Sirefef.Y
Posted: June 6, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 91 |
| First Seen: | June 6, 2012 |
|---|---|
| OS(es) Affected: | Windows |
Sirefef.Y is a member of the Sirefef or Zero Access family of rootkits and Trojans, and, as such, may be used to thwart your PC's security software or otherwise negatively impact your computer's performance and safety. Besides difficulties with using security-related programs, symptoms of Sirefef.Y and other Sirefef infections can also include random system reboots, search engine hijacks and the presence of rogue anti-malware programs. SpywareRemove.com malware researchers advise you to treat Sirefef.Y, like all other members of its family, as a high-level threat to any Windows-based computer's integrity, and encourage using in-depth system scans to find and remove both Sirefef.Y and affiliated PC threats. Failure to accomplish this in short order can result in exposure to malicious sites, contact with other forms of harmful software or even theft of personal information.
Sirefef.Y: the Jail Keeper for Your Operating System
Sirefef.Y is just one of many parts of a multiple-component rootkit infection that attacks your PC in several ways, with many of the attacks serving separate and distinct (but still harmful) purposes. Sirefef.Y, also identified by its aliases Trojan:Win64/Sirefef.Y and Trojan:Win32/Sirefef.Y, is used to conceal other components of Sirefef-based attacks by swapping out normal Windows APIs with malicious equivalents. These application-controlling interface exploits allow Sirefef.Y to run both itself and related PC threats as parts of the Windows operating system, and also lets Sirefef.Y avoid creating obvious symptoms of its presence.
SpywareRemove.com security research team also observes that Sirefef.Y may monitor your memory processes and block Windows firewall processes, especially the 'MpsSvc' service. All of these attacks are backed up by Sirefef.Y's ability to receive commands from a remote attacker by making unauthorized changes to the network port 25700. These security issues allow other members of Sirefef.Y's family to compromise your computer's safety with minimal symptoms (as per traditional backdoor Trojan attacks).
Why You'll Want to Kick All of Sirefef.Y's Friends Out, Too
While you should be prepared to use dedicated anti-malware software to get rid of Sirefef.Y, any attempt to delete Sirefef.Y should also follow up with a scan of your total PC. Failure to completely uninstall all aspects of Sirefef.Y-related PC threats can result in continuing attacks, which SpywareRemove.com malware researchers warn may pose the following dangers:
- Disabling or damaging anti-malware and security programs. Some of these effects may only be visible after a system restart.
- Redirecting your browser to harmful or unexpected websites.
- Fraudulent pop-up warnings and other symptoms that are common to rogue security applications (which portray themselves as useful anti-malware or system maintenance products).
- System shutdowns, especially during attempts to detect or remove Sirefef.Y-related PC threats.
Since ZeroAccess Trojans like Sirefef.Y are both highly-damaging and sophisticated, SpywareRemove.com malware experts suggest that manual removal techniques should be reserved for scenarios where anti-malware programs are completely inaccessible.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 189.44 KB (189440 bytes)
MD5: ac15b1ac5887a00461497846909e89ed
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: June 7, 2012
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.