How to Remove Win32/Sirefef.R Completely? – Trojan Removal Help

Win32/Sirefef.R Description:

Win32/Sirefef.R is another member from the nasty Sirefef Family targets to attack computers with 32 bit just like Trojan:Win32/Sirefef.FA. It is discovered by Microsoft Security Essentials recently. This infection can access the targeted computer without any permission and conceal its components deeply in an infected operating system to avoid the deletion of antivirus programs.

Upon installation, this virus may establish a connection so that remote attacker may gain control on the infected computer. It will gather your personal data such as credit card info, log in numbers and then connect to a remote IRC server and forward the data to cybercriminals without your permission. Moreover, it displays numerous annoying advertisements while you are browsing online. This annoying virus is also capable of bring additional spyware to your machine, making your computer in crisis. Hence, users should know Win32/Sirefef.R only represents security risk for the compromised system and its network environment. Do not hesitate to remove it before a precious mess to computer.

It is suggested users not to spend much time in downloading or paying for any security software which claims can delete this stubborn virus. The virus can escape from all kinds of security tools. It should be removed manually. If you don’t know how to do that, please live chat with YooCare experts now.

Manual Removal Guides:

1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.

2. Show hidden files and folders.

Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

Click the View tab.

Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.

3. Open Registry entries. Find out the malicious files and entries and then delete all.

Attention: Always be sure to back up your PC before making any changes.

a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.

b. All malicious files and registry entries that should be deleted:

%Documents and Settings%\[UserName]\Application Data\[random]
%AllUsersProfile%\Application Data\.exe(Win32/Sirefef.R)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “[random].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Taskman” = “%UserProfile%\Application Data\[RANDOM CHARACTER].exe”

Video Shows You How to Safely Modify Windows Registry Editor:

If you failed to remove Win32/Sirefef.R with the instructions above or need any assistant, you are welcome to contact YooCare experts to resolve all the problems completely.

Published by on July 8, 2012 11:08 am, last updated on August 17, 2012 5:05 pm

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On