Melbourne Brisbane Computer Repairs, Website design & SEO |  |
| sirfef.y is very difficult to remove Posted: 23 Sep 2012 11:45 PM PDT  Back in June 2012, I was looking at an infected PC, and after running Malwarebytes, it looked like the PC was clean. But after a restart, Microsoft Security Essentials reported that it had found sirfef.y, and that it would remove it. After removal, the computer would give a 60 second grace period before restarting. I first thought that the 60 seconds was MSE forcing a restart. But it was actually sirfef.y restarting the PC to prevent anything from removing it. Since sirfef.y is a rootkit, most standard security tools struggle to remove it. I tried a few different tools (all had to be run from safe mode, to avoid the 60 seconds before a reboot), but tdsskiller and a few others either wouldn’t detect it, or would not be able to remove it. After a lot of research, I eventually had to use a tool like gmer… then interpret the results, and then manually remove the rootkit files responsible for the infection. Certainly not something an average (or even an advanced) PC user would be able to do. With infections like this on the rise, I’m starting to wonder how much worse this can get, and if the PC security companies can do anything to improve their products, to defend against this type of infection? Related posts:
 |
| You are subscribed to email updates from Computer Help To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
0 comments:
Post a Comment