Windows Firewall blocking sharing, Action Center turned off


  1. Kari
    Posts : 17,545
    Windows 10 Pro x64 EN-GB
       New #1

    Windows Firewall blocking sharing, Action Center turned off


    Neighbor's rig. After a teenager got it totally messed up I was called to have a look.

    Windows 7 Home Premium x64. MSE and Malwarebytes found some 40+ threats which I cleaned. Rescans after last reboot clean. Got a cup of coffee as thank you, came home.

    Later this evening a call, neighbor told that now media sharing is not working. Went to have a look, Action Center is disabled and can't be turned on, and when Windows Firewall is enabled you can't turn sharing on. Sharing OK when Firewall is turned off.

    I have gone through all services, from security services to sharing. All services running as they should be.

    Gone through everything mentioned in these:
    Windows firewall blocking media streaming
    Action Center is turned off

    Ideas?

    Kari
      My Computer
    Quote Quote

  3. gregrocker
    Posts : 50,642
       New #2

    I'd look at the Malwarebytes and MSE logs to see what was involved. Serious infection can require specialized tools and methods known to our Security specialists to remove them.

    Then check if damaged System files can be repaired using SFC /SCANNOW Command, or if not a Repair Install.

    It is rare however that truly serious infection can be completely cleaned up. It may save time to get a Clean Install Windows 7 or Clean Reinstall - Factory OEM Windows 7.

    But I'd consult Jacee first to see what can be done for the specfic infection(s).
      My Computer
    Quote Quote

  4. Kari
    Posts : 17,545
    Windows 10 Pro x64 EN-GB
    Thread Starter
       New #3

    Thanks Greg. Too late now, almost 1 AM here, but I will check the logs tomorrow.
      My Computer
    Quote Quote

  6. Kari
    Posts : 17,545
    Windows 10 Pro x64 EN-GB
    Thread Starter
       New #4

    OK, this was really serious. Was over there now, MSE logs had a lot of entries of Sirefef, Sirefef.W and Sirefef.AB. This from Encyclopedia entry: Trojan:Win64/Sirefef.AB - Learn more about malware - Microsoft Malware Protection Center
    Summary

    Trojan:Win64/Sirefef.AB is a component of the Sirefef multi-platform rootkit, related to Win32/Sirefef. Sirefef is multi-component malware family that modifies search results when you search for something on the Internet and generates pay-per-click advertising revenue for its controllers. This particular component clicks on links supplied by a remote attacker to generate revenue.

    Caution: Win32/Sirefef is a dangerous threat that uses advanced stealth techniques in order to hinder its detection and removal. As a consequence of being infected with this threat, you may need to repair and reconfigure some Windows security features. Please see Additional remediation steps in this entry for more information.
    Nothing I did helped, Security Center impossible to turn on, all sharing and network connections dead as soon as firewall was turned on. Everything I found on the net told me it's better to restore the system.

    Luckily (I thought!) I have teached my neighbors to backup, so I just asked the teenager of the house to give me the external disk with image backups. His face was shining like the sun when he revealed how clever he is: anticipating that we need to restore the system, he told he had deleted all old images yesterday evening and created a brand new image...

    We had to reinstall, of course, this image from yesterday is not usable, containing all the errors of current system. I left them now to download and install Windows Updates.

    Kari
      My Computer
    Quote Quote

  7. boohbah
    Posts : 14,606
    Microsoft Windows 7 Home Premium 64-bit 7600
       New #5

    that reminds me of the fridge magnet we have that says....

    " ask a teenager whilst they still know everything"

      My Computer
    Quote Quote

 

  Related Discussions
I have Windows Firewall turned off because i have Comodo Firewall installed but every time when i start Windows i get this message about Winamp player: 'windows firewall has blocked some features of this program', and i have to click 'Allow Access' button. Why is this happening when the firewall is...
I have a wired network consisting of 3 Windows 7 Profesional computers and one WHS server. My network configuration has been in place for over 2-years without an issue. One of my Windows 7 computers has developed an issue where I can no longer access the the other two Windows 7 computers through...
Over the weekend I had the unfortunate luck of getting the FBI Moneypak virus. I downloaded MalwareBytes to get rid of it but now my Windows Firewall is blocking my media sharing. I'm not sure if MalwareBytes has anything to do with but that's the last thing I installed on this pc. I tried...
Taskbar Properties/Notification area/Customize/Turn system icons on or off/Action Center is Off and grayed out. I actually want it showing all the time. Restore default icon behaviors and checking Always show all icons and notifications on the taskbar does not bring it back either. It is...
This problem started a few days ago. I can't even really tell you guys if I installed any updates or new programs because I don't even remember, which probably means, that I, in fact, DID NOT install anything new on the machine before this error starting popping up. I routinely restarted my Dell...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 16:34.
Find Us