Trojan Dropper:js/exjaysee.a

My laptop has crashed, giving me the BSOD, 5 times since May1, 2016. I have been checking other forums and when MSE full scan of my Win 7 system picked up subject trojan, I was redirected here for solid, up to date help. I saw the Read Me thread and I am wondering if these steps are for all maleware and viruses.
I did have MSE remove the trojan and repeated the full scan in safe mode. No threats surfaced. However, I have looked at other forums and see that merely removing the trojan might be only the first step as apparently this trojan infects other files.

I am hoping that this is not the case. A spywarrior tool was also mentioned to find infected files. Is there a reliable tool for this? If not, would the steps in the Read Me thread be my second step in ridding my laptop of this trojan? I am hoping that I can get rid of all infected files. Yes, I am a new member and becoming acquainted with this forum's protocols. Any comments and suggestions are welcome.
Thanks.

 

Thanks for your response, Kestrel.
I will take a look at them, I may have to wait a week. Found out I have to take an emergency trip to my former Veterinarian. Kitty had a complication with a ligament repair. But you will hear from me!

People have suggested that I just switch to Win 10. I'm guessing that there would still be infected files. And I have heard that switch can be problematic if you have something going on with your computer.

 

Hi Kestrel,
I bit the bullet and got through all the steps through the MGtools and got that Zip file created!!!
I downloaded all the other files- Malware, Rogue Killer _ (did not run) to my desktop. FYI, I just downloaded CCleaner and MalwareBytes again from this site, I had been running up to date copies anyway. I had been running the free AVG but someone in another forum (who referred me here) wanted me to run some WhoCrashed, Blue Scree and Event View diagnostics with that uninstalled. We still only got Kernel system and NTFS error messages. Rather than re-install AVG, I chose MSE.
The deep MSE scan found the trojan.

While I was backing up my files I found some diagnostic summaries from Office Depot. I paid them for a "tune-up" because my computer, which I had bought only 1-2 years early was slow. They told me they found virus/malware infections but cleared them. They also told me that I was visiting "Very Dangerous" sites. I was in the process of buying a condo in Las Vegas or finding a rental here. So I was on realtor sites, MLS, rental sites, craigslist, you name it. I would not be surprised if they found some "superficial" problems but that the trojan remained....that's 4 years!

I'm using chrome and when I tried to get MGTools directly into the C drive it went to documents; I wasn't given a choice to put it in the C or D drives.

Here is the MGlogs.zip folder.
I will await response before I re-enable my AV, change user account control, etc. Please let me know if you require anything else before we can continue.

As a P.S. The MGlog.zip folder automatically went to my desktop (no idea why) so I sent it to documents where the MGTools is.
I hope this info. is useful.

Thank you so much, I can't imagine having a career in a field like this (I'm sure there is more than one field) and coming home to review and answer forum diagnostics and questions.

Kitty and I aren't leaving until Wed.

 

Hi Kestrel,
Thanks again for your prompt reply.
Actually I did not run Rogue, Killer, Hitman, and Malware because I thought that we were only putting the files "saved" on desktop. The instructions for MGTools said download and run.
I must have misunderstood the instructions. I will run the others now. As I recall from MalwareBytes, no file is created of the scan results. Am I supposed to post results by creating files and uploading or posting only if there is a problem?
One more thing, throughout the process of downloading and running yesterday, two notepad files appeared on my desktop. I don't know what they are, but will post them here. Whoops, they are both named "desktop.ini", but are different. When I try to upload, they don't show up in the desktop list, even when I "search destop for desktop.ini".
Do you need these? How can I upload them? Thanks.

I will run those other scans in normal mode now.

 

Hi Kestrel,
I did run those other scans in normal mode. Since the Hitman Pro scan found o threats and 11 traces but reported, "No threats found", I will tell you a few things that I thought was a little strange about the process.
1. Scanned with Malwarebytes. 0 threats found, did not request a re-boot so I re-booted on my own. It did say 302,889 items scanned. Will attach the log below.
2. TDSSKiller reported 0 threats.

3. RogueKiller redirected me to an ad site after the scan was completed. This site was: www.adlice.com/pum-removal/.
I could easily close it (not sure why it showed up) and return to the log from RogueKiller. Log will be attached below.

4. Ran the 64 bit version of HitmanPro. Did have trouble getting it to open in forced breech mode, but held left control button and double clicked. the Scan Results reported "No threats found" (11 traces).
There was no way to get a log that I could see....

In addition to the MGlogs.zip I posted above, I have only the two logs to submit. It doesnt look like much!

Thanks for your consideration. If you want me to re-install and run anything again, or run in safe mode, please let me know.

 

By the way, I am not using my laptop during this process, so I am leaving the UAC, anti virus and whatever else we turned off on "off". Let me know if I should turn them back on anyway...thanks

 

Thanks Kestrel.
Hitman doesn't have anything to clean up; it found no threats.

I checked my notifications area to ensure that windows defender was off for this process. It was but it also said the firewall was on. I thought defender was win firewall for win7 and it was the default.
Could another firewall set by default have hidden any bad files?

Thanks again.

When I said I had trouble getting Hitman to run, I had to press the control key and double click the desktop icon. When I tried to run as Admin it didn't go into forced breech mode.

 

Yes, I didn't know that I could clean them with hitman.
I was using the free AVG until this happened. A couple of weeks ago I Uninstalled that and installEd MSE. A.deep scan revealed the Trojan.
Thanks

 

Hi kestrel
I am having a problem with step 5, finding mg tools bat file to clean up. On my computer the MG TOOLS went to documents, I didn't get the option to go to c or d drive. My problem is that I can't find an MG TOOLS folder. I only have files: MGtools.exe (a file) and MGlogs.zip (a zip file). If I go to the (MGtools) executive file I just run program again. If I go to the logs, I cant find a bat file.

I'm wondering if I did something wrong in the basic download which caused no malware to show.
For some reason I was able to get to a registry ...
Any ideas what to do now?
Thanks.

 

Another issue: I am retracing the read me first steps and I can't get windows defender back on .
I get a dialog box that says click here to turn it on but it won't work.
I am wondering I'd something that I couldn't clean off my pc is preventing it.
Just got an error code: timeout period expired.

Over all, I'm wondering if this has any

 

I ran what I was told to run or understood to run. I have no time to debate the issue. I am leaving for a veterinarian emergency tomorrow am.
I turned bk on my securities but could not access any bat file.
Will have to check bk next week as there is no WiFi where I am staying.

I read and followEd every instruction. If I knew it wasn't the trojan I would return and try again.
Thanks for your time . Will check bk when I return.

 

I was asked to run MG tools, when 0 threats and 11 traces. Showed up. Specifically.

 

Hi.
I have returned from a week with no WiFi....strange experience. But the kitty seems better. She was attacked by a dog last year and, well, let's just hope for less pain than more as she is 13 yrs. Thanks.
I will try to explain what was going on in the above threads.
I only have MGtools.exe which runs the file ( which is probably why I ran it as there is no MGtools folder). All I can find, and have looked repeatedly, Is the MGlog.zip (the clean file is not in there) and the MGtools.exe which runs the program. Neither is a folder. I have no idea how this happened. Or where else I could look for it.

I did run the hitman file when I mentioned MGtools in the above thread, I erred.

So I know there is a problem because I have not MGclean.bat folder. I have actually opened up documents, programs, downloads and tried many ways to get there. I found my MSE in a desktop folder, I b
elieve it got there by way of my neuropathy... it happens that the fingers have a bit of a tremor and it can mess up keystrokes. So I'm not saying something is wrong with the process, but my results include no MGtools folder or a MGclean.bat file.

As A result, I still have tdsKiller, hitman pro, RogueKiller, Malware scan log, Rogue Killer log, MGlogs.zip, andt 2 desk top.ini files on my desktop.

I ran a deep scan of MSE, which originally found the trojan and found nothing threatening.
However, my laptop is really running slowly.

Where should i go from here?
Thanks. And, when I do something, should I turn my UAC, antivirus, etc off? I turned them back on.

 

OK. I'm not 100% why the files were not cleaned, but I do have MGtools.exec and MGlogs.zip. There is no MGclean.bat anywhere, including in the zip folder.
So with these 2 and all the others downloaded (tdsKiller, Hitman pro, RogueKiller, Rogue Killer log and 2 desktop.ini files, what do I do to delete them?
And, I have a more important question, do you think something went wrong in download running these files? Why would I be having these problems? I am asking, essentially, should I delete these files and try to do the process again? Clearly something went wrong, I'm not sure if it was in the clean up or the whole process.

 

Thanks Kestrel
I will do that.
I will just use the computer and hope all is ok.
But I will get bk to you if there is a problem.