I can't get trojan.downloader off my computer

[tryumph]

I have run Malwarebytes' several times. Every time it tells me it has found this virus and it has been deleted from my computer but it is always there when I run it again. can you help me get me rid of it.

Malwarebytes' Anti-Malware 1.30

Database version: 1403

Windows 5.1.2600 Service Pack 3

4/11/2009 9:48:41 AM

mbam-log-2009-04-11 (09-48-41).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 165296

Time elapsed: 10 hour(s), 36 minute(s), 13 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP546\A0154793.sys (Trojan.Downloader) -> Quarantined and deleted successfully.

[negster22]

Hello and Welcome to Malwarebytes' Malware Removal forum.

That threat is safely locked away in your system restore data and it does not pose a threat as is. You can post a HJT log, updated MBAM log, and DDS scan reports, so I can verify whether you're otherwise clean, before purging your system restore points to get rid of that detection.

Please read HJT topic

http://www.malwarebytes.org/forums/index.php?showtopic=9573

Please download ATF Cleaner by Atribune

• Close Internet Explorer and any other open browsers
  
• Double-click ATF-Cleaner.exe to run the program.
  
• Under Main choose: Select All
  
• Click the Empty Selected button.
  

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
  
• NOTE: If you would like to keep your saved passwords, please click
  
• 
  
• No at the prompt.
  

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
  
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

Please note: The current version of MBAM is 1.36 so your are running a very outdated version.

Relaunch Malwarebytes' Anti-Malware

* Click the Update tab and Check for Updates- then wait for MBAM to update

* Click the Scanner tab, and select Perform Quick scan, then click Scan.

* When the scan is complete, click OK -> Show Results to view the scan results.

* Check all items found, and then choose the 'Remove Selected' option to move the selected items to the quarantine.

* When the scan is done, a log will open in Notepad with the scan results. Please post the results in your next reply.

_____________________________________________

Download DDS and save it to your desktop from here

Disable any script blocking programs you may have installed (such as Norton script blocking), and then double-click dss.scr to run the tool.

• When done, DDS will open two (2) logs:
  • DDS.txt
    
  • Attach.txt
    

  [*]Save both reports to your desktop

  [*]Please copy and paste both logs into your next reply,

To sum it up, I need to see:

1. An updated MBAM log

2. A HJT log

3. DDS - DDS.txt & Attach.txt posted in your reply - not attached

I have run Malwarebytes' several times. Every time it tells me it has found this virus and it has been deleted from my computer but it is always there when I run it again. can you help me get me rid of it.

Malwarebytes' Anti-Malware 1.30

Database version: 1403

Windows 5.1.2600 Service Pack 3

4/11/2009 9:48:41 AM

mbam-log-2009-04-11 (09-48-41).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 165296

Time elapsed: 10 hour(s), 36 minute(s), 13 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP546\A0154793.sys (Trojan.Downloader) -> Quarantined and deleted successfully.