TR/Small.FI is a tricky Trojan that always comes bundled with other threats such as TR/Sirefef.AG.35 and TR/ATRAPS.Gen2. Usually it can be detected by Avira Antivirus and will bring various hazards on the infected computer. After installed, it can open a backdoor to download or install other corrupt system files onto the infected PC, making computer deep in crisis.
It controls your keyword search and then depending on what you are searching for, then shows commercials advertisements and finally slows down your computer. In addition, TR/Small.FI is able to collect all your information as well as send it to other locations without your knowledge or consent. It runs high risks for the compromised system and even its network environment as it can connect to a remote IRC server and forward the data to cybercriminals without a computer user’s awareness. It is suggested users to use the manual way to remove the Trojan instantly.
Slow down your PC speed notably.
Add other dangerous Trojan or Spyware to your system secretly.
Allow the hacker to access your entire system.
Collect all your personal information and transfer to a remote hacker.
Destroy critical system files and make PC unstable.
From malicious drive-by-download scripts from corrupted porn and shareware / freeware websites.
Through spam email attachments, media downloads and social networks.
When clicking suspicious popups or malicious links.
Open unknown email or download media files that contain the activation code of the virus.
Note: No matter how does the virus access your PC, users should know that there are no tools can remove this pesky Trojan automatically at this moment, it is suggested users not spend much time in downloading or paying any security software which claims can delete this stubborn virus. It is totally useless. To completely get rid of this pest, professional manual guide is needed.
1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%UserProfile%\Application Data\random.exe
%SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup\updates.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\run\random.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” = :0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TR/Small.FI
Manual removal of TR/Small.FI needs computer literacy, Please take cautions before performing the steps above. If you failed to remove this Malware, you are welcome to contact YooCare agents to fix the problem.
Published by on June 18, 2012 4:21 pm, last updated on August 17, 2012 5:29 pm
Leave a Reply
You must be logged in to post a comment.