Amazing, thank for you so much for your continued support, and super quick responses. Really appreciate it!
I did as you advised - Uninstalled Combofix, and then got OTL, and ran it with the code you provided. Rebooted, and attached the log to this thread. The computer has been running just fine. Since the first Combofix in fact, and continues to do so now.
You will be asked to reboot the machine to finish the cleanup process, choose Yes.
After the reboot all the tools we used should be gone. Note: Some more recently created tools may not yet be removed by OTL. Feel free to manually delete any tools it leaves behind.
It will prevent infection by computer via USB flash drive, mobile phone or any other memory card.
And not only will prevent infection, but it will immediately clean flash drive, memory card or external HDD.
These two free software can be a great assistance to your current antivirus.
I’m sorry to sound so ignorant but I am getting the distinct feeling that trying to remove the "Win32:Sirefef-AOO[Trj]"virus is not a simple process. There is no single program to download that will rid my computer of this virus. Is that correct?
Since I do not feel comfortable doing some of the things described by many of the respondents, should I take it to a computer “specialist”?
Would that be the safest way? (Normally I would have my son handle this but he lives three hours away)
Mike, the problem is that rootkit does not just set&install some of his files as loading points. Antivirus/antimalware know thouse files but they cannot easily delete thouse.
Why? The trick is that this malware also patching some system file (it patching Service Control Manager’s executable file). Patched file should not be deleted
because file is system file and used by the OS. It is necessary to find a legitimate copy of the file and replace with patched-one.
(just to note that even the replacement is not simple procedure)
And here arises the problem for AV/AM.
So it’s not just enough to locate and try to do some violent deletion of thouse files (malware loading points) because the file system is still infected with patching one and malware on reboot continues to live.
Some tools have been updated and they have learned where to find a legitimate copy of the file with some Heuristic and triying to perform the replacement (if they even succeed).
But if a rootkit hiding a legitimate file to a different location or AV/AM does not know where to find or even there is no a valid copy of the legitimate file on the system…
…without this type of malware removal and scripting is generally not possible to completely (or fully) disinfect malware and then remove thouse loading points.