eset scanning problem

Discussion in 'ESET NOD32 Antivirus' started by firestorm31, Jul 7, 2012.

Thread Status:
Not open for further replies.
  1. firestorm31
    Offline

    firestorm31 Registered Member

    http://www.wilderssecurity.com/showpost.php?p=2082444&postcount=1

    its similar to what this guy had on his computer but I have other issues going on.

    In my case, I click a link on google search, it takes me to a different site in a new tab. Also, randomly, a new site pops up in a new tab.
    current version: eset nod32 av 4.2.71.2.

    Alert reports (white box) that I had 2 different infections. 1 was supposed to be already cleaned, and the other was not able to clean it because a file (services.exe) was in use.

    I'm also getting a lot of pop up alerts (red header) on the virus and trojan with clean greyed out, delete & no action in black.

    Another pop up alert (white box) tells me that it can't clean because a file is in use, and asks me to reboot. I did that I still got the error alerts.

    Please advise, how I can get this resolved.

    my log reports this: Antivirus - Error
    7/6/2012 23:44:12 PM - During execution of Personal firewall on the computer BRUCE-PC, the following warning occurred: An error occurred while starting services. Analysis of application protocols (POP3, HTTP) will not function.

    my log reports this: Antivirus: Threat alert
    07/06/2012 23:44:46 PM - Module Startup scanner - Threat Alert triggered on computer BRUCE-PC: Operating memory > C:\Windows\assembly\GAC_32\Desktop.ini contains a variant of Win32/Sirefef.EZ trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\Installer\{6e257e54-c1f8-23db-0661-6b8c08869142}\U\80000000.@ contains Win64/Sirefef.AE trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\assembly\GAC_32\Desktop.ini contains Win32/Sirefef.EZ trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\Installer\{6e257e54-c1f8-23db-0661-6b8c08869142}\U\00000008.@ contains Win64/Agent.BA trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\assembly\GAC_64\Desktop.ini contains Win64/Sirefef.AD trojan.
    7/6/2012 23:49:16 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\Installer\{6e257e54-c1f8-23db-0661-6b8c08869142}\U\80000000.@ contains Win64/Sirefef.AE trojan.
    7/6/2012 23:50:28 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\WINDOWS\SYSTEM32\SERVICES.EXE contains Win64/Patched.B.Gen trojan.
    7/6/2012 23:52:12 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\WINDOWS\SYSTEM32\SERVICES.EXE contains Win64/Patched.B.Gen trojan.
    Last edited: Jul 7, 2012
  2. stackz
    Offline

    stackz Registered Member

    Complete the READ & RUN ME FIRST at Majorgeeks and then post all requested logs in their Malware Removal forum.
  3. Cudni
    Offline

    Cudni Global Moderator

  4. Marcos
    Offline

    Marcos Eset Staff Account

    Run "sfc /scannow", then restart the computer and run a full disk scan to find and remove potential threats.
  5. richard93
    Offline

    richard93 Registered Member

    a variant of Win32/Adware.OneStep application this keeps poping up when ever i scan and it is unable to be cleaned can some one help me
Thread Status:
Not open for further replies.