How to remove sirefef trojan virus zeroaccess rootkit

How to Remove Sirefef Virus Trojan

The following is what I did to remove the sirefef trojan / virus.

Superantispyware did not find this trojan (at the time of this post/writing), malware bytes did not find it and don’t use the ESET removal tool, it just breaks things. In my case ESET sirefef removal tool deactivated my Windows 7.  McAfee stinger did not find this trojan/virus.

I ran Microsoft’s Microsoft Safety Scanner – Antivirus | Remove Spyware, Malware  tool. Use the FULL scan option and select in the end to remove everything. Forget viewing and selecting what to remove, let the tool just remove what it can. Don;t reboot yet. Run SFC /scannow . This will restore any files that got changed by SIREFEF trojan.

Here are the result of my SFC scan to fix files that were broken by sirefef. This worked. 

Then reboot. Run Microsoft’s Safety Scanner again. Run SFC again.  Reboot.  Depending on the speed of your computer, SFC and Microsoft’s Safety scanner can run a while but it’s worth it. My system is very fast so it did not take long, about 20 minutes. BE PATIENT.

Remove sirefef trojan virus

Microsoft Security Essentials again can be used to remove the sirefef virus if you already have it installed. If not, download and install it and run a full scan.

Below is an image capture of a successful removal of sirefef trojan virus using Microsoft Security Essentials.  The scan was run on a Windwos 7 computer.

Remove Virus Sirefef

Microsoft Security Essentials Remove Virus Sirefef


About pctechgo
Work in technology field, touch many types of technologies from Exchange servers, to Citrix XenApp, virtualization like vmware, xenserver, MS hyper-V. Install servers, server apps, blackberry servers, networking hardware like Cisco switches routers, ASA firewalls, Sonicwall firewalls, and of course all levels of Microsoft from AD, DNS, to even desktops.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: