Get BullGuard Premium Protection to stay safe from all threats:

  • Credit card frauds and identity theft
  • WannaCry, Petya / Golden Eye Virus and all ransomware
Buy Now 60% off

HELP NEEDED: trojan sirefef.KH

Posted 11/2/2012 6:12 AM
#94636
User avatar

pewdiepie fan Member

Date Joined Nov 2016
Total Posts: 1
i have this trojan, trojan sirefef.KH i dont know how to get rid of it every time i run bull guard and it scans my computer when it comes to removing it i cant it just says it failed.



c:\windows\system32\y [676] (memory dump)

c:\windows\system32\y [676] (full dump)



so yea its one file i guess but the trojan is on both i need help it is making my laptop so slow i used to think it was my wifi but its not i got rid of the other viruses but this one bull guard wont let me get rid of just keeps saying it failed. Also if i try to search things up online it messes my searches up because it will search random things things i didnt even type it is so annoying some one please help me. I cant even have more than one tab open because the 2nd tab takes like 3 minutes to just google then if i use it it will never stop loading :(
Post attachments:
virus1.PNGvirus2.PNGvirus.PNG
Posted 11/2/2012 7:56 AM
#94637
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello pewdiepie fan :smile:



We need to get a comprehensive report of what is present in your system.


Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe


• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select All Users
• Under the Custom Scan box paste this in:

netsvcs
activex
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%windir%\Installer\*.*
%windir%\system32\tasks\*.*
%systemroot%\Fonts\*.exe
%systemroot%\*. /mp /s
/md5start
consrv.dll
explorer.exe
winlogon.exe
regedit.exe
Userinit.exe
svchost.exe
MRESP50.SYS
CBPSp50.sys
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT



• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

• Post both logs

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 11/3/2012 6:12 AM
#94644
User avatar

Advanced member

You have an old version of BullGuard on your computer.

Please contact Support from either the application or from our website, tell the agent that your infected with Sirefef and that your BullGuard can not remove it. We will connect to your computer and deal with it.
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Sunday, July 23, 2017, 8:55 PM (GMT +2)
There are a total of 61,305 posts in 13,482 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,066 registered members. Please welcome our newest member, tinytim4.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.