MBAM Found C:\Windows\Installer{7a4589aa-0fe8-9a93-c253-b2418507d24f}\n (Trojan.Sirefef)
and said it was removed but I am still getting warnings from avast about 80000000.@ and 800000cb.@
All logs attached (mbam, aswMBR, OTL) 8)
malware removers are notified: It may take sveral hours before one arrive so be patient
Okay good thanks 
Hi mdadaw, welcome to the forum.
To make cleaning this machine easier
[*]Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs.
[*]Please do not run any scans other than those requested
[*]Please follow all instructions in the order posted
[*]All logs/reports, etc… must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
[*]Do not attach any logs/reports, etc… unless specifically requested to do so.
[*]If you have problems with or do not understand the instructions, Please ask before continuing.
[*]Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.
Download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop
[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
[*]Right click on ComboFix.exe, click Run as Administrator & follow the prompts.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer’s settings, including making I-E the default browser.
3. If after running combofix you recieve an message “Illegal operation attempted on a registery key that has been marked for deletion” or similar reboot the computer.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty [u]and terminates prematurely, the connection can be manually restored by restarting your machine.
Please post back with the combofix log.
Thanks
I think I could read from it that it was found and fixed but will leave this to the malware removers.
Log attached
Hi mdadaw,
Please follow all previous instructions regarding security programs.
Open a new Notepad session
[*]Click the Start button, click run
[*]in the run box type notepad
[*]click ok
[*]In the notepad, Click “Format” and be certain that Word Wrap is not checked.
[*]Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
File::
C:\Users\Carl\AppData\Local\{7a4589aa-0fe8-9a93-c253-b2418507d24f}\@
Folder::
C:\Windows\Installer\{7a4589aa-0fe8-9a93-c253-b2418507d24f}\U
C:\Windows\Installer\{7a4589aa-0fe8-9a93-c253-b2418507d24f}
C:\Users\Carl\AppData\Local\{7a4589aa-0fe8-9a93-c253-b2418507d24f}
In the notepad
[*]Click File, Save as…, and set the Save in to your Desktop
[*]In the filename box, type (including quotation marks) as the filename: “CFScript.txt”
[*]Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.
This will start ComboFix again.Close all browser/windows first.
Note: Do not mouseclick combofix’s window while it’s running. That may cause it to stall
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Please post back with the combofix log.
How’s the computer?
Computer is fine haven’t had any avast warnings at least
Log Attached
Hi mdadaw,
That looks ok.
Please navigate to C:\Qoobox. There should be a text file named Add-Remove Programs.txt.
Hi! I’m having the same problem…
I have followed your instructions and got the log txt from Combofix (see attached)
Could you pls help me? 
Thanks a million in advance!!