Trojan:Win32/Sirefef.AQ is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.

Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.

Trojan:Win32/Sirefef.BC is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.

Note: This Sirefef variant has been observed using specific ports for its peer-to-peer communications. We strongly encourage you to block access to the following ports to limit Sirefef’s communication channels and prevent additional Sirefef components being downloaded:

• 16464
• 16465
• 16470
• 16471

You can read more about how to block access to a port in this article: http://support.microsoft.com/kb/813878