Author Topic: need help with Win32:BitCoinMiner-B [PUP]  (Read 7445 times)

0 Members and 1 Guest are viewing this topic.

brunofas

  • Guest
need help with Win32:BitCoinMiner-B [PUP]
« on: September 27, 2012, 11:42:23 PM »
Hi all.
iv got a virus some weeks ago and cant delete it!
At the scan that runs before starting the computer i have noticed 2 viruses:
- Win32:BitCoinMiner-B [PUP]
- Win32:Sirefef-PL [rtk]

and every 5 minuts avast throws me a new file infected warning.

which logs should i upload?
Any help on deleting this virus would be greatly appreciated.

brunofas

  • Guest
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #1 on: September 27, 2012, 11:51:08 PM »
Also,
the warnings says:
"infection: Win32:ZAccess-JC [Trj]"
"infection: Win32:Trojan-gen"
"infection: Win32:Malware-gen"

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #2 on: September 27, 2012, 11:51:45 PM »
This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

brunofas

  • Guest
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #3 on: September 27, 2012, 11:54:56 PM »
Sorry DavidR im new in this forum.
what do you mean with "This needs further analysis by a malware removal specialist: "?
i wont find help in avast forum??
what do you recomend?

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #4 on: September 28, 2012, 12:20:56 AM »
Hi brunofas,

Well help is out here in the avast forum. We are so lucky to have a couple of qualified removal experts in our midst, that help in these cases, so go read here how to provide the logs http://forum.avast.com/index.php?topic=53253.0
and the removal expert that has been informed by DavidR will soon come to assist you cleansing. Best is to follow his instructions to the dot, and you will be out of the woods before long. All will be well, and our removal experts are the best around. Trust me,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #5 on: September 28, 2012, 01:22:22 AM »
<snip>
1. what do you mean with "This needs further analysis by a malware removal specialist: "?
2. i wont find help in avast forum??
<snip>

1. Exactly that, gathering information for the specialists so they can clean the system. These zero access infections can be complex and needs specialist tools to find it and a customised script to remove it. This is why it should be done by a specialist, who can help/guide you through to the process.

2. The specialists are forum members (volunteers) and they will be working with you in this topic in this forum.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

brunofas

  • Guest
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #6 on: October 01, 2012, 02:10:04 AM »
First of all thanks for the reply!
And here goes the logs attached and a few comments..

aswMBR crashes after finding 3 files infected:
C:/windows/system32/services.exe   - Win32:Sirefef-ZT (Trj)
C:/windows/assembly/GAC_32/Desktop.ini   - Win32:Sirefef-PL (Rtk)
C:/windows/assembly/GAC_64/Desktop.ini   - Win32:Sirefef-PL (Rtk)

RogueKiller also created a RK_Quarentine on desktop. what should i do with this?

brunofas

  • Guest
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #7 on: October 01, 2012, 02:13:20 AM »
I cant attach the OTL log because it has 194 kb.. should i delete some lines?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #8 on: October 01, 2012, 02:39:01 AM »
There may be some delay due to differing time zones and availability of the volunteer malware removal specialists.

But now you have attached the logs when someone is available they will have something to work with.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37491
  • Not a avast user
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #9 on: October 01, 2012, 02:43:32 PM »
I cant attach the OTL log because it has 194 kb.. should i delete some lines?
you may upload OTL to some file share site, like mediafire.com and post the download link here

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #10 on: October 01, 2012, 02:55:26 PM »
I cant attach the OTL log because it has 194 kb.. should i delete some lines?
you may upload OTL to some file share site, like mediafire.com and post the download link here

I suggest to upload it here and post the link: http://www.pastebucket.com
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

brunofas

  • Guest
Re: need help with Win32:BitCoinMiner-B [PUP]
« Reply #11 on: October 01, 2012, 10:00:55 PM »
Here is the link to OTL's file.
http://www.mediafire.com/view/?x1w0wwd5jlmgzm3

thanks