Struggling with Win32:Sirefef-PL

[kykiske]

I have right-clicked and run ComboFix as an admin, but, as far as I can see, ComboFix is not returning a .txt report.
Please advise.

[kykiske]

To update, I've tried again and this time ComboFox rebooted the machine with the status bar at just over halfway (rather than just going to the end and disappearing), and is now running a process on a blue screen (which seems more promising).

[jeffce]

Ok just let it run... 

[kykiske]

We are done! ComboFix report attached as promised.

[jeffce]

Hi,

Malwarebytes

I see that you have Malwarebytes already on your computer.  Please open Malwarebytes, update it and then run a Quick Scan.  Save the log that is created for your next reply.
----------

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan[/i]

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
• Click Start
  
• Make sure that the options Remove found threats is NOT selected and the option Scan unwanted applications is selected.
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic

----------

Download Security Check by screen317 from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------

[kykiske]

On it now.

[kykiske]

As promised...

MWB log attached.
log.txt report from ESET Online Scanner attached.
checkup.txt from Security Check attached.

Thanks for sticking with this.

[jeffce]

Hi,

How is your system running? 

[kykiske]

Everything seems okay.
Avast is reporting no attacks and the system is running smoothly.

Two niggles:
1) I'm getting a 'csc.exe. Application unable to start correctly' when I shut down and/or restart
2) I recall that the ESET Online Scanner picked up three infections. Have those now been cleared?

[jeffce]

I recall that the ESET Online Scanner picked up three infections. Have those now been cleared?

The log you gave me did not show anything? 

[kykiske]

Okay. I shall rerun and resend.

[kykiske]

Quick update. I'm 49% through Step 3 of 4 of the ESET Online Scanner, and below the scan progress area it says:

'Current scan result:
Threats found!
Win64/Patched.B.Gen trojan
a variant of Win32/Sirefef.FD trojan
Win64/Agent.BA trojan'

I'm pretty sure this is the same warning I saw last night which you say did not appear on the log.txt I sent yesterday.

I'll let the scan finish and send you the fresh log.

Thanks once again for your persistence.

[kykiske]

Okay. This is odd.

ESET finished and said their were threats (sorry closed the window, don't remember precisely what it said). But no new log was generated at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt. The file there is the same one I sent last night (time stamped 24/07/2012 22:01).

Thoughts?

[jeffce]

Do you remember seeing them in Qoobox or referenced as being there?

[kykiske]

Qoobox?