j-sticka

Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean This is a major catastrophy!!! I was downloading mods for Grand Theft Auto: San Andreas (with U TORRENT) and got all kinds of alerts from my Eset and other programs. Also a program that claimed to be an anti-virus that i know i didn't intentionally download... was telling me that i was infected. Anyway... i have run all kinds of programs to try to get rid of it and to no avail. Normally one would get rid of this by utilizing system restore perhaps but my restore utility (although claiming to be monitoring) shows no restore points except today! I tried Malware Bytes... it won't even pull up. So i tried to defrag... my DEFRAGGLER and the computers DEFRAG always encounter error and will shut down. Now... this particular scan didn't pick up on this Trojan (i don't know why) but i desperately need some assistance. Eset finds it every time but always is UNABLE TO CLEAN!!! I also have this known issue with IE...8 i think... and it just gives me a box that says that it has encountered a problem and needs to close... this is no issue for me because i use Firefox... however... about every 5 to 10 minutes... i get that stupid box that pops up for no apparent reason. I think that whatever has got my computer is trying to access something using internet explorer as this was not occurring prior to my botched attempt to enhance a darn GAME! This computer is my Work station and i need it working and clean to make my living. If anyone knows what this is and how to get rid of it... PLEASE tell me! Now... I am not trying to hijack this thread. My intention is to make everyone aware that currently this utility and most (if not all) others cannot fix this and this one didn't detect it. So... i figure someone has the knowledge to help me and perhaps, if i am successfully assisted, the knowledge leading to my success could be integrated into Security 360 to make it better than it already is... perhaps! Oh... on a positive note... i ran like 10 or more different utilities prior to trying this one and it still found some crazy amount of errors...lol. and it fixed them all!!! way to go! I, despite my afore mentioned disposition, am very pleased and believe this is much better and more user friendly than the average utility. I plan to keep this on my computer as it runs right along side of Eset with no problems and it appears to be a light program...so far! here are the two latest scan reports: IObit Security 360 OS:Windows XP Version:0.3.1.20 Define Version:1112 Time:8/10/2009 12:59:56 AM |Name|Type|Description|ID| Tracking Cookies - Removed, Cookies, http://bannerfarm.ace.advertising.com/bannerfarm/84352/siteIDs.txt, 7-13 Tracking Cookies - Removed, Cookies, http://spd.pointroll.com/PointRoll/Ads/PRScript.dll?v=112&pos=0&init=0&delay=0&push=0&set=1&bye=1, 7-2056 Tracking Cookies - Removed, Cookies, http://googleads.g.doubleclick.net/pagead/test_domain.txt, 7-1386 Tracking Cookies - Removed, Cookies, http://turn.api.lookery.com/targeting?api_key=b4c72fba81f451983647fa6e7483ca86&v=2&hitsonly=1&r_url=http%3A%2F%2Fr.turn.com%2Fr%2Fbd%3F%26ddc%3D1%26pid%3D11%26uid%3D%7Bprofile_id%7D%26gender%3D%7Bprofile_gender%7D%26yob%3D%7Bprofile_yob%7D%26zip%3D%7Bprofile_zip%7D%26city%3D%7Bprofile_city%7D%26state%3D%7Bprofile_state%7D%26country%3D%7Bprofile_country%7D%26hasqry%3D%7Bprofile_search_has%7D%26qry%3D%7Bprofile_search_last%7D, 7-2178 Tracking Cookies - Removed, Cookies, Cookie:user@tag.contextweb.com/, 7-1754 Tracking Cookies - Removed, Cookies, Cookie:user@turn.com/, 7-2178 Tracking Cookies - Removed, Cookies, Cookie:user@ad.yieldmanager.com/, 7-1548 Tracking Cookies - Removed, Cookies, Cookie:user@contextweb.com/, 7-1754 Tracking Cookies - Removed, Cookies, Cookie:user@quantserve.com/, 7-2083 Tracking Cookies - Removed, Cookies, Cookie:user@proactiv.com/, 7-2192 Trojan.FakeAlert - Removed, Registry Key, HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058}, 5-4356 Trojan.FakeAlert - Removed, Registry Key, HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d}, 5-4998 Trojan.FakeAlert - Removed, Registry Key, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d}, 5-4998 Trojan.FakeAlert - Removed, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d}, 5-4998 Trojan.Agent - Quarantined, File, C:\WINDOWS\system32\uacinit.dll, 4-3491 Trojan.FakeAlert - Quarantined, File, C:\WINDOWS\system32\msxml71.dll, 4-15303 Trojan.FakeAlert - Removed, Registry Key, HKEY_CLASSES_ROOT\XML.XML, 4-15620 Trojan.FakeAlert - Removed, Registry Key, HKEY_CLASSES_ROOT\XML.XML.1, 4-15620 Trojan.FakeAlert - Removed, Registry Key, HKEY_CURRENT_USER\SOFTWARE\XML, 4-15702 Rootkit.Trace - Removed, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\UAC, 4-19944 Malware.Trace - Removed, Registry Key, HKEY_CURRENT_USER\SOFTWARE\ColdWare, 4-21293 Trojan.FakeAlert - Removed, Registry Key, HKEY_CURRENT_USER\SOFTWARE\Monopod, 4-32406 Malware.Trace - Removed, Registry Key, HKEY_CURRENT_USER\SOFTWARE\NordBull, 4-32668 Trojan.Downloader - Quarantined, File, C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job, 4-32669 Trojan.Downloader - Delete to reboot, File, C:\WINDOWS\msa.exe, 12-252 Eset Smart Security 4 Scan Log Version of virus signature database: 4320 (20090809) Date: 8/10/2009 Time: 1:00:48 AM Scanned disks, folders and files: Operating memory Operating memory - Win32/Rootkit.Agent.ODG trojan - unable to clean <----- AAAHHH... GO AWAY!!!!! :lol: Number of scanned objects: 421 Number of threats found: 1 Number of cleaned objects: 0 Time of completion: 1:01:23 AM Total scanning time: 35 sec (00:00:35) *NOTE* On Eset i only scanned the operating memory this time so i could show that it is still there. Anyone... HELP!!!!