Win64/Sirefef.AL is a harmful Trojan that can perform same evil tasks on the infected PC like Trojan:Win32/Sirefef.AL does. It mainly targets to attack computers with 64 bits. This tricky virus can compromise your computer by exploiting system security leaks. It is able to drop other threat such as Win64/Patched.B.Gen on the infected system and make your PC at risk.
After successfully installed, it can disable most of antivirus to avoid detection or removal. However, if you have ESET antivirus program installed, there is still a chance to detect the presence of this Trojan. Although ESET can detect it, it is not able to remove Win64/Sirefef.AL as well since it will keep popping up every minute even after cleaning. This virus embeds deeply in an infected system to make the removal rather difficult. It drops and executes malicious files and even hijacks the web browser, redirecting users to others suspicious websites. Being as a dangerous Trojan, it enables cyber criminals to gain remote access to the compromised PC system and notably slows down PC performance. Therefore, users should get rid of virus as soon as possible to avoid further damages.
1. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
2. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%Documents and Settings%\[UserName]\Application Data\[random]
%AllUsersProfile%\Application Data\.dll
%AllUsersProfile%\Application Data\.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[RANDOM].exe”
Win64/Sirefef.AL includes backdoor capabilities that opens network ports so as to download and install additional malware threats onto the infected computer. By corrupting essential system files and Windows drivers, this type of Trojan becomes very difficult to detect due to the fact that these files will often not be scanned by anti-malware software. It can make your PC deep in crisis. Even system restore won’t help to clean it up. It is suggested users to follow the manual guide above to remove it for good.
If you have no idea how to do about that, you are welcome to contact experts from YooCare Online Tech Support for further help.
Published by & last updated on August 6, 2012 12:20 am
Leave a Reply
You must be logged in to post a comment.