eset scanning problem

Discussion in 'ESET NOD32 Antivirus' started by firestorm31, Jul 7, 2012.

Thread Status:
Not open for further replies.
  1. firestorm31

    firestorm31 Registered Member

    Joined:
    Nov 9, 2011
    Posts:
    6
    Location:
    USA
    http://www.wilderssecurity.com/showpost.php?p=2082444&postcount=1

    its similar to what this guy had on his computer but I have other issues going on.

    In my case, I click a link on google search, it takes me to a different site in a new tab. Also, randomly, a new site pops up in a new tab.
    current version: eset nod32 av 4.2.71.2.

    Alert reports (white box) that I had 2 different infections. 1 was supposed to be already cleaned, and the other was not able to clean it because a file (services.exe) was in use.

    I'm also getting a lot of pop up alerts (red header) on the virus and trojan with clean greyed out, delete & no action in black.

    Another pop up alert (white box) tells me that it can't clean because a file is in use, and asks me to reboot. I did that I still got the error alerts.

    Please advise, how I can get this resolved.

    my log reports this: Antivirus - Error
    7/6/2012 23:44:12 PM - During execution of Personal firewall on the computer BRUCE-PC, the following warning occurred: An error occurred while starting services. Analysis of application protocols (POP3, HTTP) will not function.

    my log reports this: Antivirus: Threat alert
    07/06/2012 23:44:46 PM - Module Startup scanner - Threat Alert triggered on computer BRUCE-PC: Operating memory > C:\Windows\assembly\GAC_32\Desktop.ini contains a variant of Win32/Sirefef.EZ trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\Installer\{6e257e54-c1f8-23db-0661-6b8c08869142}\U\80000000.@ contains Win64/Sirefef.AE trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\assembly\GAC_32\Desktop.ini contains Win32/Sirefef.EZ trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\Installer\{6e257e54-c1f8-23db-0661-6b8c08869142}\U\00000008.@ contains Win64/Agent.BA trojan.
    7/6/2012 23:45:14 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\assembly\GAC_64\Desktop.ini contains Win64/Sirefef.AD trojan.
    7/6/2012 23:49:16 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\Windows\Installer\{6e257e54-c1f8-23db-0661-6b8c08869142}\U\80000000.@ contains Win64/Sirefef.AE trojan.
    7/6/2012 23:50:28 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\WINDOWS\SYSTEM32\SERVICES.EXE contains Win64/Patched.B.Gen trojan.
    7/6/2012 23:52:12 PM - Module Real-time file system protection - Threat Alert triggered on computer BRUCE-PC: C:\WINDOWS\SYSTEM32\SERVICES.EXE contains Win64/Patched.B.Gen trojan.
     
    Last edited: Jul 7, 2012
  2. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    586
    Location:
    Over the Rainbow
    Complete the READ & RUN ME FIRST at Majorgeeks and then post all requested logs in their Malware Removal forum.
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,332
    Run "sfc /scannow", then restart the computer and run a full disk scan to find and remove potential threats.
     
  5. richard93

    richard93 Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1
    Location:
    trinidad
    a variant of Win32/Adware.OneStep application this keeps poping up when ever i scan and it is unable to be cleaned can some one help me
     
Thread Status:
Not open for further replies.