gadix wrote:FREE tool to disinfect TRJ/Sirefef and Rootkit/ZAccessHave you tested it?
http://www.pandasecurity.com/usa/homeus ... rd?id=1672
A forum for reverse engineering, OS internals and malware analysis
Tested on Windows XP SP3 32bit on VMWare Workstation 8.0.0 and it successfully remove Sirefef.P (8e2f4bf01cb0de455d1a2c97ee606842)
https://www.virustotal.com/file/7017464 ... /analysis/
Requires two reboots one to install a driver and one to remove the infection itself. I attached the log from the program to this post in case you want to see what exactly it logs/does.
https://www.virustotal.com/file/7017464 ... /analysis/
Requires two reboots one to install a driver and one to remove the infection itself. I attached the log from the program to this post in case you want to see what exactly it logs/does.
Attachments
(90.71 KiB) Downloaded 61 times
http://www.pandasecurity.com/usa/homeus ... rd?id=1672I don't see the download from that link.
CodeAddiction wrote:Yesterday it was available, but now broken...http://www.pandasecurity.com/usa/homeus ... rd?id=1672I don't see the download from that link.
I did a search on the site, but could not find any new download link.
Dunno if it is against the rules to post it or not since it was pulled by panda for some reason but i've got a copy of it on my machine at home still if it isn't available by then i'll provide a copy of it for those that want it.
Neurofunk, could you PM me? Thanks.
Hi everyone,
Here was my analysis using yorkyt.exe >> http://thisisudax.blogspot.com/2012/03/ ... ccess.html
Here was my analysis using yorkyt.exe >> http://thisisudax.blogspot.com/2012/03/ ... ccess.html
rkhunter wrote:Yesterday it was available, but now broken...New version is available: 0.0.0.192
http://www.pandasecurity.com/usa/homeus ... idIdioma=2
I wonder what they changed/improved.
Anyone test this one latest yet?
Steps still as previous version.
Running XP SP2 here
Steps still as previous version.
Running XP SP2 here
