Win64/Sirefef.W
The Sirefef or ZeroAccess rootkit is a well-known malware infection that contains multiple components in order to take over a computer system. The Win64/Sirefef.W Trojan is one of these components and has been associated with disabling the infected computer system's security software and causing browser redirects. Win64/Sirefef.W uses a corrupted DLL file in order to hide itself on the victim's computer system, and since Win64/Sirefef.W injects itself into running file processes, Win64/Sirefef.W can be difficult to remove. Fortunately, Win64/Sirefef.W will almost never attack alone. Because of this, the presence of other malware on the infected computer system is often enough to alert a computer user that something is wrong. Then, using a reliable anti-malware program with anti-rootkit capabilities will usually weed out Win64/Sirefef.W and other components of a ZeroAccess or Sirefef attack.
Table of Contents
An Overview of Win64/Sirefef.W Attack
There are numerous components involved in a Sirefef or ZeroAccess attack. There are multiple variants of this infection which is as likely to be used as a standalone attacker or as a way of hiding another malware attack on the victim's computer system. As its name implies, Win64/Sirefef.W mainly targets computer systems with a 64-bit Windows operating system. However, it is common to see Win64/Sirefef.W effectively infecting 32-bit operating systems as well. Win64/Sirefef.W has been linked to various illegal file downloads, often distributed with cracks or serial key generators for software from illegal sources. Avoiding these kinds of files can go a long way towards preventing a Win64/Sirefef.W Trojan attack.
Detection and Prevention of Win64/Sirefef.W
While the ZeroAccess rootkit has been around for a long time, Win64/Sirefef.W in particular was not identified until March of 2012. Like most components of the Sirefef rootkit attack, Win64/Sirefef.W does not display obvious symptoms. It is commonly used as part of a rogue security program attack as well as for causing browser redirects to websites that profit from advertising revenue caused by this additional web traffic. Catching Win64/Sirefef.W is more complicated than typical Trojans because of the effects of the Sirefef Trojan. These will often install themselves in a way that can compromise the operating system if removed incorrectly, corrupting system drivers and creating hidden file systems in order to evade capture. Because of this, a specialized anti-rootkit utility may be necessary in order to deal with this threat.
SpyHunter Detects & Remove Win64/Sirefef.W
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | olcamsrv.dll | 5695f61bf26f6ab12858702a7b2740a5 | 0 |
| 2. | olcamsrv.dll | 668f26a7d27d4d34bdfcafea8c979182 | 0 |
| 3. | olcamsrv.dll | 6c4fe52f1cffa4c97764f393659dc005 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.