Jul 18, 2012

Easily Remove Win32/sirefef.FC Trojan (Step-By-Step Guide)

Win32/sirefef.FC Description:

Win32/sirefef.FC is a malicious trojan infection that detected by Eset Smart Security. It can sneak into target computers without any awareness and open a backdoor which allows a remote attacker to control the infected computer. When this Trojan is installed, it will perform all kinds of evil actions.

The dangerous Trojan can slow down the infected computer and make its removal very difficult since it is located in C:\Windows\system32\services.exe which belongs to system file. Once running on the background, it will create a backdoor and connect to a remote server, allowing a remote attacker to gain control on the compromised computer. It will download malicious files to the computer without permission which will cause security danger as well. In a word, Win32/sirefef.FC may represent security risk for the compromised system and its network environment. You should have it deleted without any hesitation.

Please take caution when you perform the manual guide below. Manual removal is a risky job, any mistake may lead to system crash immediately. If you need any help, please live chat with YooCare experts now.

Manual Removal Guides:

1. Show hidden files and folders.

Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

Click the View tab.

Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.

2. Open Registry entries. Find out the malicious files and entries and then delete all.

Attention: Always be sure to back up your PC before making any changes.

a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.

b. All malicious files and registry entries that should be deleted:

%AllUsersProfile%\[random]
%AppData%\Roaming\Microsoft\Windows\Templates\[random]
%AllUsersProfile%\Application Data\.exe
%UserProfile%\Desktop\

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “[Win32/sirefef.FC].exe”

Video Shows You How to Safely Modify Windows Registry Editor:

If you failed to remove this Trojan with the instructions above or need any assistant, you are welcome to contact YooCare experts to resolve all the problems completely.

Published by & last updated on July 18, 2012 12:57 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On