 | |
| |
| 26 Mar 2012 | #11 |
| | Gotcha. Wasn't necessarily thinking sinister (can't think of why any malware would try to block it), really just curious. Thanks for the response... |
My System Specs | |
| 26 Mar 2012 | #12 |
| | Since this morning I've also been dealing with what avast! identifies as Sirefef-JQ, Sirefef-IX, and Crypt-MBU. It was my first infection in nearly 20 years. I was able to kill the processes and clean up the remains before rebooting. It disabled and then removed all of the services below, according to Event Viewer. You might want to see if these are missing for you. I've restored the registry keys from a full drive backup I (coincidentally) made last night. I'm just concerned about what else it did while it briefly had administrator rights. Base Filtering Engine Windows Firewall Security Center WinHTTP Web Proxy Auto-Discovery Service IP Helper Windows Defender Last edited by zcwmeorp; 27 Mar 2012 at 12:41 AM.. |
| My System Specs |
| 26 Mar 2012 | #13 |
| | Sadly I have this too, i tried to copy MenaceF1's registry key thinking it would fix the problem, sadly no dice, while I got it working temporarily, the next day it was back to being greyed out in the system icons options thing and no longer at my task-bar where it should be, I have tried all the other ideas and fixes on the net yet this one seems to be the only thing close to a solution. I have run all the virus scans and malware scans using combofix, malwarebytes, avg2012 and spybot search and destroy. My question is this. Should i copy the registry entry again as it appears in MenaceF1's post again and see what happens??.... |
| My System Specs |
| . |
| |
| 26 Mar 2012 | #14 |
| | This is a realy serious Trojan/Rootkit, ricksta Encyclopedia entry Updated: Sep 20, 2011 | Published: Jun 21, 2011 Aliases
|
| My System Specs |
| 27 Mar 2012 | #15 |
| | Cool, more info. Hey got an update about this issue of mine. I managed to get the action centre working again, but still cant get the little white flag on the task bar working again. Real nasty piece of work this Trojan/Rootkit is. Does anyone know where I can get a copy of a clean registry from??....for the action centre?.... |
| My System Specs |
| 27 Mar 2012 | #16 |
| | 
Quote: Originally Posted by MenaceF1  If anyone's interesting in more detail about how I managed to work this out, I decided to observe what the virus does in a controlled environment. So I created a virtual machine running Windows 7, and deliberately infected it with the same virus while running a tool called "Process Monitor" that tells me every file it creates or deletes, and crucially, every registry key it modifies or deletes. And do you have any idea how it got into your system? That's my biggest concern now. I THINK all I was doing at the time was browsing hotels.com and Google Maps in Firefox 11. |
| My System Specs |
| 27 Mar 2012 | #17 |
| |
Quote: Originally Posted by ricksta Cool, more info. Hey got an update about this issue of mine. I managed to get the action centre working again, but still cant get the little white flag on the task bar working again. Real nasty piece of work this Trojan/Rootkit is. Does anyone know where I can get a copy of a clean registry from??....for the action centre?.... Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}] "AutoStart"="" |
| My System Specs |
| 28 Mar 2012 | #18 |
| | Great news and really bad news. The Action centre has been fixed and now pops up as it should be. But I think the monster virus has taken on a bad turn. About 5 minutes ago my computer went haywire, threw up a warning message that my copy of windows isn't genuine. Now it appears as though something new has possessed my pc. A watermark message now appears on my desktop "Windows 7 Build 7601 This Copy of Windows Is not Genuine". and I cant update the pc nor can I get updates for MSE. What the heck is going on. Id love to get my hands around the neck of the s.o.b. that made this virus. Any help would be greatly appreciated. pls help  |
| My System Specs |
| 28 Mar 2012 | #19 |
| | Hey all. Well, i took the easy road and re installed windows 7. Suffice to say it was the nastist virus i have ever encountered in my life . It got the best of me...lol. Thanks anyway. i guess if anyone else gets this virus, this is the check list. Action centre flag no longer appears, MSE will no longer allow updates. Action centre no longer launches (for me anyway). Greyed out system icons in the taskbar options. Hey if anyone else gets this nasty, be careful fiddling with the services and registry. |
| My System Specs |
| 31 Mar 2012 | #20 |
| | hi thank you very very much profi i like to have contact whith you on msn if you would like too.sorry for bad english bye have a nice day |
| My System Specs |
 |
Unable to fix Action Center notifications after virus Win64/Sirefef.B problems?
| Thread Tools | |
| Similar help and support threads for: Unable to fix Action Center notifications after virus Win64/Sirefef.B | ||||
| Thread | Forum | |||
 RPC Virus message in Action Center, though the virus seems to be gone? | System Security | |||
| Trojan win64/ sirefef.b and .J | System Security | |||
| Action Center Virus | System Security | |||
| Disable Action Center notifications | General Discussion | |||
| Action Center notifications w no icon | Customization | |||
All times are GMT -5. The time now is 04:19 PM.
