Help with the following issue would be greatly appreciated.
Yesterday afternoon, on a website I trust and have used many times before, my computer picked up the Win64:Sirefef Trojan and Win32: Sirefef Rootkit. I believe the avenue of attack was an outdated Java plugin in Firefox, which I activated despite the browser’s warning that it had been deactivated for security reasons. The Comodo firewall started giving warnings, but since this was a safe place (or so I thought) and the warnings indicated that the program in question was simply a new version of something run before, I let it run. Big mistake! Avast AV promptly started blocking the trojan and rootkit every five minutes or so.
I ran a full scan using MalwareBytes, which identified and duly quarantined two issues. Once they had been walled off, Avast stopped giving its warnings. But, having read on this forum how insidious this intruder is, I ran a boot scan overnight. Sirefef 32 was found again, in a different location.
I have now followed the instructions in the Log thread on this forum and am attaching the logs. Interestingly, the first time I ran aswMBR, it found nothing. But using the order in the Log thread and running it after OTL, lo and behold our little friend shows up.
At this point I am seriously tempted to wipe the hard drive and start from scratch. However, there are some files that are not backed up that I really want to keep, and I’m not sure it’s safe to even try saving them to a DVD-ROM.
Although I was logged in to my e-mail, and a couple of other places, when the incident occurred, I have avoided logging in to anything personal while the machine’s condition remained doubtful. For all I know, much data has already been compromised.
Many thanks in advance.