Unable to remove Backdoor.Bot and Malware.tra

Acer Travelmate 5720 tm5720-6722 noteboo...
March 24, 2010 at 04:57:31
Specs: Windows XP
Hi All,

I ran Malwarebytes and it indicated that my computer is infected with backdoor.bot and malware.trace, i have tried using the remove infected file option now like 10 times and each time after the reboot these files reappear. I really don't want to format the machine so any help would be highly appreciated.

Thanks in advance

Following is the log i get after using MBAM:

Malwarebytes' Anti-Malware 1.44
Database version: 3902
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24/03/2010 11:08:57
mbam-log-2010-03-24 (11-08-51).txt

Scan type: Quick Scan
Objects scanned: 145745
Time elapsed: 6 minute(s), 49 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 10
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
C:\WINDOWS\system32\9991.exe (Backdoor.Bot) -> No action taken.

Memory Modules Infected:
C:\WINDOWS\system32\BtwSvc.dll (Backdoor.Bot) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwsvc (Backdoor.Bot) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\buildw (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\ulrn (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\update (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\updatenew (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mbt (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udpe (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mpe (Malware.Trace) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\9991.exe (Backdoor.Bot) -> No action taken.
C:\WINDOWS\system32\BtwSvc.dll (Backdoor.Bot) -> No action taken

See More: Unable to remove Backdoor.Bot and Malware.tra

Report •

March 24, 2010 at 09:30:54
Have you tried manually removing the files from the System32 folder? - they are both definitely nasties - you may need to do it in safe mode, which could be the problem MBAM is having.

"I've always been mad, I know I've been mad, like the most of us..."

Report •

March 25, 2010 at 00:49:08
Thanks for your reply, i have tried that but have had no luck! Since i am running out of time i have decided to go ahead and format the machine, which seems to be the fastest way to go.

thanks for your help, really appreciated.

Report •

Related Solutions

Ask Question