Jump to content


Photo

Inquiry regarding infection with the Trojan, gen Sirefef


  • Please log in to reply
8 replies to this topic

#1 Eagleeye

Eagleeye

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 145 posts
  • Gender:Male
  • Location:Mid-Atlantic area (USA)
  • Interests:Computer security

Posted 13 April 2012 - 08:28 AM

Good morning everyone,

Back on April 2nd, during a normal SAS quick scan, it detected the presence of the Trojan, gen Sirefef. My computer did not display any unusual behavior beforehand, etc...so needless to say...I was rather surprised to find I had acquired this nasty piece of junk!

This trojan managed to disable the Web Shield and Mail Scanner functions in my Avast AV (free version), as well as, make it impossible for me to even access the Internet, regardless of whether I used IE8 or FF.

Although, SAS removed it & rebooted the computer, I ended up having to haul this machine to a repair shop and shell out $123 just to fix it so I could get on the Internet again.

Going by what is in the article on the top of this page entitled, "How did I get infected...". I have everything on my computer updated and in as secure a condition as possible.

My question: Should a trojan infection like this occur again at some future time, is there any way to obtain help here...instead of having to once again expend boo-koo $$$ at a repair shop?

Thank you for your time and any recommendations!

Dell Optiplex 755 Desktop |WIN 7 Pro SP1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | SAS (on-demand) | Spywareblaster | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus


#2 Eagleeye

Eagleeye

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 145 posts
  • Gender:Male
  • Location:Mid-Atlantic area (USA)
  • Interests:Computer security

Posted 13 April 2012 - 08:44 AM

EDIT: Forgot to mention, this trojan also managed to remove the ipsec.sys driver.

Dell Optiplex 755 Desktop |WIN 7 Pro SP1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | SAS (on-demand) | Spywareblaster | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus


#3 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 13 April 2012 - 08:56 AM

Hello Eagleeye,

Yes, you can get at least 3 types of help here.
  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— MBAM PRO customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support
My fellow colleagues can fill you in on those details.

I would suggest that you follow safer computer-internet-usage practices and be sure you have a multi-layer defense to keep out malwares.
Don't do dodgy downloads and stay away from torrents' sites. Definitely don't do peer-to-peer filesharing.
Don't be too quick to click links without checking /judging whether link is safe.
Be wary of unsolicited emails with attachments you did not expect. Even from someone you know.
Use a "standard"-user level account instead of an administrator-level login when logged in for day-to-day use.

Keep your Windows and all your application apps up-to-date to reduce security risk exposure.
A lot of infections are made easier if you have outdated Java runtime, or Adobe applet apps (Flash Player / Shockwave/Adobe Reader) that are out of date.
Keep those always patched. Use Secunia's OSI on a regular monthly basis to check for security updates !

Scan any USB-flash drive with antivirus first, if it is from anyone else before using. The same principle applies if you get any file via email.
Scan them first before opening.In short, be aware & more safety-educated. Follow safer practices.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#4 Eagleeye

Eagleeye

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 145 posts
  • Gender:Male
  • Location:Mid-Atlantic area (USA)
  • Interests:Computer security

Posted 13 April 2012 - 09:28 AM

Thanks very much for the edification, Maurice!

Nearly all of your recommendations are practices which I adhere to. One question: You mentioned that Secunia program for checking for updates. I presently have the FileHippo Update Checker. Is that program as good as the Secunia program you referred to, or should I change to Secunia?

One other item you mentioned is one I do not really understand; the part about making regular backups to a USB or CD/DVD drive. How do I accomplish that, and how many gigabytes are required to to this?

Best regards, (and apologies for my lack of simple knowledge about these things).

Dell Optiplex 755 Desktop |WIN 7 Pro SP1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | SAS (on-demand) | Spywareblaster | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus


#5 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 13 April 2012 - 09:58 AM

I haven't used the FileHippo update checker, so I cannot comment.

For backups: I really mean (at minimum) disk-image-mirror backups. The space required is dependent on how large your system is.
I would expect a 1 TB to 2 TB external USB drive will suffice. Do some serious price comparisons. You can likely find a 1 TB near $100 - $110 or less
You may even want to consider a 2 TB drive

I mentioned 3 software apps that you may consider to for doing these backups.
Macrium Reflect, Paragon, & Acronis True Image.
If you have Windows 7, it has a native backup that is quite capable.
Also, the manufacturers of the external USB drives will usually have applets that you can use.

With a clean/recent mirror-image backup you can "restore" your HDD from it and recover from a real disaster in minutes and do it on your own, as opposed to it taking days to clean & recover.
The basics are to have offline-storage & the tool for backup.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#6 Eagleeye

Eagleeye

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 145 posts
  • Gender:Male
  • Location:Mid-Atlantic area (USA)
  • Interests:Computer security

Posted 13 April 2012 - 10:16 AM

Hi again Maurice,

My hard drive is only 40 GB. I have two USB flash drives...one is a 4 GB, the other an 8 GB. According to the "Properties" section for the C drive...it indicates something like 16.3 GB of the drive is in use. So, I'm guessing I'd have to go and expend a considerable sum of $$ to acquire a flash drive with enough room to hold that much backup data.

As I live on a very limited fixed disability income now, I will just have to forego acquiring the needed item(s).

Thanks again for all your advice though!

Dell Optiplex 755 Desktop |WIN 7 Pro SP1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | SAS (on-demand) | Spywareblaster | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus


#7 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 13 April 2012 - 10:40 AM

The Macium Reflect software is free and if I remember correctly, it can do a backup to your local HDD (even though that is not the ideal).
Paragon is also sometimes available for free also. See my earlier links.
You can make do without external hard drives (just barely).

Note: Since this topic really is not about MBAM product, I am moving this topic to PC Help section.

P.S.S. Eagleeye,
Since your hard drive is only 40 GB, then an external hard-drive (hard drive and not a USB-flash) of much less than 1 TB would fit your needs, and thus cost less than what I had stated.

Edited by Maurice Naggar, 13 April 2012 - 10:50 AM.

Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#8 Eagleeye

Eagleeye

    Advanced Member

  • Honorary Members
  • PipPipPip
  • 145 posts
  • Gender:Male
  • Location:Mid-Atlantic area (USA)
  • Interests:Computer security

Posted 13 April 2012 - 01:09 PM

I appreciate your time and help Maurice!

Dell Optiplex 755 Desktop |WIN 7 Pro SP1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | SAS (on-demand) | Spywareblaster | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus


#9 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 13 April 2012 - 02:28 PM

You're welcome. ^_^
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users