Need help !! win32/sirefef.FC trojan horse , how to delete?!

Discussion in 'ESET Smart Security' started by Charliie, Aug 20, 2012.

Thread Status:
Not open for further replies.
  1. Charliie

    Charliie Registered Member

    Joined:
    Aug 20, 2012
    Posts:
    4
    Location:
    canada
    i have ESET NOD32 antivirus 5

    Object : C:\WINDOWS\SYSTEM32\SERVICES.EXE
    Menace : win32/sirefef.FC trojan horse

    have tried to find the file and delete it. but ist nowhere to be found , tried malewarebytes , dosent find the virus , dont know what to do anymore ?! HELP PLEASE !!. o_O
     
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    For help with removing the Sirefef rootkit, please contact ESET's support office directly at +1 (866) 343-3738 [toll-free, North America] and one of the support engineers will be able to assist you.

    Regards,

    Aryeh Goretsky
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Basically running "sfc.exe /scannow" should work as it will replace the patched system file with the original version from a backup.
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Instructions on using the system file checker are here. Have you tried the removal tool ?
     
  5. Charliie

    Charliie Registered Member

    Joined:
    Aug 20, 2012
    Posts:
    4
    Location:
    canada
    no i havent try the removal tool. i actully dont know what it is?!
     
  6. Charliie

    Charliie Registered Member

    Joined:
    Aug 20, 2012
    Posts:
    4
    Location:
    canada
    have try that removal tool. it seem work. am running the security scan. sure hope ist gonne , thanks for they advice !:D:argh:
     
  7. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Hi Charliie :)

    Just some thoughts regarding your question. Stand alone or removal tools purpose are often to eliminate one special resilient threat, like Sirefef-Olmarik Tdl4 or fake antivirus software often called Rogue software.

    Cheers, Janus
     
  8. Charliie

    Charliie Registered Member

    Joined:
    Aug 20, 2012
    Posts:
    4
    Location:
    canada
    Thanks for they explanation!:D. Im not real good with computer... :doubt:
     
  9. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Follow-up your findings as requested here.
     
Thread Status:
Not open for further replies.