I know a method that just might work....... however, your gonna want to move over any music files or such before you do it. Otherwise, they will be deleted. With most computers, there is a way to reset it to factory condition. Basically, its just like it was when you took it out of the box. Every file that wasn't on there when you bought it is wiped. Initiating the process is different for every computer, but on my laptop, during the first part of startup it says "Press F11 for startup menu". Sorry, that's all the info I got. I think I have an extra download of Norton 360, but Mom would be mad if I just gave it away, and judging from what you said, it might not work.

Apparently ESET has a removal tool for this specific trojan. It's on this page of their "virus encyclopedia." The link's up near the top next to "You can download the removal tool here."
You might have to boot into safe mode to run it though. If you are going to, if you can't access the internet on the infected computer, you should use a flash drive that you don't have anything on to get it onto the infected computer. Once you're done, plug the flash drive into either a mac or linux computer and reformat it.
If that doesn't work, maybe boot into a Linux live environment like Ubuntu and get your files, then format and reinstall. Make sure that your files aren't infected themselves too.

Now, these are just suggestions. I'm not sure how well it'll go or how well ESET's tool works, so take caution.

EDIT: I just went and checked ESET's page and the tool is for .A, not .AH and .R. It might still work?

223551

Thanks, I don,t mind reseting the computer, but the recovery files might be infected as well, and I don't know if it will reset the drivers.

But I'll give it a shot as a last resort. thanks.

P.s. Thanks for the offer on the Norton 360, but it's not worth it if you get in trouble for helping. Thanks anyway!

> My computer is infected with a two strains of the Sirefef Trojan. specifically the .R and .AH variants.
Are you sure it's all you have ?
> My computer can be subcect to takeovers, I have reset all of my passwords and I can no longer risk plugging in my computer...
I hope you've used another computer to do so. If not - redo using your friend's computer.
> can have a guy look at it for a hunderd bucks and get it for sure.
$100 is a lot of money for a relatively simple fix (at most 8h of work, most of which is just waiting for an anti-virus software to finish). Do it yourself!
Are you sure this guy will do a good job? How can he/she guarantee this?
> Also, it can go undectected due to advanced steath scripts and will restart your computer if it is detected by a antivirus program.
Hehe. Your only salvation is to use another system to create a clean LiveCD. Don't try to do it on your machine - it will only spread the infection. Don't download ANYTHING from your machine until you finish!

The easiest option:
Hiren's boot CD, but read the Wikipedia first. You may be interested in how to use a blank USB PenDrive to boot it

You may prefer to do it the Linux way:
1) Setup a Live Ubuntu on the USB PenDrive, but select the 32 bit system even if you have a 64bit-capable machine!
2) Scan your computer

Another possibility is to use the BartPE. More info on the Wikipedia.

-------------------------------------------------------------------------------------------------

After you scan your hard drive using any LiveCD method, boot into your (previously infected) PC, download and install an AntiVirus you prefer (e.g. Avast free) updating the virus definition files. After you finish, download and run Gmer. If Gmer finds anything, run the AntiVirus and "Schedule a boot-time scan" (don't bother with scanning under the Explorer). There should be an option to do this. When prompted - reboot the system and wait for the scan to finish.

This will take a long time but you will:
- save $100
- learn to deal with viruses
- have fun
- have a LOT of time to think about your fics

Hope it helps!

223642

Maybe, I'll try anything at this point, though bit of good news, I was able to dig up my old laptop. its pretty old but I can still write on it. though it takes a lot longer for it to load and I can't run very many apps on it.

But still, This wont impede my writing nearly as badly as I thought it would. It might be a little slower but the hiatus IS OVER wow that was fast.

But still sucks my PC is out, all my games are on there...

(cant believe I forgot about my laptop though)

> Thanks, I don,t mind reseting the computer, but the recovery files might be infected as well, and I don't know if it will reset the drivers.
This should be a safe option as the recovery partition is hidden from the system. You may lose all the files so make a backup first. You may use a Knoppix LiveCD for that. I would try the LiveCD route I wrote you in my previous post though :).

223739
223712

Thanks Happy, you the man (girl? you never know on the internet) Anyway all the advice is great. I suspect my problems will be resolved within the week. Here have a Pinkie

223756 - Thank you for the Pinkie!

> I suspect my problems will be resolved within the week
This should take about 10 hours (2 hours to make the CD 3 hours for the scan, if GMER finds anything another 3 hours for another scan and then 2 hours for the victory dance).

ps. I am a so your first guess was correct :).