Bobbye
Posts: 16,313 +36
MSE may be picking up on the malware that has already been handled but showng in System Volume (restore points) and the OTM entries. Unfortunately, virus scanners aren't written to ignore those locations. Let's clean up and see if that issue gets resolved.
Removing all of the tools we used and the files and folders they created
Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
------------------------------------------
-------------------------------------------------------
After you have completed the above:
1. Delete the contents of the MSE quarntine folder.
2. Reboot the computer.
3. Update and Run MSE again.
4. IF it still shows an entry for 'Sirefef', copy the full path and paste it in a reply for me to see.
Removing all of the tools we used and the files and folders they created
- Uninstall ComboFix and all Backups of the files it deleted
- Click START> then RUN
- Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
- Download OTCleanIt by OldTimer and save it to your Desktop.
- Double click OTCleanIt.exe.
- Click the CleanUp! button.
- Select Yes when the "Begin cleanup Process?" prompt appears.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
------------------------------------------
- You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
- Go to Start > All Programs > Accessories > System Tools
- Click "System Restore".
- Choose "Create a Restore Point" on the first screen then click "Next".
- Give the Restore Point a name> click "Create".
- Go back and follow the path to > System Tools.
- Choose Disc Cleanup
- Click "OK" to select the partition or drive you want.
- Click the "More Options" Tab.
- Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.
-------------------------------------------------------
After you have completed the above:
1. Delete the contents of the MSE quarntine folder.
2. Reboot the computer.
3. Update and Run MSE again.
4. IF it still shows an entry for 'Sirefef', copy the full path and paste it in a reply for me to see.
