TheRoss Posted August 6, 2012 ID:581581 Share Posted August 6, 2012 Malware Bytes and Stopzilla recently detected the sirefef rootkit. I havae a Windows 7 64 home.Removing it and rebooting it does not work, as it returns during another scan.System restore fails to a blue screen and memory dump.Any help removing this safely is greatly appreciated.Here is the text from the detection log.Malwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.08.06.13Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Ross :: SKYNET [administrator]Protection: Enabled8/6/2012 7:28:13 PMmbam-log-2012-08-06 (19-41-55).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 235698Time elapsed: 2 minute(s), 18 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 3C:\Windows\Installer\{8bf14eb0-88ce-f2e1-fa1a-7713993e0f64}\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.C:\Windows\Installer\{8bf14eb0-88ce-f2e1-fa1a-7713993e0f64}\U\000000cb.@ (Rootkit.0Access) -> No action taken.C:\Windows\Installer\{8bf14eb0-88ce-f2e1-fa1a-7713993e0f64}\U\80000032.@ (Rootkit.0Access) -> No action taken.(end) Link to post Share on other sites More sharing options...
MrCharlie Posted August 7, 2012 ID:581588 Share Posted August 7, 2012 New topic here:http://forums.malwarebytes.org/index.php?showtopic=113779This one will be closed, MrC Link to post Share on other sites More sharing options...
Recommended Posts