I got hit today by a nasty bug or bugs... Bunch of boxes popped up all over my screen for XP Antispyware 2012. Saying it found 33 issues. And to click here to scan and/or purchase. Knowing full well I dont have this type of program on my computer I immediately pulled the cat3 cable out from the router and carefully closed the boxes out without clicking on a 'purchase now' or 'scan now' button. Ran Nod32 and it resulted in Documents&Settings/Local Settings/Application Data/Kyj.exe A variant of Win32/adware.XpAntispyware.Ac Application Cleaned by deleting (after the next restart)- Quarantined. So I restarted the computer- I Immediately noticed that Nod32 did not start up as there was no icon in the task bar. I then went to start/programs and clicked on Nod32 to start it up and all I got was a box asking me to 'open with' where you have to choose from the list a program or click browse to find the program. So I did that and got Nod32 to start up. Ran the Scanner again and the above apparently got cleaned, although Im not sure. In either case. in my log files under detected threats under 'name' it says now OperatingMemory>>/global??/149eb2dc/windows/$NTuninstallKB42562$/345944796/desktop.ini 'Threat' A variant of Win32/Sirefef.DN trojan 'Action' Cleaned by deleting Thinking that it was deleted. I Restarted the computer again, ran Nod again and now have the above listed twice under detected threats. I tried to open up other programs (whether located on the desktop or in the start menu) and I have the same problem where the 'open with' screen comes up and is wanting to know what program you want to use to open the program. So essentially I cant open anything unless I use 'Open with' and pick the program to use. I also have a newly created 'program' called 5y83wm7 but cant remember at this point where it was located. So it looks like at this point I need some help trying to figure out what I need to do to get Sirefef.Dn off my computer Thanks
Never close any suspicious pop ups using the "x", always use alt ctrl delete. Have use tried running a scan with Malwarebytes or Hitman Pro? If not that's what I would do next. Hopefully a security expert can give you more guidance. Here's are 2 places where you can get more help. http://www.dslreports.com/forum/cleanup http://www.bleepingcomputer.com/forums/forum103.html
in addition to links above submit inspector log and ask for assistance from Eset http://kb.eset.com/esetkb/index?page=content&id=SOLN2219 or ask for assistance from one of the volunteer sites https://www.wilderssecurity.com/showpost.php?p=1533481&postcount=3
there is no point to post them as this site does not assist directly with malware removal. see links for more suggestions
You can also contact Customer care and provide them with an ESET SysInspector log for perusal. Also running Combofix might fix potential issues, it creates a log that you could supply to customer care as well.
try this, if you have not cleaned it yet. http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012