[Solved]trojans found and clean up help needed

You need help to start using UVK? You have a doubt on a UVK feature? Post here!
Forum rules
We have no special rules for UVK forums. Just try to be polite and clear in your posts.
Please don't post spam in this forum. Spammers will be banned by IP, e-mail and username.
We reserve the right to delete all posts and ban all users we consider not having respected these rules without warning.
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

[Solved]trojans found and clean up help needed

Post by jabernathy »

Fred, this is Jamie at PTS. I ran a scan yesterday using the Windows Security Essentials and found several trojans on our NEW pc system. after removal I wanted to install Spybot and I am getting errors with the installation : I attached a .doc that shows the errors. The bugs found were Trojan: HTML, Trojan JS/redirector, Exploit : Win32, Trojan: BAT/MINEBicoin and Exploit Win 32, Trojan PHP/Iframe Trojan : HTML/Porny, TrojanClicker:JS/IFrame.C. After removing the trojan using the Windows Essential I ran another UVK log. I have attached that as well. I still feel like there is something causing problems. But I dont really understand how to use the UVK safely for fixing all my issues that are now out of whack. I am running the SFC scan now. Can you help me? and now I can't seem to upload my .doc or .pdf or .txt to you. Thanks Jamie
Attachments
System_errors.zip
system errors
(5.35 KiB) Downloaded 447 times
INstall errors.zip
Install errors
(397.92 KiB) Downloaded 393 times
UVKlog.zip
UVK log today's
(48.11 KiB) Downloaded 445 times
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Hello Jamie.

I will help you with your malware, but it will take a while, because I am not at home right now, and I have limited internet access.

Hope you're not in a big rush.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

I just had a quick look at the INstall errors pic and I think that error may be caused by the UVK immunization.

Please proceed as follows:

Run UVK and go to the UVK Immunization section.

Uncheck all areas, or click None, in the lower pane.

Click Apply selected immunization, and confirm.

Now you should be able to install Spybot.

Please note that nowadays you have better tools than Spybot, such as Malwarebytes anti malware or SuperAntiSpyware, but it's up to you to decide whether to use them.

Don't forget to Immunize your machine again after installing.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

ok will do. I will use the malwarebytes.
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Hi Jamie. I'm back.

Is everything working OK with your pc now?

Do you still want me to analyze your log?
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

Hello Fred, I am going to upload the logs I have done today. I scanned with Malwarebytes..couple of trojans found. I used UVK service manager and one file was found..when I did a google search I "think" it is saying it is a trojan.. something is still amiss with my system. I can tell for sure. this is the new pc I am on but I have been very busy in healthcare so I hate that I couldn't get back with you earlier. But I still need help. would be great if you could just log in and fix this bugger...but I also need to learn what to do or what I am reading when I read all the help contents and forums. I am still lost.
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Hi Jamie.

No problem, please send a UVK log when possible.

Thanks.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

Fred I Uploaded my UVK log and my malwarebyte log. It shows trojans quaranteened but there is still something amiss. I can definately tell. this morning I went to get on internet and driver went down for a minute... like I said yesterday that I did the service manager on UVK and one file shows up that when google looked like bug/trojan. I Dont know how to get you a look at that. as always...thanks Jamie
Attachments
mbam-log-2013-03-22 (15-05-32).zip
(1.03 KiB) Downloaded 388 times
UVKlog.zip
(29.34 KiB) Downloaded 399 times
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Hi Jamie.

Ok, let's see if we can make this machine work as new. You can start by removing programs you don't use.

Uninstall unneeded programs:

Launch UVK, go to the UVK immunization section, uncheck all areas (or click None, in the lower pane), click Apply selected immunization and confirm. This will un-immunize all areas temporarily.

Then go to the UVK smart uninstaller section, check Try unattended uninstall, and uninstall the programs you are sure you don't use.

Below are some suggestions, but you should only uninstall the ones you are sure you don't need. If you're not sure, then just leave them installed. You have a very powerful machine, and leave them installed will not make much difference.
  • iTunes (if you uninstall this, then uninstall Bonjour, Apple Application Support and Apple Mobile Device Support too).

    Cisco WebEx Meetings (Web conferencing and desktop sharing software).

    Picture Timeclock (Uninstall only if you don't need, OK?).

    Spybot - Search & Destroy (If you're using Malwarebytes, maybe you don't need it anymore).

    TurboMeeting (another web conferencing and desktop sharing software).

    Cisco WebEx Meeting Center for Internet Explorer (Related to Cisco WebEx Meetings).

    GoToMeeting 5.4.0.1082 (Related to Cisco WebEx Meetings).
If you have any doubts concerning the UVK smart uninstaller usage, please refer to our help page.

Log analysis and repair script:

I found a few malware remnants and a couple of trojans in your log. I made a UVK script which will remove them, but it will also perform other repair, maintenance and optimization.

Note that this script may take up to two hours or more to finish, because it will also update the .Net framework and defragg the hard drive. The computer will be rebooted after the script finishes executing.

Download the script:
UVKcfJamie.zip
(1.1 KiB) Downloaded 418 times
Note: This script should only be used in this computer.

No need to immunize the system again, as the script will automatically do it.

Please report the computer status after the reboot. I may have some more advice.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

Fred I am doing this now. I have to keep my PC timeclock as I use it to log my hours for my boss. easier than paper. been using it for about 9 years now. everything else went . I will get back with you when it 's all done. opps I accidently uninstalled a Cisco Connect.
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

NEW LOG.
Attachments
UVKlog.zip
(49.44 KiB) Downloaded 390 times
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

wow Fred, not sure what the log is showing but feels pretty good about now. there has GOT to be some sort of safety for not allowing these bugs in. being a medical office we can't use the norton, mcaffee kind of stuff.
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Yes, I already checked your last log, and it shows only one harmless remnant.

I have some advice regarding the protection in the future. Just give me a couple of days, until I finish a new UVK update and move the site to a new server, and I will post them for you.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

wonderful. looking forward to your suggestions. Thanks again Jamie
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

Fred, since we did that script I have had a couple of Emergency shutdowns...a display driver problem. The second time I got a bluescreen. I copied the error. Can you tell me if I need to update something since running the script?
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: 116
BCP1: FFFFFA800CED24E0
BCP2: FFFFF8800462D45C
BCP3: 0000000000000000
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\040313-14320-01.dmp
C:\Users\Eric Rockwell\AppData\Local\Temp\WER-56940-0.sysdata.xml
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Hi Jamie.

Please send me the file C:\Windows\Minidump\040313-14320-01.dmp

Thanks.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

sORRY, I am so behind on work. sending now.
Attachments
040313-14320-01.zip
(29.07 KiB) Downloaded 398 times
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

Fred, I am having the same problem with the shut down again. no blue screen yet..but everything comes to a halt and driver error comes up.
Attachments
040313-14320-01 (2).zip
(29.07 KiB) Downloaded 375 times
jabernathy
Posts: 66
Joined: Thu Dec 01, 2011 6:24 pm
Location: Tennessee
Contact:

Re: trojans found and clean up help needed

Post by jabernathy »

I spoke to soon. got the blue screen everything shut down just a moment after sending you that file. here's the error message
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: 116
BCP1: FFFFFA800BADF010
BCP2: FFFFF8800478A45C
BCP3: 0000000000000000
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\040913-16208-01.dmp
C:\Users\Eric Rockwell\AppData\Local\Temp\WER-56597-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid= ... cid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
Attachments
UVKlog.zip
(49.44 KiB) Downloaded 382 times
040913-16208-01.zip
sending you another one.
(28.06 KiB) Downloaded 362 times
Fred
Site Admin
Posts: 2357
Joined: Sat Jul 30, 2011 12:05 pm
Location: Red coast, France
Contact:

Re: trojans found and clean up help needed

Post by Fred »

Hi Jamie.

I'll have a look at the logs tomorrow. It's time to call it a night in my timezone.

I'll be back with news tomorrow.
One thing we humans have in common is that we are all different. So, if you think you're weird because you're different from everyone else, then we are all weird.

Fred
Post Reply