Infected With Trojan:Win32/Sirefef.AG? (Step-By-Step Removal)

Microsoft Security Essentials keeps reporting Trojan:Win32/Sirefef.AG? Does the virus keep appearing every time you reboot the computer? Is there a permanent way to get rid of this Trojan? Learn more here.

Trojan:Win32/Sirefef.AG Description:

Trojan:Win32/Sirefef.AG is a malicious Trojan infection that can be fatal for computer system. It propagates via network based bundled/encrypted downloads, USB drive based malware installations and many others ways. This nasty Trojan can come bundled with other Trojans such as Trojan:Win32/Sirefef.AC, Trojan:Win32/Sirefef.AH, Trojan:Win32/Sirefef.AK etc. When it is downloaded, MSE is able to detect but always fail to remove it since Sirefef Trojan does not have an interface, and its infected files can be concealed from elimination using the feature of the relevant rootkit. It can not only occupy high resources which will strikingly slows down your computer speed and even causes your computer stuck frequently, but also will gather your personal data such as credit card info, log in numbers and then connect to a remote IRC server and forward the data to cybercriminals without your permission. All in all, Trojan:Win32/Sirefef.AG can only destroy your PC and it affects the Windows Registry to make the targeted computer unusable all the time. It is suggested users to eliminate this threat as soon as possible.

Trojan infected symptoms:

It can bypass the legit security tools and destroy your computer secretly.

It prevents you from opening some application because the files are corrupted.

It can make your browser redirected to all kinds of malicious websites.

It is able to allow remote hacker access the compromised system for illicit purpose.

Note: As there are no tools can remove Trojan:Win32/Sirefef.AG automatically at this moment, it is suggested users not spend much time in downloading or paying any security software which claims can delete this stubborn virus. It is totally useless. To completely get rid of this pest, professional manual guide is needed.

Manual Removal Guides:

1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.

2. Show hidden files and folders.

Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.

3. Open Registry entries. Find out the malicious files and entries and then delete all.

Attention: Always be sure to back up your PC before making any changes.

a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.

b. All malicious files and registry entries that should be deleted:

%AllUsersProfile%\Application Data\
%AllUsersProfile%\Application Data\.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run = “%WinDir%\AppPatch\.exe,”
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load = “%WinDir%\AppPatch\.exe,”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System = “%WinDir%\AppPatch\.exe,”
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\”44d228d9?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = “%WinDir%\AppPatch\.exe,”

Video Shows You How to Safely Modify Windows Registry Editor:

Manual removal of Trojan:Win32/Sirefef.AG requires Expertise, Please take care before performing the steps. If you failed to remove this Malware, you are welcome to contact PC expert to fix the problem.

Published by on June 3, 2012 2:39 am, last updated on August 18, 2012 4:20 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On