System 32 infected with Win32:Sirefef-ZT [Trj]

[Jindy]

If anybody could help I would really appreciate it.

[Asyn]

Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0

[essexboy]

Monitoring

[Jindy]

I can't access any web pages, (using google chrome) comes up with the security certificate has been revoked. Currently using an iPad to access this forum

[essexboy]

Are you able to access them with IE ?  If not I will give you links to the programmes I hold in my dropbox

[Jindy]

Am able to access, will post logs momentarily

[Jindy]

logs

[Jindy]

and the extras one for OTL

[essexboy]

OK killing time

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

THEN

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:Commands
[CREATERESTOREPOINT]

:OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2138707725-3357649288-2608841478-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
[2013/07/23 00:27:11 | 000,004,608 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2013/07/23 00:27:11 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

:Files
C:\WINDOWS\Installer\{f036bac4-b1a8-d067-d737-8fd048ab7bbf}
netsh advfirewall reset /c
netsh int ip reset c:\resetlog.txt /c
ipconfig /flushdns /c
ipconfig /release /c
ipconfig /renew /c

:Commands
[resethosts]
[emptytemp]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[Jindy]

sorry essexboy, been really busy, i will try this tonight and post the results. thanks for your help

[Jindy]

Combo fix has been seemingly stuck on "output folder: C\32788r22fwjfw" for over an hour now
Any help please?



Edit, fixed. Worked after and hour and half, phew

[essexboy]

Sometimes combofix has a problem with an infection and needs to beat it to death

[le potier]

Bonjour,

Je voudrais installer ma licence "AVAST INTERNET SECURITY", 3 PC sur le PC portable de ma fille.

Comment dois-je faire ?

Merci pour les conseils que vous pourrez me donner .

[Michael (alan1998)]

le potier, allez sur cette lien http://forum.avast.com/index.php?board=23.0 et cree une nouveau discussion sur votre probleme.

Merci,

Michael

(Je suis desole pour aucune Accents, j'ai utilise une claiver Francais)

[Jindy]

Ok, so I ran combo fix, then when the computer rebooted and it made the log, I tried the program's, and they were marked for deletion. As the instructions said, I rebooted the computer, when I rebooted it, windows updated 34 different things ( through windows update ) now that my computer is starting again it tried to apply the updates, failed, and now it's reverting the changes. Is this normal? Or should I have turned my Internet off when using combo fix.....