. . . .again with the viruses. This with Microsoft Security Essentials running constantly in the background. . .I have three files that insist on getting through the security setup. No matter how many times MSE stops them and removes them (oh yea and then insists on restarting the computer as well), immediately after the restart MSE detects the same three again and so the vicious circle starts again and again and again. . . .ad infinitum. They are "Sirefef.*" (with the * being a different letter each time). The only time this doesn't happen is if I disconnect the internet. I can go all day just fine as long as I'm working on a dead computer. . . but plug that baby in and BINGO, immediately the files are trying to access the computer again and the "Files Detected_Remove Files_Restart" process begins again. On top of that the Windows Firewall won't activate. Currently it's off and if I click to turn it on I get this long error code. I look that up and it refers me to an MS "Fix-it" website. However after running the fix-it troubleshooter, it admits that it can't FIX-IT. Go to Microsoft forums and they have no idea why it isn't functioning correctly. lol

All this after formatting my two HDD's and starting over from scratch a week ago because of another nasty encryption virus. It's tiring really, I spend more time stomping out fires than enjoying anything.:isadizzy:

Yep they got me too not the crypt one but the won't go away Sirefef pick a letter one.
Traced it back to C:\windows\system32\consrv.dll deleted that and then ran CCleaner and MSE full scan a couple of times seems to be gone now.
I hope!
Getting to where the web consists of the one or two web sites I can trust.

Yep they got me too not the crypt one but the won't go away Sirefef pick a letter one.
Traced it back to C:\windows\system32\consrv.dll deleted that and then ran CCleaner and MSE full scan a couple of times seems to be gone now.
I hope!
Getting to where the web consists of the one or two web sites I can trust.
Yea, MSE only seems to want to wait till it tries to invade the computer, then stop it, supposedly clean it and then restart. The files are coming in via something that's already on my system, yet nothing, not Malwarebytes, Search and Destroy or MSE can actually find anything, so these stupid files keep being stopped and cleaned over and over and over again. I can't really do anything of any length (like flying) because the MSE pop up is constantly wanting to restart the computer. Grrrr

worth a try??

http://www.malwarecity.com/blog/how-to-remove-zeroaccess-rootkitsirefef-from-your-pc-as-easy-as-1-2-3-1160.html

Seems we are in the same boat Ed no firewall and no way to turn it on.
Guess I didn't get it all.
If I find A fix I'll let you know.
Dogonecottonpickrattytattydodoo!!!!

i don't know if they may be able to help, but maybe ask the people over at PC Guide Forums in their Applications and Security section? I haven't had to use their services, but they seem fairly friendly and ready to help.

I'm not certain how to post links (or even if it's allowed), but they're easy enough to find: google pcguide.com, and them click on The PC Guide Discussion.., and then go to The Applications and Security section. They usually ask you to post a Hijack This Log first, so you'll need to read the sticky there about how to do that.

Just a suggestion, I've never posted there, but I read their forums all the time for pc info.

Hope that can help. Thanks - Rob

I don't know if this will help or even has anything to do with your current dilema, but a while back I was attacked by malware. It was probably the Russians as they seem to like infecting computers then making you pay for the fix.

Anyway, after trying everything I could think of, I was ready to format the main drive so I inserted the windows disc (I run Vista 64bit) and began the format process. Once the disc started to boot up it presented the option to repair Windows. With nothing to lose I hit the yes button and allowed the program to run.

What happened next amazed me because the repair function fixed all the Windows start up files and repaired the registry as well. The registry is where malware usually hides. It shuts off Windows security features, virus protection and a host of other things. I have been running smoothly ever since.

Anyway if it is not something you have already tried, it might be worth a shot. I am not sure, but I think the Repair option is resident on the different operating system install discs. Just put the Windows disc in and re-boot to see if the repair option is available. The rest is is up to you...good luck.

Anyway, after trying everything I could think of, I was ready to format the main drive so I inserted the windows disc (I run Vista 64bit) and began the format process. Once the disc started to boot up it presented the option to repair Windows. With nothing to lose I hit the yes button and allowed the program to run.

What happened next amazed me because the repair function fixed all the Windows start up files and repaired the registry as well. The registry is where malware usually hides. It shuts off Windows security features, virus protection and a host of other things. I have been running smoothly ever since.

very good idea.

Hi,

This happened to me a while back...and since I don't run Firefox without Ghostery, NoScript, and BetterPrivacy as my add-ons to make sure I remain invisible.

For any websites that try to redirect or "capture" you, it usually consists of running a script that downloads a virus or Malware. NoScript cuts the buggers off at the knees, while BetterPrivacy prevents cookies from running, and Ghostery prevents third-party add-ons.

I ended up having to reload my O/S on my laptop this week. From initial install to current status with Vista Home Premium 64-bit with Microsoft Office 2007 Enterprise is about 175 updates, give or take, including Service Pack 2, and two Service Packs for Office, with their corresponding updates, so I feel your pain.

Combo fix can nuke most viruses. I suggest downloading it from www.BleepingComputer.com (http://www.BleepingComputer.com). Restart in safe mode and run it. Should help you out.

Mozilla Firefox with the toppings you mention provide a very secure and private surfing. Of course Noscript has always been a 'must have'.
Ghostery and BetterPrivacy sound very good. They all have specific functions and appear to compliment each other rather than slowing the browser like most plug ins tend to do.

Thanks Rami!


Hi,

I don't run Firefox without Ghostery, NoScript, and BetterPrivacy as my add-ons to make sure I remain invisible.

For any websites that try to redirect or "capture" you, it usually consists of running a script that downloads a virus or Malware. NoScript cuts the buggers off at the knees, while BetterPrivacy prevents cookies from running, and Ghostery prevents third-party add-ons.

Through a PM it was suggested that I look at Avira Antivirus as a possibility. I downloaded their free antivirus package, installed it and let it run the full scan. It found 6 files that nothing else had picked up on. Those files were quarantined then deleted. I've had no intrusions since then and since they were coming through literally every second I was connected to the internet, this program seems to have gotten the offenders. Since the encryption virus I have tried and deleted about 4 well known Antivirus programs that were ineffective despite their claims, including Microsoft Security Essentials.

It is my belief, after all this, that despite our best efforts and those of the Antivirus Companies, if someone or something wants to attack your system, eventually it'll find a doorway in. There is a segment of the population who find it exhilarating to know that they can sit at home and infiltrate an individuals home computer or the computers at NASA or our beloved Sim-Outhouse with a few keystrokes. Even if we find a way to kill that one pesky virus, it just energizes them to find a way to beat the program that beat them. So for now I'm seemingly in the clear and I hope to stay that way for the foreseeable future (how ever long that happens to be). Thanks to everyone who posted and gave their suggestions.

Hi,

This happened to me a while back...and since I don't run Firefox without Ghostery, NoScript, and BetterPrivacy as my add-ons to make sure I remain invisible.

For any websites that try to redirect or "capture" you, it usually consists of running a script that downloads a virus or Malware. NoScript cuts the buggers off at the knees, while BetterPrivacy prevents cookies from running, and Ghostery prevents third-party add-ons.

I ended up having to reload my O/S on my laptop this week. From initial install to current status with Vista Home Premium 64-bit with Microsoft Office 2007 Enterprise is about 175 updates, give or take, including Service Pack 2, and two Service Packs for Office, with their corresponding updates, so I feel your pain.

Ghostery, NoScript, and BetterPrivacy sound like they're good to have if you're using Firefox. Is there something comparable to these for using Internet Explorer?

Ghostery, NoScript, and BetterPrivacy sound like they're good to have if you're using Firefox. Is there something comparable to these for using Internet Explorer?

I found them through Google, rather than directly through Firefox as an add on.
By going that route I was able to find them both (Ghostery and BetterPrivacy) and had the option to download by right-click, "save target as" in case they get discontinued for some unknown reason.
When I went directly to the developers site for each of them, I noticed that there were versions for other browsers. You might get lucky and find what you need.

don't take it the wrong way, but the user is the computer's worst enemy. if you weren't going where the virus' are, you wouldn't have gotten them. smart browsing is 99% of the entire trick of remaining infection free. i have yet to find the virus i couldn't eventually cure with maleware bytes and a few others, while in safe mode. i also long ago turned off my windows restore thingy, a place trojans love to hide. if your gonna go where the virus' are, then learn your registry, watch your processes. you are your first line of defense. i use p2p, and torrent sites, i have teenagers here who visit the porn sites, and yet i get a bad one maybe once or twice a year. it rarely takes me more than 30 minutes to fix.
don't use f.f. or chrome, or exploder. use opera. don't keep your browser open when not surfing.
block your so called friends who refuse to eliminate the headers in all those worthless emails they send out. get off of facebook and all the retarded games. it's not that hard.

don't use f.f. or chrome, or exploder. use opera.

AGREED!!