Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Trojans Trojan:win64/sirefef.b

Trojan:win64/sirefef.b

By SpideyMan in Trojans

Trojan:win64/sirefef.b is a destructive Trojan that can invade the compromised PC system without an affected PC user's knowledge. Trojan:win64/sirefef.b is able to delete some important system files and disable certain related computer tasks, which enable Trojan:win64/sirefef.b to avoid your anti-virus programs and take control over your PC system. Trojan:win64/sirefef.b will be able to run every time when you start Windows starts. Once Trojan:win64/sirefef.b is installed onto your computer system, it will restart your PC automatically, use extremely high CPU, freeze a computer, redirect web browser, slow down PC performance, etc. Trojan:win64/sirefef.b will also steal your private details and then forward it to remote attackers. You should remove Trojan:win64/sirefef.b immediately upon detection to safeguard your machine.

File System Details

Trojan:win64/sirefef.b may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. C:\WINDOWS\SYSTEM32\DRIVERS\4DW4R3.sys
2. C:\WINDOWS\system32\UAC.dll
3. C:\WINDOWS\SYSTEM32\4DW4R3c.dll
4. %AllUsersProfile%\Application Data\.exe
5. C:\WINDOWS\system32\drivers\UAC.sys
6. C:\WINDOWS\_VOID\_VOIDd.sys
7. C:\WINDOWS\system32\_VOID.dll
8. %AllUsersProfile%\Application Data\.dll
9. C:\WINDOWS\system32\drivers\_VOID.sys
10. C:\Documents and Settings\\Application Data\_VOIDmainqt.dll
11. C:\WINDOWS\system32\uacinit.dll
12. C:\WINDOWS\SYSTEM32\4DW4R3.dll
13. %Temp%\UAC.tmp
14. C:\WINDOWS\system32\UAC.db
15. C:\WINDOWS\system32\_VOID.dat
16. C:\WINDOWS\Temp\UAC.tmp
17. C:\WINDOWS\_VOID\
18. C:\WINDOWS\system32\uactmp.db
19. %Documents and Settings%\[UserName]\Start Menu\ Settings.lnk
20. C:\WINDOWS\Temp\_VOIDtmp
21. %Temp%\_VOID.tmp
22. C:\WINDOWS\system32\UAC.dat
23. C:\WINDOWS\SYSTEM32\4DW4R3sv.dat

Registry Details

Trojan:win64/sirefef.b may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "ShowSuperHidden" = '0'
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UACd.sys
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Hidden" = '0'
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOID
HKEY_CLASSES_ROOT\secfile
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download 'RunInvalidSignatures' ='1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'yes'
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOIDd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\4DW4R3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = '1'

Trending

Most Viewed

Loading...