Selected viruses, spyware, and other threats: sorted alphabetically
You can download the removal tool here . The trojan then deletes source files.
The trojan drops one of the following files in the c:\windows\system32\ folder:The following files are dropped into the %systemdrive%\windows\ folder: The trojan may create and run a new thread with its own program code within any running process.
The trojan launches the following processes:
The trojan creates the following files:It uses techniques common for rootkits.
Short description
Win32/Sirefef.A is a trojan that redirects results of online search engines to web sites that contain adware. Installation
The trojan creates copies of the following files (source, destination): - c:\windows\system32\eventlog.dll, c:\windows\system32\
logevent.dll - c:\windows\system32\cngaudit.dll, c:\windows\system32\
logevent.dll
The trojan drops one of the following files in the c:\windows\system32\ folder:
- eventlog.dll (61952 B)
- cngaudit.dll (61952 B)
- win32k.sys:1 (12288 B)
- win32k.sys:2 (61952 B)
Other information
The trojan can redirect results of online search engines to web sites that contain adware. The trojan launches the following processes:
- %windir%\PCHealth\HelpCtr\Binaries\HelpSvc.exe
The trojan creates the following files:
- %commondocuments%\Thumbs.db
