Cannot remove Trojan from PC

Microsoft Windows xp pro with sp3 multil...
January 14, 2010 at 09:43:12
Specs: Windows Pro XP SP3, P 4D 3GHz/4GB
Cannot remove a Trojan from my PC...

Malwarebytes' Anti-Malware 1.44
Database version: 3562
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15/01/2010 4:05:59 AM
mbam-log-2010-01-15 (04-05-59).txt

Scan type: Quick Scan
Objects scanned: 107479
Time elapsed: 3 minute(s), 22 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
c:\program files\internet explorer\wmpscfgs.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Mark\Local Settings\Temp\wmpscfgs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\wmpscfgs.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Mark\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Also tried SDFix, no success:

[b]SDFix: Version 1.240 [/b]
Run by Mark on Fri 15/01/2010 at 03:05 AM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File


[b]Checking Files [/b]:

No Trojan Files Found

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2010-01-15 03:11:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

Authorized Application Key Export:

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"="C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files [/b]:

[b]Files with Hidden Attributes [/b]:

Fri 15 Jan 2010 57,856 ...H. --- "C:\Documents and Settings\Mark\aihpf.exe"
Sun 10 May 2009 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"


Any assistance would be greatly appreciated.

See More: Cannot remove Trojan from PC

Report •

January 15, 2010 at 09:53:27
Doing a "quick scan" with MalwareBytes, as you log suggested you did, will do little for any "smart" virus program. Be sure you have the latest definitions, go to safe mode and do a full scan, which will take hours. Problem resolved.
You're welcome.

Report •

January 16, 2010 at 02:02:24
Hey Thanks. It worked!

Report •

Related Solutions

Ask Question