Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trovi Virus - help to remove please

17 Jul 2014   #81
Tousdae

Windows 7 Professional 64 bit
 
 

It's done. Here's the log. I thought I went to the website of who made the program.

adw wasn't installed until today.




Attached Images
Trovi Virus - help to remove please-scan.jpg 
Attached Files
File Type: txt AdwCleaner[S4].txt (6.0 KB, 4 views)
My System SpecsSystem Spec
.
17 Jul 2014   #82
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Take your time, keep asking questions if you need an explanation, wait for the answer

As I said most of the file herdProtect flagged were game related and a lot of them were language components.

Ask is a toolbar that can sneak in if you don't pay attention during an install (people miss those little checkboxes)

atiesrxx is probably legit, but herdProtect tells me that it belongs in a different location. I just searched the name, you'll be providing more information to herdProtect when you check the detail.
My System SpecsSystem Spec
17 Jul 2014   #83
Tousdae

Windows 7 Professional 64 bit
 
 

What am I doing now? Waiting to run herdprotect again?
My System SpecsSystem Spec
.

17 Jul 2014   #84
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

You have to make sure that new infections aren't introduced by rushing. That just puts you a step back.
We'll see if any real damage was caused or if you can continue to move forward (I hope so).

First uninstall AdwCleaner Packages in Control Panel > Programs and features.

That puppy brought in more malware (adware which the real AdwCleaner does not).

If you're not sure, stop and ask.

After you've uninstalled AdwCleaner Packages in Control Panel > Programs and features, tell me if there is an AdwCleaner shortcut on your Desktop.

then we'll see what's next.

edit: I'll be away for a bit
My System SpecsSystem Spec
17 Jul 2014   #85
Tousdae

Windows 7 Professional 64 bit
 
 

Yes. I added a rocket browser. I've uninstalled it from programs. I then went into program files and deleted the folder. I went into my browser settings and removed that browser from my choices and put bing back.

I uninstalled adwcleaner. There isn't a short cut on the desktop.

Ok. I'll hang here and refresh every few mins. Thank you.
My System SpecsSystem Spec
17 Jul 2014   #86
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Ok, here's the real deal.

I can't help you keep viruses off of your system - you're the only one that can do that.
I can only help you get rid of them, but I need your co-operation.

I should have said this way back, so I accept responsibility for being part of the cause.

Nothing should be added to the system while you try to disinfect it.
After the system has been disinfected, you have to pay attention to every install. A lot of free and paid for programs add extra programs to the installer package. They get paid a small percentage every time someone installs the extra software.
The end user, you or me, has to be alert to this and decline the offers of the extra software. Sometimes it's easy to spot, sometimes the wording isn't exactly clear and it looks like it's part of the program you want, sometimes it's not easy to spot and in the worst cases you don't even know it's being installed.

You've seen two cases of this during the disinfection - one was AdwCleaner, not from the link Jacee gave you. It had an ad in it - the author's version does not. The second case was Rocket Browser - it had a scheduled task to go get more something, probably ads... I don't know.

A third case is the Ask toolbar. I don't know where that came from, but it might have been the games you installed or the Snag bar.

I say this only to explain where malware comes from and why you, the end user has to be aware and alert when installing software.

Please do not install anything until we're through, or we'll never get through... ok? After that be very cautious what you install and what web sites you visit or your system will probably get some sort of malware.

I will be as specific as I can be so that I don't misdirect you.

Is herdProtect still open?
Did you get the details from their knowledge base for the two files I asked about
c:\windows\system32\atiesrxx.exe
c:\users\li\appdata\local\temp\askslib.dll
My System SpecsSystem Spec
17 Jul 2014   #87
Tousdae

Windows 7 Professional 64 bit
 
 

Ok. I will not install anything else. Sorry.

No. Herdprotect is closed.

Well ... I don't seem to have that atiesrxx.exe .. aaand I don't seem to have an appdata folder either.


Attached Thumbnails
Trovi Virus - help to remove please-4.jpg  
Attached Images
Trovi Virus - help to remove please-5.jpg 
My System SpecsSystem Spec
17 Jul 2014   #88
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Ok, we'll go to the 2nd run of herdProtect

In Windows Explorer, navigate to C:\Users\LI\Downloads
herdProtect should be there
Double click to launch
Answer yes to any UAC prompts, then click scan

Keep herdProtect open - do not close it this time.
Post a screen shot of the window that shows what herdProtect found
I'll ask you to click on some of the files in that window and select Details
That should open a browser window on herdProtect and provide additional information on the file

If something doesn't match my descriptions, post a screen shot so I can see what you see

Thanks
My System SpecsSystem Spec
17 Jul 2014   #89
Tousdae

Windows 7 Professional 64 bit
 
 

Done


Attached Images
Trovi Virus - help to remove please-6.jpg 
My System SpecsSystem Spec
17 Jul 2014   #90
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

ok click on Askslib.dll - do you get two options?
click Details
post the herdProtect details window opened in your browser
My System SpecsSystem Spec
Reply

 Trovi Virus - help to remove please




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
How do I remove this virus/malware url?
I tried programs and features and search, but came up empty. It constantly shows up in Firefox and Chrome ...
System Security
How to remove "trovi" addware
I HAVE installed a new crucial ssd m240 gig c drive,my files are kept seperat on another internal hard drive. heres the chronology: I did a clean win 7 install ,and all was ok, untill i downloaded avast ,Free version,thru ie browser. then I downloaded chrome to use as default browser. went back...
System Security
UI taken over by Trovi.com. How can I get rid of it?
Help! My user interface has been hijacked by something called trovi.com. It changed my primary search engine to Bing and blocked most of the things that I had set up in Google Chrome. I don't know how it got downloaded but I sure would like to get rid of it. Can somebody help? Thanks, Mark...
System Security
Can't remove a virus (or a PUP?) from my computer
Hello :D I somehow got 2 programs that cannot be removed. When I uninstall them, they just keep reappearing at boot. I don't know if that's a virus or a PUP, but it's really annoying. The 2 programs are "FixMyRegistry" and "SpeedUpMyComputer" by "SmartTweak" ( Who are the *******s behind...
System Security
win7 virus cant remove
On my dads laptop he downloaded this win7 antivirus, a little after he started having some computer problems. so i looked at it and soon realized that it was a fake antivirus, but it has been harming the computer now i cant even connect to the internet on it. ive tried everything, i uploaded norton...
System Security
Help Remove Virus
i had windows 7 installed than i installed XP...n i inserted a usb while using XP...the usb contained the "New Folder.exe" virus...n infected my windows....it also infected Windows 7....i formated both drives...now i only have windows 7 installed ... but the effects of the virus are still there......
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:16.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App