One of my friends’ computer was infected by Trojan:Win64/Sirefef.AE yesterday. He complained that the infection had greatly decreased his computer performance and further affected his work efficiency. “Why you just run your antivirus program to remove the Trojan horse immediately?” I asked him. “It didn’t help.” He said sadly. So, why doesn’t an antivirus program help to remove the threat? I looked up information about Trojan:Win64/Sirefef.AE on the Internet and know why. This Trojan horse is crafted with rootkit technique and is not easy to be detected and removed by a common antivirus program. The followings contain some details about this threat, the guide to clean it up and tips to avoid it.
Trojan:Win64/Sirefef.AE is a Trojan horse that belongs to the notorious Win64/Sirefef family. Like its other family member, it mainly targets 64-bit Windows operating systems and sneaks into users’ computers using advanced stealth techniques. This Trojan horse can do different things inside the infected computers, including: downloading and running other files, contacting remote hosts, disabling security features, changing browser settings, and even collecting and transmitting users’ confidential information and data to the remote hackers. Users notice its presence when some problems begin to occur on their computers. For examples: there are some strange noises which come out of nowhere; search results are redirected to unknown websites; a stack of security alerts and advertisements pops up on the computer; computer runs extremely slowly and sluggishly; some users even surprisingly to find out that their money has been stolen without any knowledge! Unfortunately, it is very difficult to remove Trojan:Win64/Sirefef.AE. Normally, an antivirus program can easily detect the threats on the computer. However, most users find it not work when running their antivirus programs to remove this malicious Trojan horse. This is because that this Trojan horse is able to hide itself deep within the computer’s system files. Actually, manually removing the threat will be an effective way. Here’s how to do it:
Note: The manual removal is a complicated and risky task which should only be attempted by advanced computer users. If you are less-experienced in computer operation, please download and use a powerful removal tool to remove the Trojan horse right now.
Manual Removal Guide:
Step 1: Restart the computer. During the start-up process, keep tapping the F8 key repeatedly until the Advanced Boot Options comes up on the screen. Then use the arrow keys to highlight the “Safe Mode with Command Prompt” option and press Enter to proceed.
Step 2: When the window as follow pops up, type “regedit” quickly (in 2-3 seconds) and press Enter.
Step 3: When the registry editor is opened, please search for and delete any malicious registry entries related to Trojan:Win64/Sirefef.AE.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\[random].exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\[Trojan horse name]
Step 4: Click Start menu, choose “Control Panel” and click on “Appearance and Personalization”.
Step 5: Click on the “Show hidden files and folders” option under “Folder Option” heading.
Step 6: Under the “View” tab, tick “Show hidden files, folders, and drives”, remove the checkmark from the checkbox labeled “Hide protected operating system files (Recommended)” and click OK.
Step 7: Navigate to the Local Disk C, search for and clean up the malicious files associated with the Trojan horse.
%AllUsersProfile%Application Data.exe[Trojan horse name]
%Documents and Settings%[UserName]Application Data[random]
Note: The manual removal of Trojan:Win64/Sirefef.AE would be risky for novice users to handle, for it requires them to search for and delete the malicious registry entries and files manually. If any important system files are mistakenly deleted, it would result in severe system problems. So, if you have no enough computer knowledge and skills, it is highly recommended that you run an advanced removal to perform a safe and effective removal of this threat. Designed with advanced features, the removal tool can thoroughly detect out the malicious components of the Trojan horse from the infected computer easily.
Tips to Avoid Trojan:Win64/Sirefef.AE Infection
Usually, this Trojan horse is distributed via internet and it gets installed your computer by taking advantage of system vulnerabilities. To avoid being infected by this vicious Trojan horse, you should pay attention to the aspects listed below:
1. Be cautious when receiving a spam email. Do not download and open the attachments of this unknown email.
2. Be cautious when using sharing network. Do not receive files sent from an unknown sender.
3. Do not download shareware, freeware and other free files and programs from unsafe sources.
4. Do not click on suspicious links and visit unsecured websites like pornographic websites.
5. Keep update your operating system regularly and upgrade your security tools to the latest version timely.