Help Me Cant get rid of sirefef,

[jeffce]

Hi,

Let's get rid of those.

• Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
  

Code: [Select]

ClearJavaCache::

File::
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TF98LG0\firstload_com[1].htm
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW5ETHQ5\mx_nan_a[1].htm
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OGQQM89F\mx_nan_a[1].htm


• Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
  
  
  
  
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
  

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

[Ihatesirefef]

Ok, Here is the log

[jeffce]

Hi,

How is your system running? 

[Ihatesirefef]

Updated Post:

Seems to be running ok right now, But ill put some problems that I see below,
Avast hasn't detected anything in about 1-2 days, and before that during the fixes the alerts slowly went down,
So hopefully its gone,
Did run another Malwarebytes, didnt find anything,
Should I run another Eset?
(Or am I just paranoid that its not gone yet?)

But

"How is your system running?   "
Is usually a good sign 

Just two problems, Might be with all the anti viruses on my computer( Although Avast is the only one Active)
Problems:
-Windows Update, wont let me install updates: Windows Update error 80246008(Background Intelligent Transfer Service (BITS), So BITS is off or something, but when it tills me to go to services its not there...
According to Microsoft/people its "Corrupt, damaged, or otherwise missing service…"
So that may be a major problem, Hopefully its not...

- Blue Screened twice today, Once shortly after the scan, and one a few hours later,( Anytime it bluescreens, I am using it, system slows down/freezes then it blue screens)
1st one said something about APC index mismatch, other one Said nothing, just gave some errors

But hasn't blue screened after that...

Other than that computer seems normal...

[jeffce]

Hi,

Windows Update, wont let me install updates: Windows Update error 80246008(Background Intelligent Transfer Service (BITS), So BITS is off or something, but when it tills me to go to services its not there...
According to Microsoft/people its "Corrupt, damaged, or otherwise missing service…"
So that may be a major problem, Hopefully its not...

Let's get a look at that...

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
• Internet Services
  
• Windows Firewall
  
• System Restore
  
• Security Center
  
• Windows Update
  
• Windows Defender

• Press "Scan".
  
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please attach the log to your reply.

----------

[Ihatesirefef]

Ok Did that,

But Avast fullscan detected Win32: Malware -gen,

In qoobox\quarantine in windows installer,

I moved it to chest,

Ran malwarebytes after didnt find anything, but ill post the Malwarebytes log anyways if you want  to see it...

[jeffce]

Hi,

No need to worry about that file.  It was already quarantined.  Let's get that Windows Update working again.

Following steps involve registry editing. Please create new restore point before proceeding!!!
Let's Set a Restore Point.

• Go to Start
  
• Select Control Panel
  
• Select System
  
• Select the System Protection link in the left-hand task list
  
• Check the disk drive for which you would like to turn system restore on
• Click the "Apply" button. System Restore will now monitor and create restore points for the checked disk drive.
• Press Create button
  
• Type a description of the Restore Point of your choosing
• Press the Create button
  
• Press Finish

----------

Under my picture to the left there is a Globe. 
Click on that and it will take you to my web page. 
When you get there download the file BITS.reg to your Desktop. 
Once it is there, double click on it and accept the prompts. 
Try to run Windows Update and then run a new scan with Farbar Service Scanner and attach that log.

[Ihatesirefef]

Ok, posted it

Still didnt let me update,

Still no BITS in the services that microsoft tells you to go to...
--------------------------------------
Update,
After a restart, the Bits service was there, and its letting me update, so Ill try to finish updating now...
--------------------------------------
Update,
Windows blue screened

All updates installed except:
Cumulative security update for IE9
Error 8007000D
---------------------------------------
Update,
The last update installed now,
Ill post a new FSS scan... if you want to see it...
--------------------------------------
Update,
The last last Windows update is now popping up again, and wont install now
Error 8007000D

[jeffce]

Go here >> http://support.microsoft.com/kb/971058 and run the Fix It button and then let me know if you are still getting the error messages. 

[Ihatesirefef]

Says it fixed stuff,

But still getting the error after running the tool,

Its just that one update that wont work, all other updates worked,

Is it because of the virus that it wont work? Or did the virus damage it?
How do I know for sure, if the virus is gone, and if I still have it? or do you know from the logs? 

[jeffce]

I can't say whether this is a result of the infection 100%.  I can say that it seems that the infection is gone however.

What is the error code you are receiving?  What update will not download/install?

[Ihatesirefef]

Sweet if its really gone, 
Thank you a lot for getting rid of it,
---
Is it minor problem that its not updating or a major one?
Its the same error as before:

8007000D

[jeffce]

Hi,

Read the information here >> http://blog.techprognosis.com/2011/06/18/how-to-fix-windows-7-update-error-code-8007000d.html  If you are comfortable with performing this give it a try and see if that helps. 

[Ihatesirefef]

Yeah, Seems to have worked...

Computer seems to be running normal now,

but it did blue screen once today, Apc index mismatch,
Hopefully it wont again,

Other than that I dont see any other problems right now...

[jeffce]

  Sounds good.  Let it run for today and then let me know how it is running tomorrow and if it is fine we will remove our tools.