Jump to content

rootkit.win32.sirefef.gen!b


Recommended Posts

Malware Bytes and Stopzilla recently detected the sirefef rootkit. I havae a Windows 7 64 home.

Removing it and rebooting it does not work, as it returns during another scan.

System restore fails to a blue screen and memory dump.

Any help removing this safely is greatly appreciated.

Here is the text from the detection log.

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.06.13

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Ross :: SKYNET [administrator]

Protection: Enabled

8/6/2012 7:28:13 PM

mbam-log-2012-08-06 (19-41-55).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 235698

Time elapsed: 2 minute(s), 18 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 3

C:\Windows\Installer\{8bf14eb0-88ce-f2e1-fa1a-7713993e0f64}\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.

C:\Windows\Installer\{8bf14eb0-88ce-f2e1-fa1a-7713993e0f64}\U\000000cb.@ (Rootkit.0Access) -> No action taken.

C:\Windows\Installer\{8bf14eb0-88ce-f2e1-fa1a-7713993e0f64}\U\80000032.@ (Rootkit.0Access) -> No action taken.

(end)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.