Avast keeps blocking a Trojan called Win32:Sirefef-ZT [Trj] on my computer but I am not able to remove it completely. Each time I tried to remove it, it said it is in C:\windows\system32\services.exe. And it keeps coming back. How do I get rid of Win32:Sirefef-ZT [Trj] virus completely without coming back?
Win32:Sirefef-ZT [Trj] is a pesky trojan horse that runs highly risk to your computer because it can open a backdoor that allows an attacker to steal sensitive information including user name and passwords that are stored on the PC. Once it is downloaded surreptitiously, Avast will begin to report its presence. It keeps blocking this stubborn Trojan saying C:\Windows\System32\services.exe is infected. And also there are other Trojan viruses will come bundled such as Win32:Sirefef-PL [Rtk] and Win32:Malware-gen.
This nasty Trojan aims to mess up your whole system and steal your personal information. It primarily adds additional computer threat to your computer so that you may get a blue screen of death randomly. Besides, this virus endangers the privacy of computer users because Trojan is able to create a backdoor and connect to a remote server, allowing a remote attacker to gain control on the compromised computer. In addition, it may monitor web-browsing activity of the user and redirect users to all kinds of ad sites against their wills. Therefore, it is recommended users to get rid of Win32:Sirefef-ZT [Trj] virus manually.
Freeze or shut down computer randomly
Open backdoor and download other threats
Let hackers remotely access your PC secretly
Track your personal activities on the Internet
Compromise your personal information and privacy
Currently many computer users had the same experience that this virus couldn’t be removed by any anti-virus applications. So the manual approach is always required to combat this virus. And here is the step-by-step removal guide for all computer users.
1. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
2. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%AllUsersProfile%\Application Data\.dll
%AllUsersProfile%\Application Data\.exe(random)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[RANDOM].exe”
Win32:Sirefef-ZT [Trj] is defined as a tricky Trojan horse that can take your computer system at a greater risk. It sneaks into your system when you accidentally visit malicious websites, download free software from unsafe sources and open spam email attachments etc. When it is installed, it has the ability to change or delete your kernel system files and some malicious registry entries to mess up and destroy your computer system. Moreover, you will notice some instant changes on the operation. Performance of the machine reduces to a half as well as your Internet connection. Hence, it is suggested PC users to remove Win32:Sirefef-ZT [Trj] virus as soon as possible.
If you are afraid of making mistake during removal, please contact experts from Yoocare Online Tech Support for further help.
Published by on May 8, 2013 6:56 am, last updated on February 11, 2014 11:48 am
Leave a Reply
You must be logged in to post a comment.