Author Topic: Help Me Cant get rid of sirefef,  (Read 7046 times)

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #30 on: July 20, 2012, 05:28:15 AM »
The system seems to be running normal,  :)

-However sometimes the computer runs very slow, sometimes the internet runs slow too...
-Other times system runs fast, same with internet,
-Sometimes system is fast and internet is slow, vice versa,

Guessing thats probably normal for a computer...?

Problems:

-It did freeze, but only once today,
-and the only consistent problem ive noticed is very slow start up, has never been that slow at start up, maybe its because of the programs?
Ill see if I can disable some start up programs and see if it makes a difference...


Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #31 on: July 20, 2012, 11:59:58 AM »
Go ahead and remove some of the startup programs on your system and see if that improves startup.  :)

As for the other slowness issues, that can be cause by other reasons than malware. 

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #32 on: July 21, 2012, 06:21:48 AM »
Ok, Removed a couple start up programs,

Made a slight difference,

Still slow, but as long as there's no virus, I dont mind the start up,
--
Before Start up use to be,
Windows Welcome Screen for about 15-30s
Then popped up the backround, mouse task bars and all the icons(Without pictures), right away
Did take about a minute or two to be usable....

Now,
Windows Welcome Screen for about 45s+,
Then popped up the background,
Then the mouse,
Now the screen does nothing, I can move around the mouse, then about 30-45 Seconds later,
Task bar pops up,
Then a few secs later icons,
Then sometimes gadgets, depending if they want to load or not....
Takes about a minute or two to be usable....
--

If malware is gone, then Its ok that its slow...

-----

The only other problem I have is now Windows Blue Screens about once a day, Anytime it does now it says:

APC_INDEX_MISMATCH,

Different error codes...

Not sure if it has something to do with malware or something, 

Read some stuff that it could be hardware problems, over heating or driver problems...
I think it might be that I run high temp sometimes(Usually 50ish), (Saw a spike up to65, Limit is 70)
or Drivers need updating,

I can slowly try to fix this? If its not Malware related?



-----

But the system runs normal most of the time, Do you think I should get rid of the Antivirus programs now?
« Last Edit: July 21, 2012, 09:32:01 AM by Ihatesirefef »

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #33 on: July 22, 2012, 03:49:46 AM »
Update:

I think Start Up is slow because Avast is slowing it down, sometimes it slows down the machine, especially when it is updating,
I dont know why but Avast was disabled when I started it once, and it started up normally,
I couldn't test it because even though I disabled Avast in startup it still started up the next time,

For the APC Index,
My Disk is Defraged, I ran the memory diagnostics tool, and updated BIOS, So ill see if it Blue Screens again,
Might be a heat problem? if it happens again? 

Update, I tried Coretemp out to see computer temps, installed a couple of other programs,

So I got rid of the other 2 programs, ran malwarebytes and it found a virus >:(:
Heres the log,
Hopefully this one is completely gone?

I ran Malwarebytes again, nothing came up...

Got rid of stupid Coretemp too...
« Last Edit: July 22, 2012, 04:40:41 AM by Ihatesirefef »

Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #34 on: July 22, 2012, 10:56:16 PM »
Hi,

I am not convinced that this is malware.  With this error you are getting I think that you would be better served registering at Geeks to Go and posting a new topic here >> http://www.geekstogo.com/forum/forum/79-windows-vista-and-windows-7/  It is free to register and the techs there are fantastic!  You will certainly be in good hands.  When you start your new topic be sure to post the link back here so that the techs can see what we have done.  Once complete come back and we can remove our tools and I can get you some good information on computer security.  :)

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #35 on: July 23, 2012, 08:07:45 AM »
Ok thanks,

But my computer hasn't froze or blue screened since the BiOS update, 

So if it happens again should I make a forum there?
Or should I make one anyway?


« Last Edit: July 23, 2012, 08:14:46 AM by Ihatesirefef »

Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #36 on: July 23, 2012, 06:48:14 PM »
Quote
So if it happens again should I make a forum there?
Yes.....since it hasn't happened lately just wait until it happens again (hopefully it won't).  Give it a good run around and let me know later today. 

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #37 on: July 24, 2012, 10:04:11 PM »
Hey,

My computer has been running good for the most part,

And hasn't froze or blue-screened since the BIOS update, :)
(However, I don't think it actually updated, it just appeared too)

It did crash once, I opened some stuff including heavy apps to see if it would over heat or not...
Worked fine, but when I closed everything it crashed...
So hopefully it doesn't crash, but hasn't in the past couple days, and was probably because I was trying to overload it...

« Last Edit: July 24, 2012, 10:15:33 PM by Ihatesirefef »

Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #38 on: July 25, 2012, 02:51:50 AM »
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please post the contents of that document.
----------

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #39 on: July 25, 2012, 06:26:44 AM »
Ok, Here it is:

---
 Results of screen317's Security Check version 0.99.43 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
avast! Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````[/u]
 Malwarebytes Anti-Malware version 1.62.0.1300 
 Java(TM) 6 Update 26 
 Java 2 Runtime Environment, SE v1.4.2_04
 Java version out of Date!
 Adobe Flash Player    11.3.300.265 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (14.0.1)
 Google Chrome 20.0.1132.47 
 Google Chrome 20.0.1132.57 
````````Process Check: objlist.exe by Laurent````````[/u] 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast afwServ.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````[/u]
---

Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #40 on: July 25, 2012, 02:35:46 PM »
Please go to Start > Control Panel > Programs and Features > remove all the Java Programs you see, now download the latest Java from the following link and install it:

http://java.com/en/download/index.jsp
----------

You have an older version of Adobe Reader.  You can download the current version HERE

You may want to consider Foxit Reader instead. It may be a bit lighter on resources.

Visit their support forum
Foxit Forum

In either case you should uninstall Adobe Reader 9 first. Be sure to move any PDF documents to another folder first though.
----------

Let me know when you get this completed.  :)

Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #41 on: July 25, 2012, 10:21:23 PM »
Uninstalled Java( There was 2 of them)
and Adobe,

Java now wont install on my computer....
Ill try one more time,

It just says installing then finishes and nothing happens, (Tried on Chrome twice, Then IE, IE gave me an option for Ask tool bar i said no, Then it crashed)

The 3rd time I tried it Blue Screened( Different blue screen, IQRL not equal)

 It said it may have something to do with new installed Software...
-----
4th Try, everything looked good, but while installing I get the error:
Downloaded File:
C\users\home\appdata\local\temp\\fx-runtime.exe is corrupt
---
5th Try, I tried the offline downloader, It seems to have worked now...
It gave me a confirming message, and its in Programs and Features now, and uninstallible...

---
Do I need Adobe? I dont really use it too often,
« Last Edit: July 25, 2012, 10:56:00 PM by Ihatesirefef »

Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #42 on: July 26, 2012, 01:00:06 AM »
LOL!!  Crazy Java!!

Yes you should still update Adobe Reader.  Out of date software is one of the major ways that infections are able to access systems.


Offline Ihatesirefef

  • Jr. Member
  • **
  • Posts: 23
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #43 on: July 26, 2012, 07:38:08 AM »
Lol, Ok I will try to keep them more updated...

Adobe and Java are installed...


Offline jeffce

  • Probably Not A Bot
  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2463
  • Gender: Male
  • Member of UNITE
    • Malware Removal
    • Personal Message (Offline)
Re: Help Me Cant get rid of sirefef,
« Reply #44 on: July 26, 2012, 11:50:20 AM »
Providing there are no other malware related problems...

IT APPEARS THAT YOUR LOGS ARE NOW CLEAN :D  SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! :D

This infection appears to have been cleaned, but I can not give you any absolute guarantees.  As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.
----------

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run  and copy/paste the following text into the Run box as shown and click OK.
  Combofix /Uninstall
  (Note: There is a space between the ..X and the /U that needs to be there.)


----------

Clean up with OTL:
  • Right-click and Run as Administrator OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.
----------

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.
If you didn't already have it I would keep Malwarebytes AntiMalware though.


Here are some tips to reduce the potential for spyware infection in the future:

1. Internet Explorer.  Even if you don't use it as your main browser it should be kept up-to-date because that is the browser Windows uses for updates.
Make your Internet Explorer more secure
- This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
2. Enable Protected Mode in Internet Explorer.  This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code.  To make sure this is running follow these steps:
  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

4. Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.  A tutorial on firewalls can be found here[/color].  **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:
Online Armor Free
Agnitum Outpost Firewall Free

5. Make sure you keep your Windows OS currentWindows XP users can visit Windows update   regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.

6. WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

7.Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?
 
Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now