=>_!!!_!!!_!!!_ U3ROM _!!!_!!!_!!!_

Why NOD32 can not delete this virus?

How can I get rid of this virus?
Which program to clean up this virus?

 

Please follow the instructions in this post to get help or wait for a ESET Mod! https://www.wilderssecurity.com/showpost.php?p=1533481&postcount=3

TH

 

Prevx, does remove this virus?

 

It's not clear what was the exact name of the threat as well as what file/path it was detected in.

 

The virus settled in my memory is flash. Does not allow formatting, does not allow to remove. Safe mode and with cmd, can not be formatted. Seems continuous use.
N: \ U3ROM \ default32.ico - 0byte
N: \ U3ROM \ System32.exe - 1.42mb
-U3ROM folder is hidden and not replace, rename.
-default32.ico file. can be removed.
-System32.exe file, hidden and can not be modified, renamed.

 

Do you have a name of the threat? Maybe the Flashdrive is dead? We need more info Please! Just in case the threat is called U3ROM from Google http://www.google.ca/webhp?hl=en#hl...=f&aqi=&aql=&oq=&gs_rfai=&fp=b9d78f0bf4c07ec7

TH

 

Hello,

What does your copy of ESET NOD32 Antivirus detect the worm as, exactly?

It should detect the threat by a name like "INF\AUTORUN" or "Win32\Example" and so forth.

Knowing the name by which ESET's software identifies the threat will be the first step in being able to assist you with removing any malware from infected media.

Regards,

Aryeh Goretsky

 

I have the exact same problem. My external drive has it as "U3ROM". I first felt there was something wrong with my drive, cuz its icon changed to a folder image. Then a couple of times I couldn't access my drive. It would say that it was being used by another program. I ran ESET nod32, and it found the problem but couldn't delete or quarantine the virus. Looked it up online and found this thing so called "U3ROM.bat". I tried U3ROM.bat, and then deleted it manually. After I restarted it, there it was again! After some more searching online I found kill_amvo_virus_usb thingy. Ran it. And it made all of the invisible files and folders visible on my drives. And said that it got rid of the virus and my drives were clean. But after I restarted there it was again. And then I noticed all of my drives (C, D, E) also had this auto run folder(AUTORUN.INF). I know damn well that that thing is still on my drives. But I don't know how to get rid of it. I didn't try to format it. Because I have lots of big files that I need in it. And there is no way for me to transfer them elsewhere before I do anything. So I really need some ideas to feel normal about my pc again. Thanks, and help me please....

 

Hello,

I would suggest opening a ticket with ESET's technical support engineers to arrange for a more detailed investigation of the infected computer. One thing that will be helpful is to have an ESET SysInspector log available for them to examine.

You can download a copy of ESET SysInspector from ESET, create a log file and mail it to support@eset.sk for analysis by a support engineer.

Regards,

Aryeh Goretsky