Sirefef wont go away - Please help!

Discussion in 'ESET Smart Security' started by cschrille, Jun 2, 2012.

Thread Status:
Not open for further replies.
  1. cschrille

    cschrille Registered Member

    Joined:
    Jun 2, 2012
    Posts:
    3
    Ok, so I got infected by this crap yesterday and it is seriously impossible to remove. I noticed that many people has recently been infected by this lately and I wonder how I can remove it.

    I have the latest update for Nod32 and I have scanned and removed, but it keeps coming back.
    I also tried MBAM in safe mode which found C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\L\00000008.@ (Trojan.BitMiner)

    C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U\00000008.@ (Trojan.Dropper.BCMiner)

    Both are same file path as the ones Nod32 is picking up, but Nod32 also says :
    Object: Operating memory > C:\Windows\assembly\GAC_32\Desktop.ini
    Threat: a variant of Win32/Sirefef.EZ trojan

    Also scanned with GMER, TDSSKiller and Kaspersky Virus Removal Tool, nothing found.

    Please help me, im going crazy o_O
     
  2. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
  3. cschrille

    cschrille Registered Member

    Joined:
    Jun 2, 2012
    Posts:
    3
    I have tried the remover but it just says
    ---------------------------
    Nothing found
    ---------------------------
    Win64/Sirefef has not been found on your system.
    ---------------------------
    OK
    ---------------------------
     
  4. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    cschrille,

    I'm afraid that the official ESET Support Forum is almost useless for one-on-one support for this; I hate to say it, but..... :blink: :ouch:

    You are better of by:
    1. contacting Customer Care:
    http://www.eset.com/support/contact?seg=home

    or

    2. start a thread at a dedicated forum where they look at HijackThis logs and the likes. Since you already did run MBAM, ask over here:
    http://forums.malwarebytes.org/index.php?showforum=7

    ===

    PS:
    Interesting that there was somebody else who had also problems with Win32/Sirefef.EZ :
    https://www.wilderssecurity.com/showthread.php?t=325347
     
  5. cschrille

    cschrille Registered Member

    Joined:
    Jun 2, 2012
    Posts:
    3
    Ok will try another forum. Yes I have seen about 15 threads about Sirefef trojans popping up within 24 hours, dont know the reason to it.

    Thanks anyway.
     
  6. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Have you read and tried my advice in this thread?
     
  8. Euphoria_mk

    Euphoria_mk Registered Member

    Joined:
    Jun 6, 2012
    Posts:
    3
    Location:
    USA
    Same problem can not get rid of Sirefef.EZ trojan
     
Thread Status:
Not open for further replies.