Internet FAQs

What is the ZeroAccess/Sirefef virus and how do I remove it?


The Microsoft Digital Crimes Unit announced December 5, 2013, that it has successfully disrupted a virus in collaboration with Europol’s European Cybercrime Centre (EC3), the Federal Bureau of Investigation (FBI) and leaders in the technology industry.

This particular botnet malware presents a significant threat as it has multiple malicious purposes including:

• Steals passwords, credit cards and personal information for use by criminals.

• Downloads more malware.

• Creates a hidden file system.

 

This malware affects ONLY Windows operating systems. As such, there is no need to take action with devices running other operating systems, such as MAC OS, iOS or Linux.

 

How to clean your system:

 

1. Download and run the Microsoft Safety Scanner found at: http://www.microsoft.com/security/scanner/. Computers with different configurations are affected by the malware differently. Since this is the most straightforward approach, you should attempt this first. If the Microsoft Safety Scanner does not download, this is an indication that your computer may be compromised by the ZeroAccess/Sirefef virus.

 

2. If you are unable to download the Microsoft Safety Scanner, please reference the knowledge base article Microsoft published that provides additional steps you can take to clean the infected PC. This article also has instructions for contacting Microsoft should you need Assisted Support.

3. See more help and information on removing viruses and malware and on securing your devices at our TWC Central Bothelp page.