Jul 19, 2012

How to Manually Remove Trojan.Sirefef.GY Virus (Step-by-step Guide)

What is Trojan.Sirefef.GY Infection:

Trojan.Sirefef.GY is defined as a malicious Trojan infection that aims at messing with your computer and collecting your money. Coming from the Trojan serial family as Trojan.Sirefef.Ga, this small virus has a powerful effect on computers. So once it’s been detected by your antivirus software, please try to get rid of it manually as soon as possible.

Once the Trojan.Sirefef.GY infection is done, it will start by changing several default settings of system so that it won’t be easily removed by antivirus software. After that, it can show up again after every reboot when you think you have completely removed it. You may wonder how you got this infection since you haven’t logged on hacked websites or watching online porn videos. Hacked websites do not show up differently from normal sites. Besides from that, downloading unknown free programs or opening spam emails could also lead to the infection. Soon lots of fake system messages and advertisements will keep popping up. This Trojan infection can also allow cyber criminals to capture your valuable information by opening an entry in backdoor activities. If you cannot delete it in time, more viruses, malware and useless files will be dropped into your computer making it stuck often.

The following instructions require certain levels of computer skills like editing Registry Editor and delete registry entries. If you’re not sure how to delete Trojan.Sirefef.GY virus, please live chat with YooCare experts now

Tips on Manual Removal:

Since antivirus software cannot fully remove this Trojan.Sirefef.GY infection, a manual processing is required. In case that any mistake might occur and cause unpredictable damages, please spend some time on making a backup beforehand. Then follow these steps given as below:

1. Reboot the infected computer and get into safe mode with networking. When you have pressed the restart button, please keep pressing F8 on your keyboard until a black screen with several commands appears. Then use the arrow keys to select “Safe Mode with Networking” and press E/ENTER;

2. Open Control Panel from Start menu and go to Folder Options;

3. Under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended);

4. Press Windows+R keys to open the Run window and type regedit to open Registry Editor;

5. Find out and delete all these associating files as below:
%Windows%\system32\[rnd].exe
C:\Documents and Settings\admin\local settings\temp\random.exe
%Documents and Settings%\[UserName]\Application Data\[random]
%AllUsersProfile%\Application Data\.dll
%AllUsersProfile%\Application Data\. (Trojan.Sirefef.GY)

6. Find out and remove all these associating registry entries:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Regedit32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “random”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “[Trojan Sirefef GY].exe”

7. Restart the computer to normal mode when the above steps are done.

Video Shows You How to Safely Modify Windows Registry Editor:

Note: If you don’t have much computer background knowledge and have failed to remove the Trojan.Sirefef.GY virus by the above instructions, please contact YooCare Expert for a fast and professional removal.

Published by & last updated on July 19, 2012 12:08 pm

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On