virus in operating memory!! need help T_T

Discussion in 'ESET NOD32 Antivirus' started by jeffrey159, Jun 27, 2009.

Thread Status:
Not open for further replies.
  1. jeffrey159

    jeffrey159 Registered Member

    Joined:
    Jun 27, 2009
    Posts:
    2
    It says Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean

    and whenever i open firefox it crush. and i only can use internet explorer. and when i empty recycle bin. it keep asking if i want to delete "WINDOWS"
    need help here please:'(
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,041
    what version of nod32 do you use?
    upgrade to version 4 since it has better cleaning.
    what operating system do you use?
    post a sysinspector report
    http://www.eset.com/download/sysinspector.php

    im sure an eset mod will help you. do remember its the weekend so you may have to wait until monday for a reply from an eset mod.

    if version 4 cant clean it and you cant wait for a reply from someone at eset try drweb cure it link in my sig.
     
    Last edited: Jun 27, 2009
  4. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  5. ASpace

    ASpace Guest

    Just my 2 cents -

    This threat is so common in the region I live/work that you can't even imagine . I clean it off computers on weekly basis . I haven't seen such a common rootkit before . Anyway - NOD32 itself (not even v4) can't clean it . It can just detect it . ESET SysInspector does detect some of the hidden files (but some , not all) . There are so many additional files involved (perhaps they protect each other) . GMer can't complete scans sometimes . Other tools like Rootkit Revealer , too . Common programs refuse to start .The only thing that seems to help is Combofix (running renamed) . It successfully detects the files ,hidden services,drivers and deletes them with no problem. Not all files are detected sometimes but can be deleted with ComboFix script.

    To be honest I haven't tried if ESET SysRescue can help or if NOD32 detects all the malicious files from a scan in non-Windows environment but with Windows running , ESET NOD32 can't clean this pest off on its own. Good news is it can at least detect the rootkit and notify the user .

    P.S. The cents have become more than simply 2 , but ... :D
     
  6. jeffrey159

    jeffrey159 Registered Member

    Joined:
    Jun 27, 2009
    Posts:
    2
    i'm using ESET NOD32 Version 4
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.