1. Run regedit.
2. Navigate to:
3. Create a DWORD value under Lsa
4. Set the value to 1
5. quit regedit
5. from Start/Run type gpupdate /force
On Windows 2000 Server: go to start, run, type gpedit.msc and click ok.
Under computer comfiguration, windows settings, security setting, local policies, security options.
Look for LAN Manager Authentication Level. Set it to SEND LM & NTLM - use NTLMv2 session security if negociated.
Then run these commands :
secedit /refreshpolicy user_policy
secedit /refreshpolicy machine_policy
Just got done cleaning my Windows 7 64bit desktop computer of the nasty Sirefef-FQ Virus. It started with page redirecting in IE/Chrome/Firefox:
Windows Defender was disabled
Security Essentials didn't work
nslookup returned error message: The ordinal 1112 could not be located in the dynamic link library WSOCK32.dll
After hours of searching, the simpliest solution to clean the virus found in:
1) Create another account with administrator rights
2) Log into newly created account
3) Enable Windows Defender and scan
4) Uninstall and reinstall Security Essentials and scan
5) Do not reboot when asked, but wait for both Gac_32/Gac_64 files to be found and cleaned
6) PC restored to normal again