How to get rid of Sirefef Trojan :

Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features.

As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features.

This virus can open a security backdoor which will put your computer in high risk level. It allows remote attackers access your computer to download and activate possible malware on the infected system. Therefore, it should be removed without any delay.

To clean your PC you can use out Automatic Removal  Tool :

 


Download Sirefef Removal ToolThis software will completly remove the sirefef trojan horse from your PC. You can also remove it manually .

 Manual Removal Guide :

  • Restart the infected computer and keep pressing F8 key before Windows launches; then use arrow keys to select and log in with Safe Mode with Networking

  • Under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK

  •  Press the Start button and click on the Run option (You can use WINDOWS+R). This will start the Run tool. Type in taskmgr and press OK. This should start the Windows Task Manager

upuy[1]

  • Stop all the Sirefef process :

250px-System_idle_process[1]

  • Processes that should be killed :

rddp[1]

  • Start regedit.exe :
  • regedit[1]
  • Remove Sirefef registry entries (you need to find it) :

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

Note :To completely remove it, we need to find out the process, files and registry entries of the virus. If you haven’t sufficient expertise in dealing with program files, processes, dll files and registry entries, it is not recommended to delete the infections by hand. 

 

4 thoughts on “How to get rid of Sirefef Trojan :

  1. Thanks very much. I tried everything to remove this problem before installing these specific programs. With help of this guide my computer is good as new.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>