Have problem with Trojan

  • Thread starter Thread starter August
  • Start date Start date
A

August

My computer was infected to the point that the malware software was made
inoperable. With help from this medium, I was able to get the malware unit
operating again. It got rid of all the infection except for a Trojan
(Trojan.Agent). I’ve run it (Malwarebytes and Spybot) several times, and it
always comes back up (in Malwarebytes – Spybot didn’t detect it). The
software obviously can’t delete it.

When my computer first got infected, I disconnected it from the Internet. I
don’t won’t to connect back to the Internet until my system is completely
clean for fear that my computer will become infected immediately. However,
I’m wondering if I do connect and update the malware unit, then run it, maybe
it will then delete this Trojan. Does anyone have any ideas on the best way
to handle this? I appreciate any and all help.

This is what is listed for the Trojan.Agent: C:\WINDOWS\system32\uacinit.dll
 
From: "August" <[email protected]>

| My computer was infected to the point that the malware software was made
| inoperable. With help from this medium, I was able to get the malware unit
| operating again. It got rid of all the infection except for a Trojan
| (Trojan.Agent). I’ve run it (Malwarebytes and Spybot) several times, and it
| always comes back up (in Malwarebytes – Spybot didn’t detect it). The
| software obviously can’t delete it.

| When my computer first got infected, I disconnected it from the Internet. I
| don’t won’t to connect back to the Internet until my system is completely
| clean for fear that my computer will become infected immediately. However,
| I’m wondering if I do connect and update the malware unit, then run it, maybe
| it will then delete this Trojan. Does anyone have any ideas on the best way
| to handle this? I appreciate any and all help.

| This is what is listed for the Trojan.Agent: C:\WINDOWS\system32\uacinit.dll

| --
| ~August~


Boot into the Recovery Console and delete; C:\WINDOWS\system32\uacinit.dll
 
August said:
My computer was infected to the point that the malware software was made
inoperable. With help from this medium, I was able to get the malware
unit
operating again. It got rid of all the infection except for a Trojan
(Trojan.Agent). I've run it (Malwarebytes and Spybot) several times, and
it
always comes back up (in Malwarebytes - Spybot didn't detect it). The
software obviously can't delete it.

When my computer first got infected, I disconnected it from the Internet.
I
don't won't to connect back to the Internet until my system is completely
clean for fear that my computer will become infected immediately.
However,
I'm wondering if I do connect and update the malware unit, then run it,
maybe
it will then delete this Trojan. Does anyone have any ideas on the best
way
to handle this? I appreciate any and all help.

This is what is listed for the Trojan.Agent:
C:\WINDOWS\system32\uacinit.dll
Click to expand...

Sometimes you can only gain control over these files if you don't boot the
OS they are attacking. You need to boot from another CD, such as the XP CD
and the recovery console (though the RC by default seriously limits what
folders you can access) or a Linux CD, or attach the drive to another
system.

If you attach the drive to another system, you can also do all the
anti-virus scanning from the host. As well, you should locate and empty
the browser cache folders (Temporary Internet Files, content.ie5) and Temp
folders. Clearing these first will likely remove some of what you're
looking for, and make the scanning go a lot faster.

HTH
-pk
 
My computer was infected to the point that the malware software was made
inoperable.  With help from this medium, I was able to get the malware unit
operating again.  It got rid of all the infection except for a Trojan
(Trojan.Agent).  I’ve run it (Malwarebytes and Spybot) several times,and it
always comes back up (in Malwarebytes – Spybot didn’t detect it).  The
software obviously can’t delete it.

When my computer first got infected, I disconnected it from the Internet. I
don’t won’t to connect back to the Internet until my system is completely
clean for fear that my computer will become infected immediately.  However,
I’m wondering if I do connect and update the malware unit, then run it,maybe
it will then delete this Trojan.  Does anyone have any ideas on the best way
to handle this?  I appreciate any and all help.

This is what is listed for the Trojan.Agent: C:\WINDOWS\system32\uacinit.dll
Click to expand...

You again! I thought you were fixed up.

Try SuperAntiSpyware http://www.superantispyware.com/ and AVG
http://free.avg.com/

I would not put much faith in Spybot finding much more than some
cookies these days.

I would go with MBAM (you already got that going), SAS and AVG in that
order - all free. You can always uninstall them if you want.

Merely deleting a file may not be enough.

Please report your findings.

Jose
 
August said:
My computer was infected to the point that the malware software was made
inoperable. With help from this medium, I was able to get the malware unit
operating again. It got rid of all the infection except for a Trojan
(Trojan.Agent). I’ve run it (Malwarebytes and Spybot) several times, and it
always comes back up (in Malwarebytes – Spybot didn’t detect it). The
software obviously can’t delete it.

When my computer first got infected, I disconnected it from the Internet. I
don’t won’t to connect back to the Internet until my system is completely
clean for fear that my computer will become infected immediately. However,
I’m wondering if I do connect and update the malware unit, thenrun it, maybe
it will then delete this Trojan. Does anyone have any ideas on the best way
to handle this? I appreciate any and all help.

This is what is listed for the Trojan.Agent: C:\WINDOWS\system32\uacinit.dll
Click to expand...

Some smarter malware can update itself depending on what changes have
been made to existing a/v software. But I wouldn't worry about it.
Connect the computer to the internet in Safe Mode, get the MBAM update
and run it again. I that and SAS don't work, try this:

Burn one of these to a CD (using a working machine) and boot the
infected machine with it:

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
 
My computer was infected to the point that the malware software was made
inoperable.  With help from this medium, I was able to get the malware unit
operating again.  It got rid of all the infection except for a Trojan
(Trojan.Agent).  I’ve run it (Malwarebytes and Spybot) several times,and it
always comes back up (in Malwarebytes – Spybot didn’t detect it).  The
software obviously can’t delete it.

When my computer first got infected, I disconnected it from the Internet. I
don’t won’t to connect back to the Internet until my system is completely
clean for fear that my computer will become infected immediately.  However,
I’m wondering if I do connect and update the malware unit, then run it,maybe
it will then delete this Trojan.  Does anyone have any ideas on the best way
to handle this?  I appreciate any and all help.

This is what is listed for the Trojan.Agent: C:\WINDOWS\system32\uacinit.dll
Click to expand...

If properly updated installations of MBAM, SAS, and AVG don't find
anything, keep reading.

Someone pointed out to me the other day that SAS is best run in safe
mode and MBAM prefers a regular boot.

Do not run MBAM in safe mode. SAS would be okay, I don't know about
AVG (yet). The thing is to get them all downloaded, installed and
updated.

To get into Safe Mode, start poking the F8 key when your system is
booting until you get a menu. Choose safe with or without networking
depending on if you think you need Internet access or not. Safe mode
will just load minimal software, so your video will probably be a
little goofy, but that's okay.

Earlier, someone reported back that AVG found something MBAM missed.
I found this surprising but accepted it for his issue. No single
program is going to know about everything.

Please report back.

Jose
 
My computer was infected to the point that the malware software was made
inoperable. With help from this medium, I was able to get the malware unit
operating again. It got rid of all the infection except for a Trojan
(Trojan.Agent). I’ve run it (Malwarebytes and Spybot) several times, and it
always comes back up (in Malwarebytes – Spybot didn’t detect it). The
software obviously can’t delete it.

When my computer first got infected, I disconnected it from the Internet. I
don’t won’t to connect back to the Internet until my system is completely
clean for fear that my computer will become infected immediately. However,
I’m wondering if I do connect and update the malware unit, then run it, maybe
it will then delete this Trojan. Does anyone have any ideas on the best way
to handle this? I appreciate any and all help.

This is what is listed for the Trojan.Agent: C:\WINDOWS\system32\uacinit.dll
Click to expand...



Use Unhackme..
 
Yeah, it's me again. I thought once I got the malware unit running that it
would take care of the problem. It did for the most part but one trojan is
hanging in there. I tried MBAM, SAS and AVG in that order but it didn't
work. I still have that same trojan.
 
August said:
Yeah, it's me again. I thought once I got the malware unit running
that it would take care of the problem. It did for the most part but
one trojan is hanging in there. I tried MBAM, SAS and AVG in that
order but it didn't work. I still have that same trojan.
Click to expand...
Did you try David Lipman's advice?
It was "Boot into the Recovery Console and delete;
C:\WINDOWS\system32\uacinit.dll"
Buffalo
 
I'm trying it now.
--
~August~


Buffalo said:
Did you try David Lipman's advice?
It was "Boot into the Recovery Console and delete;
C:\WINDOWS\system32\uacinit.dll"
Buffalo
Click to expand...
 
Hi, I am having the same problem. Can you give me the exact steps you took to
get this figured out. The thread suggested a variety of things, not sure
where to start.

thanks
doug
 
Doug said:
Hi, I am having the same problem. Can you give me the exact steps you
took to get this figured out. The thread suggested a variety of
things, not sure where to start.

thanks
doug
Click to expand...

I believe it was probably Lipman's advice:
"Boot into the Recovery Console and delete;
C:\WINDOWS\system32\uacinit.dll"

plus then running MBAM (MalwareBytes AntiMalware) and SAS (SuperAntiSpyware)
free versions.
 
Back
Top