virus in operating memory!! need help T_T

Discussion in 'ESET NOD32 Antivirus' started by jeffrey159, Jun 27, 2009.

Thread Status:
Not open for further replies.
  1. jeffrey159

    jeffrey159 Registered Member

    Joined:
    Jun 27, 2009
    Posts:
    2
    It says Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean

    and whenever i open firefox it crush. and i only can use internet explorer. and when i empty recycle bin. it keep asking if i want to delete "WINDOWS"
    need help here please:'(
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    what version of nod32 do you use?
    upgrade to version 4 since it has better cleaning.
    what operating system do you use?
    post a sysinspector report
    http://www.eset.com/download/sysinspector.php

    im sure an eset mod will help you. do remember its the weekend so you may have to wait until monday for a reply from an eset mod.

    if version 4 cant clean it and you cant wait for a reply from someone at eset try drweb cure it link in my sig.
     
    Last edited: Jun 27, 2009
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  5. ASpace

    ASpace Guest

    Just my 2 cents -

    This threat is so common in the region I live/work that you can't even imagine . I clean it off computers on weekly basis . I haven't seen such a common rootkit before . Anyway - NOD32 itself (not even v4) can't clean it . It can just detect it . ESET SysInspector does detect some of the hidden files (but some , not all) . There are so many additional files involved (perhaps they protect each other) . GMer can't complete scans sometimes . Other tools like Rootkit Revealer , too . Common programs refuse to start .The only thing that seems to help is Combofix (running renamed) . It successfully detects the files ,hidden services,drivers and deletes them with no problem. Not all files are detected sometimes but can be deleted with ComboFix script.

    To be honest I haven't tried if ESET SysRescue can help or if NOD32 detects all the malicious files from a scan in non-Windows environment but with Windows running , ESET NOD32 can't clean this pest off on its own. Good news is it can at least detect the rootkit and notify the user .

    P.S. The cents have become more than simply 2 , but ... :D
     
  6. jeffrey159

    jeffrey159 Registered Member

    Joined:
    Jun 27, 2009
    Posts:
    2
    i'm using ESET NOD32 Version 4
     
Thread Status:
Not open for further replies.