Sirefef Virus; A Detection And Removal Guide

The Sirefef virus, also known as ZeroAccess, is considered to be a multi-component family of malware; this means that there are a variety of ways in which it can be implemented such as (virus, rootkit or Trojan horse). Using stealth techniques, the virus essentially hides itself from the user and thus goes undetected in system scans; it does this by altering the internal processes of your operating system so your antivirus and antispyware does not detect its presence.  Furthermore, it also includes a sophisticated self-defense mechanism which terminated any security related processes attempting to access it.

By attaching itself to an application, the Siefef virus is run when the application is executed. It consequently activates and delivers its payload (such as deleting critical system files, capturing sensitive information and enabling ‘back doors’ that allow hackers to access your system over the internet and steal personal information such as passwords, bank details and other sensitive data).

Detection and Removal of Sirefef using SpyHunter

Detection

The following is a list of symptoms which may indicate that your system has been infected by the Sirefef virus:

• Search results from search engines get redirected to other websites
• The desktop background changes
• The internet browser’s homepage changes without your consent
• Your system slows down considerably
• You notice a lot of advertisements starting to pop-up

Upon detection of even the slightest abnormality in your system’s activity, it is recommended that you immediately scan your computer thoroughly using certified anti-spyware software to ascertain the existence of any prevailing infection; SpyHunter is an invaluable tool is this regard as it is specifically designed to detect malware, spyware, Trojans and root kits.

Removal

The highly advanced SpyHunter is equipped with the ability to successfully detect and remove the infected files and restore your system to normal functionality.

Manual Removal

You may also remove the Sirefef virus manually, but due to the complexity of the procedure itself, basic knowledge and understanding of computers is a compulsory pre-requisite.

Step 1: Terminate Infected Processes

1. Right-Click on the Taskbar and click on Start Task Manager
2. Select the Processes tab and terminate the following processes by selecting each process and clicking on End Process
   1. HelpSvc.exe
   1. Win32k.sys:1
   1. Win32k.sys:2
   1. Logevent.dll
   1. Thumbs.db

Step 2: Restore Internet Browser Settings

The Sirefef virus is notorious for changing your browser’s default settings in order to redirect traffic to its desired websites. Follow the steps given below to restore the settings of your respective browser:

For Internet Explorer:

1. Open Internet Explorer, click on the Tools menu and click Internet Options
2. In the Internet Options window, select the Advanced tab
3. Click Reset and Reset again when asked to confirm

For Firefox:

1. Open Firefox and Click on the Firefox button at the top left
2. Hover your mouse over the Help menu, a sub-menu will appear.
3. On the sub-menu, click Troubleshooting Information
4. Click the Reset Firefox button and confirm again to reset the settings.

For Chrome

1. Open Chrome and click the Chrome button at the end of the address bar
2. Click Settings
3. Scroll down and click Show advanced settings at the bottom of the page
4. Scroll down and click Reset browser settings

Whichever method you opt for, upon completion of the procedure, make sure to scan your system using a good antivirus software to confirm complete removal of the Sirefef virus from your system.