Help! I've been invaded by a Trojan

  sjt0506 19:39 06 Jun 2013

I hope you clever people out there can help me please! In summary my Internet did not work , I ran windows defender which told me it had deleted Trojan: win32/Sirefef .gen!E Upon clicking the bottom right hand icon it told me I had limited access to wifi. From this helpful forum I tried the following: From command prompt I ran netsh windsock reset. This worked perfectly until I closed down for the day and then returned to the limited connectivity. Ran the netsh again and it did not work this time.

Then I tried:

SFC/scannow - no effect

Net local group administrators localservice /add Net local group administrators network service /add

This gave me back full wireless network per the icon and control panel but I still can't get the Internet. Just the' page cannot be displayed' message It is prob something stupid I have done but I would really appreciate any help available

  Forum Editor 06:58 07 Jun 2013

This Trojan dropper is a nasty one, and can affect all software on the computer.

I suggest that you take a look at this and then download and run the Microsoft malicious software removal tool. You'll find a link to it at the bottom of the page in my link.

  sjt0506 12:35 07 Jun 2013

Thanks so much for this answer but I wonder if you could help me further please? This Trojan has taken away my Internet access and therefore I am unable to download the malicious software removal tool. It also won't let me turn on windows firewall. As you can probably tell I'm quite a philistine with computers !! Cheers Sam

  onthelimit1 14:32 07 Jun 2013

You will need to download it with a different machine and save it to a memory stick. You can then run it from there on the affected one.

  rdave13 00:21 08 Jun 2013

I would untick the resolved tick button as this isn't resolved. What security software do you run? I would start in safe mode (no internet connection) and run your security programs then. See what they find and quarantine. Reboot.

Sounds as a proxy server is trying to be used. In Internet Explorer click on tools, Internet Options, Connections, Lan settings, disable the proxy server and just tick Automatically detect settings.

To boot Vista to safe mode tap F8 (sometimes F5) continuously on boot up. In the Advancer boot screen select safe mode (no internet connection). After it installs all the files you can log in. Don't worry about the different way the desktop looks as that is normal in safe mode.

  sjt0506 15:39 08 Jun 2013

Thanks for this rdave13 ! Firstly how do I untick the tick it doesn't change when i tap it - told you i was a computer clutz! Also I checked for a proxy server I safe mode and there isn't 't one. However you have shown me how to get into safe mode and I am now doing a system restore - here's hoping that works. The only security software I have been running are windows defender and windows firewall. Obviously not enough. Many thanks for your help. Believe it or not I am enjoying the challenge.

  rdave13 15:54 08 Jun 2013

It used to be that you could just click on it again and it would turn grey.

After the restore I would download a free AV, I use Avast free. Would also download Malwarebytes, SAS and spywareblaster. Update all and run scans. With malwarebytes you have the option of running a free trial for the pro version.

Avast free

Malwarebytes free link

Free SAS link

Spywareblaster. This is a blocker. Don't select auto update but update manually.

As with any free downloads remember to untick offered toolbars etc when installing. I think Avast offers Google toolbar.

I'm only suggesting these programs as It's a list of what I use. Others might have different favourites.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5T review: Hands-on

See the Best Button Badge Designs of 2017

iPhone X review

Black Friday 2017 : date, sites participants & bonnes affaires