|
|
#1
June 27th, 2009, 10:30 AM
|
|||
|
|||
virus in operating memory!! need help T_T
It says Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean
and whenever i open firefox it crush. and i only can use internet explorer. and when i empty recycle bin. it keep asking if i want to delete "WINDOWS" need help here please  |
|
#2
June 27th, 2009, 10:35 AM
|
||||
|
||||
|
Re: virus in operating memory!! need help T_T
try scanning with eset in safe mode and if still a problem try another av
see http://www.wilderssecurity.com/showthread.php?t=243829 http://www.bleepingcomputer.com/forums/topic236835.html
__________________
once we only had ideals, today they are the only things we are missing Microsoft MVP, 2006 - 2013/14 |
|
#3
June 27th, 2009, 11:21 AM
|
|||
|
|||
|
Re: virus in operating memory!! need help T_T
what version of nod32 do you use?
upgrade to version 4 since it has better cleaning. what operating system do you use? post a sysinspector report http://www.eset.com/download/sysinspector.php im sure an eset mod will help you. do remember its the weekend so you may have to wait until monday for a reply from an eset mod. if version 4 cant clean it and you cant wait for a reply from someone at eset try drweb cure it link in my sig.
__________________
useful tools:cure it SAS Hitman Pro mbam KL Eset windows defender offline Sophos Last edited by lodore : June 27th, 2009 at 11:38 AM. |
|
#4
June 27th, 2009, 02:39 PM
|
||||
|
||||
|
Re: virus in operating memory!! need help T_T
I agree with Iodore that it's best to leave for an ESET Mod for Monday or until one chimes in on this thread.
Have you tried How do I run a scan in Safe Mode? http://kb.eset.com/esetkb/index?page...nt&id=SOLN2272
__________________
siljaline MS MVP Alum . MVPS HOSTS . Rename Hosts . ESET for Business . 10 Immutable Laws of Security . System Lookup . ESET Threat Blog . MBAM |
|
#5
June 27th, 2009, 05:41 PM
|
|||
|
|||
|
Re: virus in operating memory!! need help T_T
Just my 2 cents -
This threat is so common in the region I live/work that you can't even imagine . I clean it off computers on weekly basis . I haven't seen such a common rootkit before . Anyway - NOD32 itself (not even v4) can't clean it . It can just detect it . ESET SysInspector does detect some of the hidden files (but some , not all) . There are so many additional files involved (perhaps they protect each other) . GMer can't complete scans sometimes . Other tools like Rootkit Revealer , too . Common programs refuse to start .The only thing that seems to help is Combofix (running renamed) . It successfully detects the files ,hidden services,drivers and deletes them with no problem. Not all files are detected sometimes but can be deleted with ComboFix script. To be honest I haven't tried if ESET SysRescue can help or if NOD32 detects all the malicious files from a scan in non-Windows environment but with Windows running , ESET NOD32 can't clean this pest off on its own. Good news is it can at least detect the rootkit and notify the user . P.S. The cents have become more than simply 2 , but ...  |
|
#6
June 27th, 2009, 10:03 PM
|
|||
|
|||
|
Re: virus in operating memory!! need help T_T
i'm using ESET NOD32 Version 4
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
