I need help removing a virus from my PC. I have run Malware Bytes anti-malware, done an Avast virus scan, run aswMBR, and fixzeroaccess. I’ve tried these in safe mode as well as normal mode. Sometimes the computer will not boot all the way and I have to shut it down and start over.
The two identified infections are - Trojan.win32.Sirefef!IK and Win32:Sirefef-PL[Rtk]
Please advise the first steps I need to take to remove these viruses. I will check back here tomorrow, Thanks for any help you can provide.
WARNINGUnfortunately one or more of the infections I have identified are Backdoor Trojans, IRCBots or other Malware capable of stealing very important information. You need to stop using all Internet Banking sites, change passwords to all sites with sensitive information from a clean computer and phone your bank to inform them that you may be a victim of identify theft. More often than not, we advise users that a full reinstallation of their Operating System is the only way to ensure that their computer will ever be 100% clean again.
Unfortunately I have found what is known as the ZeroAccess rootkit on your system. It is an especially nasty infection that can take quite some time to clean as well as may have damaged your system files itself. As a warning, during the cleaning (if you choose to do so) you may lose internet access with this computer and in the end we may need to reinstall the operating system anyway depending on the extent of the infection.
If you would like to continue with the cleaning, please continue with the following instructions and I will be more than happy to help.
Download Combofix from the link below, and save it to your desktop. Link
Note: It is important that it is saved directly to your desktop
If you get a message saying “Illegal operation attempted on a registry key that has been marked for deletion”, please restart your computer.
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
When finished, it will produce a report for you.
[*]Please post the C:\ComboFix.txt for further review.
Yes, sorry…was away from computer for over a day. Going to read through the post and decide whether or not fix. Could I as an alternative simply save my pictures and important documents, then reinstall windows?
Could I as an alternative simply save my pictures and important documents, then reinstall windows?
Yes you could. That is definitely an option that you can decide to do. This is more than likely fixable, but remember >>
More often than not, we advise users that a full reinstallation of their Operating System is the only way to ensure that their computer will ever be 100% clean again.
and this is due to the infections backdoor capabilities.
The PC we have is a Dell Inspiron and has the Dell Factory Image Restore option. The only thing on the PC that really is important are the pictures so I think we’ll save them to CD and then perform the Dell Factory Image Restore as long as this will take care of the problem.
Also, would it be wise to scan the CD for viruses before moving anything back onto the computer after the reinstall
