FAQ: How did Sirefef or ZeroAccess Infect You?

In this frequently asked questions post, I will publish some of the questions people ask me, and then will post some answers from my expertise about Sirefef or ZeroAccess.

Q: How to protect from this atrocity?

A:
Get the review of Malwarebytes’ Anti-Malware

 

Q: Are Sirefef and ZeroAccess the same thing?

A: YES! They are both the same, but names different by many antivirus companies. This is sometimes due to language translations and competitiveness.

Q: Can the ZeroAccess virus infect my flash drive?

A: I doubt that the virus could activate on the flash drive, unless you plugged it in while logged on to the infected Windows. If you’re worried about running something accidental on the flash drive, use USB Immunizer from BitDefender to disinfect it.

Q: Should my passwords be changed after the ZeroAccess infection? Is it only active ones to change?

All active passwords and even passive ones need to be changed. If you’re unsure about passive ones, then don’t set a new password based on old passwords. Go all fresh with new passwords. See more on passwords.

Q: What is Sirefef, how did it infect my computer, or when are new variants released?

Sirefef or ZeroAccess is a transitional rootkit, virus, and/or backdoor trojan. It is still being watched and studied constantly, having 2-3 new variants every two weeks. We stay abreast of all changes.

Q: How did Sirefef infect me?

Viruses or other malware get embedded in to webpages through iFrame exploits commonly, or through vulnerable plugin exploitation. For iFrame exploits, malware authors can create a small (1x1px) iFrame, which contains scripts necessary to run malware on a target machine by automatically downloading and installing malware. The vulnerable plugin problem happens when people fail to update Adobe Reader, Adobe Flash Player, Java Runtime Environment, Apple QuickTime, Mozilla Firefox, etc. Many times, malware authors use these vulnerable versions of the plugins to distribute an exploit, which can allow them to take control of a computer.

Other malware can be distributed by means of operating system and program bugs. Sometimes programs and very often, Windows, becomes vulnerable to attacks, because of certain bugs in the code.

Those whom do not have proper Internet security protection will fall victim to exploits.

Many people are being hit with Sirefef because of these exploits. I’d say 3/4 of people I’ve seen here on the forums have out-of-date plugins, inevitably leading to infection. Sirefef is one of the most prevalent and highly engaged malware coded problems in the past year.

It is highly recommended to have proper Internet security protection! We recommend you to read that post and pick out a premium antivirus program for your computer RIGHT AWAY!

About these ads

Tags: , , , , , , , , , , , , ,

About Jay Pfoutz

Full time computer security consultant

7 responses to “FAQ: How did Sirefef or ZeroAccess Infect You?”

  1. wyroby z betonu says :

    I went over this website and I believe you have a lot of excellent info, saved to my bookmarks (:.

  2. Dean Royston-Ing says :

    Thank you so much for your help, you are a LEGEND!

Follow

Get every new post delivered to your Inbox.

Join 504 other followers

%d bloggers like this: