Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tricky Virus infection good luck


  • Please log in to reply
3 replies to this topic

#1 raymanvh

raymanvh

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 09 September 2011 - 11:20 PM

Ok so here is the deal I have been dealing with this computer virus for a couple nights now on a friends computer. The problem is the infection known as win64 sirefef.b it has caused me much trouble. I will first start off telling you the procedure I have been through: First off when I got the computer it did not boot so I pulled out my hirens boot cd and booted to a mini xp OS from there I proceeded to run Superantispyware. This was able to get rid of a vast majority of things and let the computer boot up. I then proceeded to boot the computer into safe mode and I ran malewarebytes and superantispyware again fully updated on both until it knocked out about another 50 or so infections. Now I have Microsoft Security Essentials (MSE) on the computer and it detects a the virus/rootkit known as win64 sirefef.b if I allow MSE to delete this infection then the computer no longer boots and throws up a bsod saying that compsrv is missing. I however restored the system to a date before removing the infection so my OS was once again bootable and proceeded to do these steps again. The computer still has win64 sirefef.b and I preventing MSE from deleting it currently. Also just fyi the infection does not allow any windows defender programs to run and it also redirects me from any microsoft websites. I would appreciate any help thanks.

BC AdBot (Login to Remove)

 


#2 ranget

ranget

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 10 September 2011 - 04:41 AM

hi there

i would like you to


1- Boot in safe Mode with networking
2- Do a Full scan with : Malware byte antimalware , Superantispyware , DRweb cureit

let's see what will happen

A big thanks to Dider Stevens

sorry for not being around

 


#3 raymanvh

raymanvh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 10 September 2011 - 05:45 PM

I already did this as stated in the original post they do not detect the infection. I have done all the necessary scans I do a lot of computer repairs and have dealt with many infections/rootkits so I know what I am doing. I am kind of looking for help from an administrator/moderator for any helpful hints.

#4 raymanvh

raymanvh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 15 September 2011 - 06:08 PM

please close topic




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users