Windows Home Premium.

Sorry for the long post.

Thank you for any suggestions.
webuser
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi, webuser! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 2.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 3.

Please post:

aswMBR log
OTL.txt
Extras.txt


Give me an update on your computer's issues.
  • 0

#3
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP