So my problem is, 3 same trojans keep coming back after I remove them with Malwarebytes. I have tried 6 times with MBAM to remove the trojans, but they just come back. Also I do not know if this is related to the Trojans, but for some odd reason, my P2P program
utorrent does not work anymore. I try to execute it, but nothing happens. So I tried to uninstall it, but it wouldn't let me and I ended up just deleting the actual folder with all the files. Another program I have trouble with is a game client file (.exe) I downloaded it off the correct site and I'm pretty sure it's clean but just like the
utorrent problem, when I try to execute it, nothing happens. It just stand there. help would be appreciated.
Other info: I run on Windows XP professional and I currently don't have an anti virus and I doubt I can get any in the near future with this computer, as this device is essentially ancient. The computer would be slow at incomprehensible speeds, so that is why I don't have an anti virus.
MBAMMalwarebytes' Anti-Malware 1.44
Database version: 3747
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
2/19/2010 8:49:32 PM
mbam-log-2010-02-19 (20-49-32).txt
Scan type: Quick Scan
Objects scanned: 124567
Time elapsed: 9 minute(s), 29 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
C:\WINDOWS\svchost.exe (Trojan.Agent) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\powermanager (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 02/19/2010 at 07:54 PM
Application Version : 4.34.1000
Core Rules Database Version : 4597
Trace Rules Database Version: 2409
Scan type : Complete Scan
Total Scan Time : 02:38:52
Memory items scanned : 480
Memory threats detected : 1
Registry items scanned : 5782
Registry threats detected : 26
File items scanned : 69975
File threats detected : 78
Trojan.SVCHost/Fake
C:\WINDOWS\SVCHOST.EXE
C:\WINDOWS\SVCHOST.EXE
C:\WINDOWS\Prefetch\SVCHOST.EXE-16C7D411.pf
Adware.Tracking Cookie
C:\Documents and Settings\Richard\Cookies\richard@interclick[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@toplist[3].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@overture[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@insightexpressai[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@fastclick[1].txt
C:\Documents and Settings\Richard\Cookies\richard@burstnet[1].txt
C:\Documents and Settings\Richard\Cookies\richard@casalemedia[2].txt
C:\Documents and Settings\Richard\Cookies\richard@spylog[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\richard@pro-market[2].txt
C:\Documents and Settings\Richard\Cookies\richard@serving-sys[1].txt
C:\Documents and Settings\Richard\Cookies\richard@adcentriconline[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@tacoda[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@247realmedia[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@toplist[1].txt
C:\Documents and Settings\Richard\Cookies\richard@smartadserver[2].txt
C:\Documents and Settings\Richard\Cookies\richard@doubleclick[2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@advertising[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@adlegend[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\richard@statcounter[2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@mediafire[2].txt
C:\Documents and Settings\Richard\Cookies\richard@media6degrees[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\richard@invitemedia[1].txt
C:\Documents and Settings\Richard\Cookies\richard@57472748[2].txt
C:\Documents and Settings\Richard\Cookies\richard@cgi-bin[2].txt
C:\Documents and Settings\Richard\Cookies\richard@tribalfusion[2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@yadro[2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@collective-media[1].txt
C:\Documents and Settings\Richard\Cookies\richard@questionmarket[2].txt
C:\Documents and Settings\Richard\Cookies\[email protected][2].txt
C:\Documents and Settings\Richard\Cookies\richard@2o7[2].txt
C:\Documents and Settings\Richard\Cookies\richard@mediaplex[1].txt
C:\Documents and Settings\Richard\Cookies\richard@atdmt[2].txt
C:\Documents and Settings\Richard\Cookies\richard@apmebf[2].txt
C:\Documents and Settings\Richard\Cookies\richard@chitika[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@zedo[1].txt
C:\Documents and Settings\Richard\Cookies\[email protected][1].txt
C:\Documents and Settings\Richard\Cookies\richard@realmedia[2].txt
C:\Documents and Settings\jimmy\Cookies\jimmy@2o7[1].txt
C:\Documents and Settings\jimmy\Cookies\[email protected][1].txt
C:\Documents and Settings\jimmy\Cookies\[email protected][2].txt
C:\Documents and Settings\jimmy\Cookies\jimmy@atdmt[2].txt
C:\Documents and Settings\jimmy\Cookies\[email protected][1].txt
C:\Documents and Settings\jimmy\Cookies\jimmy@doubleclick[1].txt
C:\Documents and Settings\jimmy\Cookies\jimmy@trafficmp[1].txt
C:\Documents and Settings\William\Cookies\william@atwola[1].txt
C:\Documents and Settings\William\Cookies\william@doubleclick[1].txt
Virus.HiddenDragon
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#DeviceDesc
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000#Driver
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000\Control
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_POWERMANAGER\0000\Control#ActiveService
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#Type
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#Start
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager#Description
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager\Security
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager\Enum
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager\Enum#NextInstance
C:\QOOBOX\QUARANTINE\C\WINDOWS\SVCHOST.EXE.VIR
Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2B5FEA85-F8E2-4BD4-82C8-85241A71E15E}\RP67\A0023991.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2B5FEA85-F8E2-4BD4-82C8-85241A71E15E}\RP81\A0026149.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2B5FEA85-F8E2-4BD4-82C8-85241A71E15E}\RP83\A0027415.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2B5FEA85-F8E2-4BD4-82C8-85241A71E15E}\RP90\A0027589.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2B5FEA85-F8E2-4BD4-82C8-85241A71E15E}\RP96\A0029169.EXE