Trojan:win32/skeeyah.A!rfn

Trojan:win32/skeeyah.A!rfn is detection by Microsoft Security Software products for trojans that has sole intention of gaining remote access on the compromised computer. To complete this, this threat will make certain changes on the system. It also opens a backdoor by modifying registry and firewall settings. Trojan:win32/skeeyah.A!rfn was also built to steal sensitive data from the infected PC. Collected data are stored on predefined section of the hard drive and was configured to be sent to remove attacker at a given time.

Threat behavior

Installation

Normally, malicious code of Trojan:win32/skeeyah.A!rfn is embedded on attached file to spam email messages. Opening it runs the malware without getting user's attention. Another means utilized by malware authors to spread Trojan:win32/skeeyah.A!rfn are malicious links from blog site's comment area, social networking sites, and cracked programs. Virus infection can also lead to this attack, particularly downloader trojan.

Payload

Once Trojan:win32/skeeyah.A!rfn is run on the computer, it will modify set of files. Furthermore, it will drop additional files that are likely malicious. Registry entries are also created to run the trojan each time Windows starts.

During the presence of Trojan:win32/skeeyah.A!rfn, anti-virus programs and other security-related software may be disabled. The threat normally ends running processes that are relevant to anti-virus, firewall, and other computer protection program.

Trojan:win32/skeeyah.A!rfn occasionally connects to a remote server using HTTP or FTP ports to upload information gathered from the PC.

Symptoms

Alerts from Microsoft Security Software security products are one sign that will surface during the presence of Trojan:win32/skeeyah.A!rfn.

How can you remove Trojan:win32/skeeyah.A!rfn?

To totally remove Trojan:win32/skeeyah.A!rfn from the computer and get rid of relevant viruses, please execute the procedures as stated on this page. Make sure that you have completely scan the system with suggested malware removal tools and virus scanners.

Windows XP, Windows Vista, and Windows 7 Instructions:

1. Open Microsoft Security Essentials by going to Windows Start > All Programs. If the tool is not yet installed on the computer, please download Microsoft Security Essentials from the link below. Save the file on your hard drive.

MSE Download Link (this will open on a new window)

Complete installation guide and usage are also provided on the same link. It is essential in removing Trojan:win32/skeeyah.A!rfn effectively. If Microsoft Security Essentials is already installed on the PC, please proceed with the steps below.

2. On Microsoft Security Essentials Home screen, please choose Full under Scan Options.

MSE Full Scan

3. Click on Scan Now button to start detecting Trojan:win32/skeeyah.A!rfn items, viruses, and malware on the PC. Scan may take a while, please be patient and wait for the process to end.

Windows 8 Instructions:

Windows Defender is a free tool that was built help you remove Trojan:win32/skeeyah.A!rfn, viruses, and other malicious items from Windows 8 system. Follow these procedures to scan your computer with Windows Defender:

1. Tap or click the Search charm, search for defender, and then open Windows Defender.

If Windows Defender is not yet installed on the computer, please proceed to download page using the link below. It also contains detailed instruction to install and use the program effectively. Proper usage is required to totally remove Trojan:win32/skeeyah.A!rfn

Windows Defender Download Link (this will open on a new window)

WD-charm

2. On the Home tab, click Full under Scan Options. Click Scan now to start scanning for presence of Trojan:win32/skeeyah.A!rfn. The process may take a while to complete.

WD-fullscan

3. After the scan, delete/quarantine identified threats wether it is relevant to Trojan:win32/skeeyah.A!rfn or not. You may now restart Windows to complete the virus removal process.

Double Check with Malwarebytes Anti-Malware

1. Download Malwarebytes Anti-Malware from the link below. Save the file on your hard drive.

MBAM Download Link (this will open on a new window)

2. Once the download completes, double-click on the file MB3-SETUP.EXE to run the program.

3. Select desired installation language when it prompts you.Then, click OK.

4. Continue with the process until MalwareBytes Anti-Malware is fully installed on the computer. The program will run automatically.

5. When Malwarebytes Anti-Malware interface appears, please select Scan on sidebar menu. Then, choose Threat Scan as shown in the image below. Click on Start Scan button to begin the process. The program will check for any available update before proceeding. Do not skip this step. Virus scan may take a while, please wait for the process to finish.

MBAM-threatscan

6. When scanning is done, Malwarebytes Anti-Malware will display the list of identified threats. Remove all and restart the computer to finalized the scan process.

3 thoughts on “Trojan:win32/skeeyah.A!rfn

  1. KOBO

    I have completed these steps but Windows Defender keeps telling me the virus is still present. I have installed and run Malware Bytes which found a few files, but not the above listed virus. I removed those and run the scan again and Windows defender still finds this torjan in the system.
    I have rebooted after the scan and removal to no avail – Please help!!

  2. TJ OConnor

    Yea, i have Malwarebytes Premium and it doesnt even pick it up, only Windows Defender Picks it up….

  3. furiosdestruct

    Hey Guys, I Have Found An Solution To This.
    Boot into safe mode. Check Your StartUp folder usually “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp” for unknown programs. if there are none try checking this folder “C:\Program Files (x86)” for any suspicious Folder and file Names that were made the day when your windows defender was triggered. If this doesn’t help backup your important files and do a complete factory reset as this remove everything on your C drive and also remove the back door (R.A.T).
    Best Of Luck.

Leave a Reply

Your email address will not be published. Required fields are marked *