Trojan:Win64/Sirefef.C is a trojan that connects to a remote server to download arbitrary files which can include malware, such as other components of the Sirefef malware family. This trojan is commonly installed by another variant of Sirefef such as Trojan:Win32/Sirefef.J.

TrojanDropper:Win32/Sirefef.gen!A is a trojan that is used to install Win32/Sirefef. It is distributed using exploits and social engineering tactics, where it is bundled with "keygens" and "cracks".

In a typical scenario, you may choose to download what they think is a "keygen" or "crack" (a program that enables software piracy by bypassing licensing or activation requirements). However, TrojanDropper:Win32/Sirefef.gen!A is also included in the download and is installed on your computer  - without your knowledge - alongside the keygen or crack. 

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. If you are infected with Sirefef, we recommend you take the following steps to remove this threat from your computer:

Before you begin you will need:

- A computer that is not infected and is connected to the Internet. You will use this computer to download a copy of the Microsoft Safety Scanner
- A blank CD, DVD or USB drive. You will use this CD, DVD or USB drive to run the Scanner on your infected computer 

1. Download a copy of the Microsoft Safety Scanner from a clean, uninfected computer
2. Save a copy of the Scanner on a blank CD, DVD, or USB drive
3. Restart the infected computer
4. Insert the CD, DVD, or USB drive into your infected computer and run the Scanner
5. Let the Scanner clean your computer and remove any infections it finds

After running the Scanner, ensure that your antivirus product is up-to-date. You can update Microsoft security products by downloading the latest definitions at this link: Get the latest definitions.

As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Trojan:Win64/Sirefef.AA is a user-mode component of the Sirefef malware family and runs on the 64-bit version of Windows. Sirefef is a multi-component family that performs different functions, such as downloading updates and additional Sirefef components, hiding existing Sirefef components or performing a payload. This malware moderates your Internet experience by changing search results, and generating pay-per-click advertising revenue for the malware controllers.

For more information about the Sirefef family, see the description for Win32/Sirefef elsewhere in the encyclopedia.

Trojan:Win32/Sirefef.AZ is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Trojan:Win32/Sirefef.AK is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Virus:Win64/Sirefef.B is the 64-bit user-mode component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. If you are infected with Sirefef, we recommend you take the following steps to remove this threat from your computer:

Before you begin you will need:

- A computer that is not infected and is connected to the Internet. You will use this computer to download a copy of the Microsoft Safety Scanner
- A blank CD, DVD or USB drive. You will use this CD, DVD or USB drive to run the Scanner on your infected computer 

1. Download a copy of the Microsoft Safety Scanner from a clean, uninfected computer
2. Save a copy of the Scanner on a blank CD, DVD, or USB drive
3. Restart the infected computer
4. Insert the CD, DVD, or USB drive into your infected computer and run the Scanner
5. Let the Scanner clean your computer and remove any infections it finds

After running the Scanner, ensure that your antivirus product is up-to-date. You can update Microsoft security products by downloading the latest definitions at this link: Get the latest definitions.

As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Trojan:Win32/Sirefef.AQ is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Virus:Win32/Sirefef.R is a detection for Windows system drivers that are modified to perform certain behaviors, such as downloading and executing arbitrary files. This malware is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components or performing the payload.

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. If you are infected with Sirefef, we recommend you take the following steps to remove this threat from your computer:

Before you begin you will need:

- A computer that is not infected and is connected to the Internet. You will use this computer to download a copy of the Microsoft Safety Scanner
- A blank CD, DVD or USB drive. You will use this CD, DVD or USB drive to run the Scanner on your infected computer 

1. Download a copy of the Microsoft Safety Scanner from a clean, uninfected computer
2. Save a copy of the Scanner on a blank CD, DVD, or USB drive
3. Restart the infected computer
4. Insert the CD, DVD, or USB drive into your infected computer and run the Scanner
5. Let the Scanner clean your computer and remove any infections it finds

After running the Scanner, ensure that your antivirus product is up-to-date. You can update Microsoft security products by downloading the latest definitions at this link: Get the latest definitions.

As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Trojan:Win64/Sirefef.AC is a component of Win64/Sirefef - a multi-component family of malware that uses stealth to hide its presence on your computer. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.

Caution: Win64/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Trojan:Win64/Sirefef.AD is a component of Win64/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Trojan:Win32/Sirefef.K is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Trojan:Win64/Sirefef.K is the 64-bit user-mode component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Virus:Win32/Sirefef.N is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. If you are infected with Sirefef, we recommend you take the following steps to remove this threat from your computer:

Before you begin you will need:

- A computer that is not infected and is connected to the Internet. You will use this computer to download a copy of the Microsoft Safety Scanner
- A blank CD, DVD or USB drive. You will use this CD, DVD or USB drive to run the Scanner on your infected computer 

1. Download a copy of the Microsoft Safety Scanner from a clean, uninfected computer
2. Save a copy of the Scanner on a blank CD, DVD, or USB drive
3. Restart the infected computer
4. Insert the CD, DVD, or USB drive into your infected computer and run the Scanner
5. Let the Scanner clean your computer and remove any infections it finds

After running the Scanner, ensure that your antivirus product is up-to-date. You can update Microsoft security products by downloading the latest definitions at this link: Get the latest definitions.

As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

TrojanDownloader:Win32/Sirefef.E is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. If you are infected with Sirefef, we recommend you take the following steps to remove this threat from your computer:

Before you begin you will need:

- A computer that is not infected and is connected to the Internet. You will use this computer to download a copy of the Microsoft Safety Scanner
- A blank CD, DVD or USB drive. You will use this CD, DVD or USB drive to run the Scanner on your infected computer 

1. Download a copy of the Microsoft Safety Scanner from a clean, uninfected computer
2. Save a copy of the Scanner on a blank CD, DVD, or USB drive
3. Restart the infected computer
4. Insert the CD, DVD, or USB drive into your infected computer and run the Scanner
5. Let the Scanner clean your computer and remove any infections it finds

After running the Scanner, ensure that your antivirus product is up-to-date. You can update Microsoft security products by downloading the latest definitions at this link: Get the latest definitions.

As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Trojan:Win64/Sirefef.W is the 64-bit user-mode component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by modifying search results, and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components or performing a payload.