SHARE
THIS ON

Facebook Twitter Google Plus

Free Virus Removal Tools

PC infected with a specific virus? Get rid of it now, for free! Simply browse through our database of known viruses below and hit the download button to start the virus removal process!

shield

Remove all Viruses and Spyware

Let one of Bitdefender's Microsoft Certified Tech-Pros eliminate all your PC annoyances!

Find Out More
Virus activity

threat level

Alert level : medium
Latest news
NSA Peaks Daily through Your E-mail and IM Buddy Lists
The National Security Agency has been collecting millions of contact lists from e-mail and [...]
Read More
German Unity Day Doubles Number of DACH-Targeted Fraud and Phishing Attacks
Two times more Germans were likely to become victims of phishing and fraud attacks on the [...]
Read More
Android Malvertising Scam Promises Antivirus, Delivers Lifetime Subscription to Ringtones
A banner delivered by an InMobi advertising SDK included in several legitimate application [...]
Read More
Charity Scams: Does Your Click Save a Starving Child?
You’ve seen the cries for mercy. Heart-wrenching photos of disfigured children, tear-jer [...]
Read More
ICO Urged Companies to Crack Down on Unsecure Devices
The UK Information Commissioner’s Office has advised companies to crack down on unse [...]
Read More
Bitdefender detects Tor Browser Bundle Javascript exploit
Bitdefender has added detection against the Tor Browser Bundle exploit. The exploit has be [...]
Read More
Bitdefender sports new feature in wake of Obad trojan
Bitdefender has introduced a new feature in its mobile security offering, following the di [...]
Read More
New TDL Clones in the Wild
New TDL clones are making the rounds these days, according to Bitdefender Labs antimalware [...]
Read More
BTC Acceptance Rising – Among Cyber-thieves
While the actual Bitcoin currency might have its ups and downs, the notion that it is real [...]
Read More
Police Ransomware Trojan Morphs, Spreads
The Trojan.Icepol e-threat (that we’ve covered here before) is still alive and very [...]
Read More
Featured removal tool

Rootkit.Sirefef.Gen

HIGH
MEDIUM
2.7 MB
11.20.2012

ZeroAccess/Sirefef is a sophisticated kernel-mode rootkit that gets installed when a ZeroAccess dropper gets executed. Initially, the dropper checks to see whether it is running on a 32- or a 64-bit machine by querrying the ZWQueryInformationProcess api. If it runs on a system that has UAC enabled, the malware manipulates the system to make a legit application look as if it requires escalation. This is achieved by loading a clean copy of the FlashPlayer installer that is dropped to a temporary directory. The Windows Firewall is turned off and the malware will try to disable a series of security sub-systems such as WinDefend (Windows Defender service), wscsvc (Windows Security Center service), WinHttpAutoProxySvc (Proxy Auto Discovery service). If the dropper runs on a 32-bit operating system, ZeroAccess installs a kernel-mode rootkit. If it runs on a 64-bit machine, it executes its code directly from the memory. [...]

load more results