How to remove sirefef trojan virus zeroaccess rootkit

How to Remove Sirefef Virus Trojan

The following is what I did to remove the sirefef trojan / virus.

Superantispyware did not find this trojan (at the time of this post/writing), malware bytes did not find it and don’t use the ESET removal tool, it just breaks things. In my case ESET sirefef removal tool deactivated my Windows 7.  McAfee stinger did not find this trojan/virus.

I ran Microsoft’s Microsoft Safety Scanner – Antivirus | Remove Spyware, Malware  tool. Use the FULL scan option and select in the end to remove everything. Forget viewing and selecting what to remove, let the tool just remove what it can. Don;t reboot yet. Run SFC /scannow . This will restore any files that got changed by SIREFEF trojan.

Here are the result of my SFC scan to fix files that were broken by sirefef. This worked. 

Then reboot. Run Microsoft’s Safety Scanner again. Run SFC again.  Reboot.  Depending on the speed of your computer, SFC and Microsoft’s Safety scanner can run a while but it’s worth it. My system is very fast so it did not take long, about 20 minutes. BE PATIENT.

Remove sirefef trojan virus

Microsoft Security Essentials again can be used to remove the sirefef virus if you already have it installed. If not, download and install it and run a full scan.

Below is an image capture of a successful removal of sirefef trojan virus using Microsoft Security Essentials.  The scan was run on a Windwos 7 computer.

Remove Virus Sirefef

Microsoft Security Essentials Remove Virus Sirefef


Enable RDP in Windows 7 Remotely using Regedit

Enable RDP in Windows 7 Remotely using Regedit

Connect To Remote Windows 7 Using Registry Editor

Connect to remote Windows 7 using regedit by running regedit on the local computer that will be used to connect to the remote Windows 7 computer.

Enable RDP in Windows 7 Remotely

Once in the registry of the remote windows 7 computer, navigate to the key fDenyTSConnections . It is found in the Local Machine Hive  -> System -> CurrentControlSet -> Control -> Terminal Server

Remotely edit registry settings in windows

Enable RDP on a Windows 7 Computer Remotely

Change fDenyTSConnections to 0 (zero).  This is done by double-clicking the fDenyTSConnections DWORD entry. When the smal window that allows the change opens, change the value 1 to a 0. This disables “deny”.

Remotely Modify Windows Registry to Enable Remote Access

Remotely Modify Windows Registry

Moving a System Drive With Operating system From One Computer to Another and Reuse Product Key

From what I’ve seen when moving a hard drive from one computer to another is that the operating system has to be re-activated. Microsoft has built-in a certain number of hardware changes allowed before a de-activation of the OS occurs. This started with XP.

Transferring Hard Drive to New Computer

The target computer should be on the hardware compatibility list and it is recommended to have drivers for the new hardware specific to the operating system available before the drive is moved in case they are needed. That is, they are not built into the OS. It is highly recommended to download the NIC drivers at least for the target machine’s hardware before moving the drive from one computer to another. The reason for downloading and having the NIC drivers handy is that if you have at least the NIC drivers, you’ll be able to install them if needed and get your network card working. Which then in turn means you can then connect to the internet and download other drivers such as sound , video , etc..

Move the System C Drive Partition Activation

If the source computer’s operating system key does not use an OEM product key then you stand a very good chance that the hard-drive can be transplanted successfully into the new computer and activate the OS. If the key was a regular key for windows 7, XP, Vista, ie. a retail key, and it does not have the letters OEM in the key , then you can move it. Should there be a problem re-activating online then a call to Microsoft’s license clearing house is in order. It is a toll free call and most of the time problems can be solved by just using the automated system. Should an agent pick-up the call or you need to be transferred to an agent, you simply tell them you have moved the system drive from one computer to another. So, the largest determining factor is the type of product key that is in use on the source computer installation.


Support of servers and desktops can be at times actually interesting and enjoyable. The exception is of course when there’s is no remote control computer access through the web or even on the local LAN to the computers having a problem. Microsoft’s RDP is also useful for remote access but the only downside is the user cannot see the desktop screen at the same time.  Many times, I’ve encountered computers that have the windows firewall enabled. The firewall will block programs from connecting for remote access and control. Other programs for remote support initiate connections outbound from the computer. Outbound connections are mostly always more effective because windows firewall will notify the user to permit them to block the connection but after the application or utility has already made the connection out.

Backup Your Computer
Online Backups

Online backups have increased in popularity, selections, and reliability. what has also helped this backup strategy to work has also been the increased bandwidth from ISPs. Customers have better choices for internet access than they did years ago. It was almost impossible or took a very long time or was very unreliable to do backups online. Now it is very common and the support for better software has increased in features and reliability.
Just as the early years of computer remote control and support through the web especially web based remote support was a difficult task to do over dial-up, but it was done. Now with more internet speed, online remote support also has undergone a change with so many providers offering services throughout. Remote support software and online PC remote support software now are commonly used for remote access and control of computer desktops or servers for faster service by information technology departments and managed service providers.
Online backup software and solutions are increasingly popular because of the needed supporting infrastructure, namely internet access has improved. Smartphones nowadays have more bandwidth than many many companies had for their whole office.