Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Wednesday, June 12, 2013

How to remove Luhe.Sirefef.A Trojan virus (Uninstall Guide)

Tell your friends:
Luhe.Sirefef.A is a malicious Trojan horse from the Sirefef malware family. Just as the good people of Troy unwittingly let their enemies into their midst, this Trojan horse will similarly trick you into infecting your own computer and being the catalyst for the damage that will then occur. How this happens is that the person who wrote and coded the Trojan horse manipulates you by convincing you to either perform an action or offer personal information, either without you realising you’re doing it, or against your better judgement. The threat is currently spreading and is ranked 60 in the world for online threats, according to AVG. Which means that there are at least 100K infected computers. If you received a pop-up warning "Found Luhe.Sirefef.A" paired with other Trojans, for example, Trojan horse Generic32.CEMU, then your computer is definitely infected with this rather sophisticated malware. Sometimes, antivirus programs cannot properly remove this infection. Most of them will suggest you to remove Luhe.Sirefef.A manually, however, this can be really difficult task. First of all, because it's a deeply embedded virus. Secondly, you can be 100% that your computer is clean, even if you think that you removed all the malicious files. So, to remove this Trojan from your computer, please follow the removal guide below.

Cyber crooks distribute this Trojan in every possible way to reach as many PC users as possible. Usually, they use hacked websites. They may also send you an email with an infected attachment, which once clicked upon will run the Trojan horse and infect your PC or laptop. For example let’s say the email has a game attached to it – it looks great fun and you can’t wait to get playing. So what do you do? You run the .exe file in order to install the game on your computer but bingo – you’ve just installed the Luhe.Sirefef.A Trojan.

What the Trojan horse will then do is to start over-writing certain sections of your hard drive thus corrupting your files and data. Very often, this virus is detected in services.exe and other system files. The only small silver lining to this cloud is that Trojan horses are not actually viruses (although many people tend to think of them as such). A computer virus will replicate itself but a Trojan horse will not. The good thing about this is that Trojan horses only wreak their damage if they are given the opportunity to run and the majority of good anti-malware software will be able to detect and delete Trojan horse software before you have a chance to do anything with it.

So what is the moral of this story that started off with a Greek army and ended up with data corruption? The number one rule is the same that should be applied when protecting yourself from all forms of malicious software and viruses: make sure you have a well-known brand of anti-malware software installed on your computer to stop Luhe.Sirefef.A in its track. And make sure it’s the latest version too.

Furthermore, don’t open programs or download software unless you are 100% sure that they come from a reliable and trusted source – particularly if they have been sent to you in the form of an executable file attached to an email. And if you don’t know the sender; then definitely don’t touch it. Remember that this is exactly the way Trojan horses work – don’t make the same mistake as the people of Troy did by letting it through the ‘gates’ of your computer. If you antivirus was unable to disinfect Luhe.Sirefef.A, please follow the removal instructions below on how to eliminate this and any other threat from your computer. If you have any questions, please leave a comment below. Good luck and be safe online!

Written by Michael Kaur,

Luhe.Sirefef.A removal instructions:

1. Please reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key.

NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Download recommended anti-malware software (direct download) and run a full system scan to remove this Trojan from your computer.

3. Reboot your computer as normal. Download and run TDSSKiller. Press the button Start scan for the utility to start scanning.

4. Wait for the scan and disinfection process to be over. Then click Continue. Please reboot your computer after the disinfection is over.