Fix Need Help Virus Win32/Rootkit.Agent.ODG (Solved)

Home > Need Help > Need Help Virus Win32/Rootkit.Agent.ODG

Need Help Virus Win32/Rootkit.Agent.ODG

Please download The Avenger2 by Swandog46 to your Desktop.Right click on the Avenger.zip folder and select "Extract All..." Follow the prompts and extract the avenger folder to your desktop2. Upon installing ESET NOD32 antivirus - I discovered I have the above virus - but can't locate and delete it. Post that information back hereI will review the information when it comes back in.2) ComboFixDownload ComboFix from one of these locations:Link 1Link 2* IMPORTANT !!! Let it run unhindered until it finishes. http://p2pzone.net/need-help/need-help-with-win32-rootkit-agent-odg.html

Please re-enable javascript to access full functionality. Error - 8/6/2009 6:45:06 AM | Computer Name = USERXP-SBNNJTBA | Source = Application Error | ID = 1000Description = Faulting application chrome.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.5755, fault A CCM membership gives you access to additional options. What do I do? 2 user(s) are reading this topic 0 members, 2 guests, 0 anonymous users Reply to quoted postsClear BleepingComputer.com → Security → Am I infected? http://www.bleepingcomputer.com/forums/t/247732/need-help-virus-win32rootkitagentodg/

Back to top #6 blackbox26 blackbox26 Topic Starter Members 6 posts OFFLINE Gender:Male Location:Indonesia Local time:02:18 PM Posted 09 August 2009 - 08:28 AM Sorry nitty,but I already solve the What do I do? Click here to Register a free account now! Check out the forums and get free advice from the experts.

Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.[Kill All Processes][Unregister Dlls][Registry - Safe List]< FireFox Settings A case like this could easily cost hundreds of thousands of dollars. To learn more and to read the lawsuit, click here. Something is still blocking Mozilla Firefox and Internet explorer..

Javascript Disabled Detected You currently have javascript disabled. Members can monitor the statuses of their requests from their account pages. Check the box that says Scan All Users Under Additional Scans check the following: File - Lop Check File - Purity Scan Evnt - EvtViewer (last 10) Now click the Run i have the log..

Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):Begin copying here: Files to delete: C:\WINDOWS\system32\drivers\hjgruiexymttar.sys C:\WINDOWS\system32\hjgruicfoptlex.dll C:\WINDOWS\system32\hjgruidlleimkm.dll C:\WINDOWS\system32\hjgruipakvxbep.dat c:\WINDOWS\system32\hjgruitqlypqki.datNote: the above The Avenger will automatically do the following:It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete" or "Drivers to Disable", The Avenger will actually A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise.

If something is found, click the Yes button when it asks you if you want to cure it.Once the short scan has finished, Click Options > Change settingsChoose the Scan tab http://www.geekstogo.com/forum/topic/248212-i-need-help-removing-win32rootkitagentodg-trojan-solved/ Error - 8/6/2009 7:01:44 AM | Computer Name = USERXP-SBNNJTBA | Source = Application Error | ID = 1000Description = Faulting application chrome.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.5755, fault Need help Virus Win32/Rootkit.Agent.ODG Started by blackbox26 , Aug 08 2009 01:59 AM Please log in to reply 9 replies to this topic #1 blackbox26 blackbox26 Members 6 posts OFFLINE Choose from the menu "File" => "Standard scripts " and mark the ďAdvanced System Analysis" check box.

Error - 8/6/2009 1:26:28 PM | Computer Name = USERXP-SBNNJTBA | Source = Application Error | ID = 1000Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module shell32.dll, version 6.0.2900.5622, fault have a peek at these guys As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Please re-enable javascript to access full functionality. The EC driver will retry the failed transaction if possible.

Back to top #5 DaChew DaChew Visiting Alien BC Advisor 10,317 posts OFFLINE Gender:Male Location:millenium falcon and rockytop Local time:03:18 PM Posted 09 August 2009 - 08:23 AM @nittyIf you I then ran a scan in rootrepeal in the ssdt tab and I've noticed that every time I reboot the functions that are hooked are being hooked by different modules on Make sure you reply to this thread only, do not start new topics.Please read my posts completely before following the instructions.Could you copy and paste the logs you have please? 0 check over here What do I do?

Automatic scanning, healing and system check will be executed. Error - 8/6/2009 12:45:46 AM | Computer Name = USERXP-SBNNJTBA | Source = Application Error | ID = 1000Description = Faulting application chrome.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.5755, fault Zbot/Zeus/Trojan-Banker.Win32.Bancos Trojan horse Agent.4.BC/Trojan horse Vundo.KA (Solved) Vista virus trojan-clicker.win32.small.kj (Solved) Virus Rootkit.Win32.TDSS.d (Solved) Windows 7 virus win32/small.CA trojan (Solved) Helpful +0 Report sharpman 1023Posts Saturday May 23, 2009Registration date ContributorStatus

Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

alright, here.. Several functions may not work. If you can't perform a certain step, or you're unsure on what to do, please stop and let me know. That may cause it to stall.2.

Create Account How it Works Javascript Disabled Detected You currently have javascript disabled. Terminate. 0 #14 Essexboy Posted 06 August 2009 - 12:42 PM Essexboy GeekU Moderator Retired Staff 69,964 posts And the OTS log please 0 #15 dman954 Posted 06 August 2009 - Please post the C:\ComboFix.txt log so we can continue cleaning the system. 0 #7 dman954 Posted 05 August 2009 - 04:39 PM dman954 Member Topic Starter Member 11 posts SysProt AntiRootkit this content Register now to gain access to all of our features, it's FREE and only takes one minute.

Click on Execute Answer "Yes" twice when prompted.4. It doesn't leave a log file, and at the end it says batch file not found. Several functions may not work. BLEEPINGCOMPUTER NEEDS YOUR HELP!