How do I remove Sirefef (ZeroAccess) trojan?KB Solution ID: SOLN2895|Last Revised: February 05, 2014
- Your ESET product detects the threat Win32/Sirefef, patched.b.gen, or Conedex
- You believe that you are infected with a rogue antivirus such as "Open Cloud Security"
- You receive the message "Error communicating with kernel"
- This malware is also known as "ZeroAccess" or "Max++" and ESET detects all variants of this threat as Win32/Sirefef
I. Download the ESETSirfefCleaner tool
Click the link below to download the ESETSirefefCleaner tool. Save the file to your Desktop and continue to part II.
II. Run the ESETSirefefCleaner tool
- From your Desktop, double-click ESETSirefefCleaner, which you downloaded in part I.
- If security notifications appear, click Continue or Run.
- The message "Win32/Sirefef.EV found in your system" will be displayed If an infection is found. Press Y on your keyboard to remove the infection.
- Once the tool has run, you will be prompted to restore system services after you restart your computer. Press Y on your keyboard to restore system services and restart your computer.
- Once your computer has restarted, if you are presented with a security notification click Yes or Allow. and then continue to part III below.
- Open ESET Smart Security or ESET NOD32 Antivirus. How do I open my ESET product?
- Click Computer Scan Custom scan... and select In-depth scan from the Scan profile drop-down menu.
- Select the check box next to Computer and click Scan. The scan will remove any remnants of the malware still left on your system.
Windows XP users: Select the check box next to My Computer and then click Scan.
If you are still unable to resolve your issue, please contact ESET Customer Care.