Win32/Sirefef.b Description

Win32/Sirefef.b may refer to one of two different components in an overall multi-structured Sirefef infection. In some instances, Win32/Sirefef.b may refer to a virus, in others, to a Trojan; in either case, Win32/Sirefef.b usually is accompanied by other parts of a Sirefef infection which is classified to be a serious security threat. Win32/Sirefef.b and related threats can overwrite drivers and other natural system files, download and install malicious programs, inject harmful code into native processes or programs, hijack your web browser and conceal their files in specially-created drives. Foolproof removal of Win32/Sirefef.b from your PC entails the use of high-quality security software to make certain that all Win32/Sirefef.b components are deleted.

The Trojan Half of Win32/Sirefef.b

Even though different Sirefef infections have been seen for years, recent versions of Win32/Sirefef.b and similar threats have been reported as late as 2011. Keeping your security software updated for recent PC threats will reduce, if not necessarily, eliminate the possibility of being seriously damaged by a Win32/Sirefef.b attack.

The dropper Trojan component of Win32/Sirefef.b is the Trojan that initially installs the different parts of the entire Sirefef package. Win32/Sirefef.b Trojans attempt to replace a random driver. The fake driver infection is loaded by the Win32/Sirefef.b Trojan in order to download and install malicious files from websites and other external sources.

Win32/Sirefef.b Trojans can also be detected under aliases like Dropper/Smiscer.79360.B, Trojan horse Crypt.NSQ, Trj/Dropper.WF and Mal/EncPk-NL.

The Virus on the Flip-Side of Win32/Sirefef.b

In some cases, drivers that are infected by the Win32/Sirefef.b Trojan may be detected by in the form of Win32/Sirefef.b viruses, as well as by alternative names like Sirefef.I. Once overwritten, a driver's normal functions may be inaccessible. This can cause other problems for your computer such as an inability to use certain programs or files that require the driver. In cases where Win32/Sirefef.b viruses overwrite important system drivers, you may even be unable to use your operating system.

Viruses like Win32/Sirefef.b can also infect other files on your computer for the purposes of self-preservation and propagation. Pay attention to the security of your network-shared resources and your removable drive devices to prevent Win32/Sirefef.b from spreading to another PC.

Unfortunately, there are few to no visible symptoms of a Win32/Sirefef.b infection. In spite of this seemingly invisible attack, Win32/Sirefef.b and other Sirefef components are serious threats to your security. Browser hijacks are the most obvious attack that Win32/Sirefef.b-related threats make use of; be wary if you find your browser redirected to harmful or affiliate-paying sites like

You shouldn't expect to see Win32/Sirefef.b processes running in Task Manager since Win32/Sirefef.b viruses and other parts of Sirefef will infect preexisting files processes instead of running their own processes. Deleting Win32/Sirefef.b and other Sirefef threats should be done with updated and high-quality anti-virus software if you can access such applications.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 Explorer/ShellFolders Startup="C:\windows/start menu/programs\startup
    2 HKEY_CURRENT_USER \Software \Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\Run
    3 HKEY_CURRENT_USER/Software\Microsoft\Windows\CurrentVersion\Run
    4 HKEY_CURRENT_USER\ Software\ Microsoft \Windows\ CurrentVersion
    5 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
    6 HKEY_LOCAL_MACHINE \Software \Microsoft \Windows \CurrentVersion \RunServicesOnce
    7 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    9 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Win32/Sirefef.b may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: June 28, 2011
Home Malware Programs Viruses Win32/Sirefef.b

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.