RussianHow to fix ZeroAccess(Sirefef.R, Sirefef.B) with infected system file
Zero Access rootkit works with Windows 32-bit and 64-bit.
Check your computer for Zero Access Rootkit problem
Removal of ZeroAccess 32/64.7.8(Sirefef) - Recycler variant.
Windows XP/Vista/Seven 32 and 64-bit
September 10 2012Requirements: UnHackMe Warrior
Open "UnHackMe" - Rootkit Killer
Version 5.99.400 (September 10 2012)
Detected by UnHackMe:
Item Name: Rootkit: ZeroAccess 32/64.8
Author: Unknown
Related File:
Type: Devices in Memory
Item Name: Rootkit: ZeroAccess 32/64.7
Author: Unknown
Related File:
Type: Devices in Memory
Detected by Warrior CD:
N
Rootkit executable file: C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\n
Removal Results: Success
Number of reboot: 1
N is known as:
ZeroAccess.gu, W32.PornoAsset.H, Trojan-Ransom.PornoAsset, Mal.Katusha-J, Trojan.Sirefef.BC, Win32:Sirefef-AJR , Win32.Sirefef.EV, W32.Birele.VEJ.tr, Cryptic.EGJ
N hash:
- MD5: 2d992155600a72606af182512cee52c0
- HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\: "C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\n."
- C:\RECYCLER\S-1-5-21-1659004503-1708537768-1801674531-500\$b191330c415d588357c79de300728739
- C:\RECYCLER\S-1-5-18
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\L
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\U
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\L\00000004.@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\L\00000008.@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\n
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\U\00000004.@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\U\00000008.@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\U\000000cb.@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\U\80000000.@
- C:\RECYCLER\S-1-5-18\$b191330c415d588357c79de300728739\U\80000032.@
- %WinDir%\assembly\GAC\Desktop.ini
Benefits of using Warrior
- Simple. No need to have special computer skills for rootkit removal.
- Quick. Rootkit removal in one reboot.
System requirements
Windows 9x, 2000/2003/XP/2008/Vista/Seven or higher 32 or 64 bit.512 Mb RAM
CD/DVD drive or USB stick.
Purchase now!
Purchase includes:
• UnHackMe Single License - Electronic Delivery
• Warrior CD Image - Electronic Delivery
People say:
LisaThis solution works great. Thanks!
Jim
Works as advertised. Keep up your good work guys!