Aliases: Backdoor/Win32.ZAccess (AhnLab) BackDoor.Maxplus.90 (Dr.Web) Win32/Sirefef.DL trojan (ESET) Backdoor.Win32.ZAccess (Ikarus) Backdoor.Win32.ZAccess.aug (Kaspersky) Mal/Sirefef-AA (Sophos) BKDR_ZACCESS.FP (Trend Micro)
Microsoft security software detects and removes this threat.
This family of malware uses stealth to hide itself. Trojans in this family can do different things, including:
Members of the family can also change search results, which can generate money for the attackers who use Sirefef.
Variants of Win32/Sirefef may be installed by other malware, including variants of the Trojan:Win32/Necurs family.
See the Win32/Sirefef family description for more information.
The following free Microsoft software detects and removes this threat:
If you're having trouble cleaning Win32/Sirefef, the Microsoft Safety Scanner may help you remove it:
After you've used the Microsoft Safety Scanner, you should make sure your security software is up to date and run a full scan:
Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.
Note that as part of the cleaning, our software might change some Windows services back to their default settings. If you had previously changed these settings, you might need to change them again.
The services that are reset include:
You can also visit the Microsoft virus and malware community for more help.