On my computer i have windows 7 and i downloaded google chrome, but whenever i go online it says TR/Sirefef.AG.35, TR/ATRAPS.Gen2 and EXP/CVE-2012-0507 were found by . Cyber cribbers resort to extreme measures to programme and improve various Trojan to create more and more invasion to personal computers. TR/Sirefef.AG.35 is such Trojan which has been spreading widely around the world.

TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 are dangerous trojan horses that detected by Avira AntiVir Personal Security tool. It is the same stubborn as Win32:Sirefef-AO[Rtk]. As an offensive Trojan, they always try to grasp any chance to invade the target system. When your computer was infected with TR/Sirefef.AG.35 then you still were attacked by TR/ATRAPS.Gen2 and EXP/CVE-2012-0507.AU. Before you find its true purposes, the infection have settled down in your computer. When they successfully attract users’ hearts to believe them, TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 will pretend to start its righteous work. Some people have experienced with that situation:”Avira popping up with TR/Sirefef.AG.35 every few minutes in a file called 800000cb.@ in a subdirectory of AppData/Local. They ran a full system scan, had all infected files moved to quarantine, and deleted all quarantined files. They also ran Malwarebytes Anti-Malware, which at that time didn’t find anything.” Have you ever seen such an irksome infection before? It is extremely important to drop everything that you are doing and to concentrate entirely on removing TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 from your machine. If you tried to use anti-virus programs to scan your computer fully, then after a while during scanning, the viruses made your computer frozen or crashed down halfway through.It seemed to be fine when you did a system restore to a point, but then infections will come back soon.That is crazy. Many people may don’t understand how they get infected; they don’t do anything but just browse some websites. They don’t know that when they browse websites the TR/Sirefef AG.35 and TR/ATRAPS Gen2 can access their PCs silently without their permissions. What to do then? Many users know enough but am not advanced when it comes to changing things that could cause more damage than good. Luckily, you can safely and absolutely get rid of TR/Sirefef.AG.35, TR/ATRAPS.Gen2 and EXP/CVE-2012-0507 here.

To save your computer, Live Chat with YooSecurity Expert Now, or you can follow the manual removal guide below to get your problem fixed. (For advanced computer users)

The effective way to deal with TR/Sirefef.AG.35 and TR/ATRAPS.Gen2

You found that the files had been renamed, but new ones had been generated after rebooted. Many victims ran the Kaspersky rescue disk, but it just scans the first few files and then aborts to desktop.The viruses blocked Windows Firewall service in your computer. TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 are not in the range of common viruses. They can be unapprehended even you have an antivirus to protect your PC. So the really useful way to kill them is to remove the threats manually. Of course removal of such virus needs professional skills. And if you can’t remove them by yourself, we strongly recommend you to get YooCare/YooScurity for further help.

Guide to get in safe mode with networking:

Restart your computer. As your computer restarts but before Windows launches, tap “F8” key constantly. Use the arrow keys to highlight the “Safe Mode with Networking” option, and then press ENTER.

Basic steps to manually remove TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 Virus

Press Ctrl+Alt+Del keys together and stop all processes of TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 in the Windows Task Manager.

Open the Registry Editor, search and remove registry entries related to TR/Sirefef AG 35 and TR/ATRAPS Gen2

All associated files of TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 virus should be removed completely.

%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_64\*.* /S /MD5
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%\temp*.*

[TR/Sirefef.AG.35] /media/Devices/sda1/Windows/Installer/{ff24043d-55f8-5ce9-a20a-8337d9b4b888}/U/80000000.@

[TR/ATRAPS.Gen2] /media/Devices/sda1/Windows/Installer/{ff24043d-55f8-5ce9-a20a-8337d9b4b888}/U/800000cb.@

Video Tutorial On How to Modify or Change Windows Registry:

Registry Entries That Generated By TR/Sirefef.AG.35 and TR/ATRAPS.Gen2 Viruses

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Note: Please feel free to get YooSecurity 24/7 online support anytime you get stuck or when you feel it’s tough to kill the such terrible virus.

 

Published by Tony Shepherd & last updated on November 9, 2012 2:29 pm

Leave a Reply