Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tenacious Sirefef


  • Please log in to reply
1 reply to this topic

#1 Solan

Solan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 03 February 2012 - 02:46 PM

So, I've been going around the Internet a few times, trying solutions I could dig up, even going as far as to ask MS tech support for help... yeah, I'm getting desperate here.
I have a new laptop with Windows 7 (64-bit), and a program apparently snuck its way into my computer while I was browsing a less-than-secure wiki site for one of my favorite games. MSE and Avast identify it as "Sirefef.B", also known as ZeroAccess. The maddening thing is, most anti-malware programs out there can't detect it, including TDSSKiller and RKill. I've tried running both programs in both normal and Safe Mode with no success.
The most crippling problem is this. Whatever Sirefef.B is, whenever I remove the core file at C:/Windows/System32/consrv.dll, my computer becomes unable to reboot. I suspect that it's altered my registry somehow so that it's regarded as a part of the boot files (so that when I boot, Windows attempts to start consrv.dll, then triggers an error when it can't find it), although as I'm not a tech expert I can't be sure if this is true.
So, bottom line, I have a trojan that's somehow sunk its claws into my 64-bit system even though supposedly it generally only infects 32-bit, and when I try to just remove it, it kills my computer's boot capability and I have to System Restore (at which point it's right back where it was). Is there a way I can clear out my registry of whatever it seems to have done and get my computer clean once more?

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:16 PM

Posted 03 February 2012 - 02:51 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users