Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help me remove virus/infection

12 Sep 2014   #11
brummyfan

Windows 7 Home Premium 64bit
 
 

Hi Andrew,
Here are the logs of FSS and Hitman Pro. Thanks.




Attached Files
File Type: txt FSS.txt (2.6 KB, 2 views)
File Type: log HitmanPro_20140912_1154.log (40.4 KB, 4 views)
My System SpecsSystem Spec
.
12 Sep 2014   #12
andrew129260

Windows 10 Pro
 
 

Ok, fss looked good, but hitman pro did not.

First thing first, delete the ffs exe and herdprotect exe. Now run a new scan with hitmanpro.

I found traces of conduit. You are going to need to do the following:

Activate the free 30 days of hitman pro.

Remove what hitmanpro finds. Especially these below:

mysearchdial
bandoo
conduit

Restart the pc. Post a fresh new log of hitman pro.

_________________________________________________________________________________


You will then need to reset your web browsers, (do you have any others?)

See here on how to reset internet explorer:


Warning
Doing the following will reset internet explorer, and will lose all saved passwords and settings


Tutorial for visual walkthrough:

Internet Explorer - Reset

Worded steps:

Open Control panel. - Network and internet. - internet options - advanced - Reset - Check the box to delete personal settings - Click reset. Click ok. Restart the PC.
My System SpecsSystem Spec
13 Sep 2014   #13
brummyfan

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by andrew129260 View Post
Ok, fss looked good, but hitman pro did not.

First thing first, delete the ffs exe and herdprotect exe. Now run a new scan with hitmanpro.

I found traces of conduit. You are going to need to do the following:

Activate the free 30 days of hitman pro.

Remove what hitmanpro finds. Especially these below:

mysearchdial
bandoo
conduit

Restart the pc. Post a fresh new log of hitman pro.

_________________________________________________________________________________


You will then need to reset your web browsers, (do you have any others?)

See here on how to reset internet explorer:


Warning
Doing the following will reset internet explorer, and will lose all saved passwords and settings


Tutorial for visual walkthrough:

Internet Explorer - Reset

Worded steps:

Open Control panel. - Network and internet. - internet options - advanced - Reset - Check the box to delete personal settings - Click reset. Click ok. Restart the PC.
I have attached the hitman pro log, I have also reset IE10 and google chrome, Thanks.


Attached Files
File Type: log HitmanPro_20140913_1056.log (1.4 KB, 2 views)
My System SpecsSystem Spec
.

13 Sep 2014   #14
andrew129260

Windows 10 Pro
 
 

Great job! A few more steps then we should be done.

1.) Download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Upload the contents of that logfile in your next reply using the paper clip on the reply box.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

2.) Using AdwCleaner v3: Scan & Clean:

Double click on AdwCleaner.exe to run the tool again.
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...

This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Upload the contents of that logfile in your next reply using the paper clip on the reply box.

Junkware Removal tool:


3.) Please download Junkware Removal Tool to your desktop.


  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Upload the contents of that logfile in your next reply using the paper clip on the reply box.
  • When completed make sure to re-enable your antivirus
My System SpecsSystem Spec
13 Sep 2014   #15
brummyfan

Windows 7 Home Premium 64bit
 
 

Hi Andrew,
I have no preference to keep any programs, please find the log below, I will do the steps 2 and 3 once you replied, Thanks.
EDIT:
I am not sure about wStLibG64 service, can I remove it as well.


Attached Files
File Type: txt AdwCleaner[R0].txt (7.3 KB, 3 views)
My System SpecsSystem Spec
13 Sep 2014   #16
andrew129260

Windows 10 Pro
 
 

Go ahead and scan and clean everything found for adwcleaner. then run Jrt- it will not prompt, it will just remove.

Info about the wStLibG64 service is here if your curious:

http://www.herdprotect.com/wstlibg64...9899ad1f6.aspx
My System SpecsSystem Spec
13 Sep 2014   #17
brummyfan

Windows 7 Home Premium 64bit
 
 

Thanks for the link, hopefully everything is fine.


Attached Files
File Type: txt AdwCleaner[S0].txt (7.2 KB, 4 views)
File Type: txt JRT.txt (108.7 KB, 3 views)
My System SpecsSystem Spec
13 Sep 2014   #18
andrew129260

Windows 10 Pro
 
 

Logs look great now, good job.


A good idea when a pc is infected with malware is to disable system protection (AKA restore points) as malware likes to hide in restore points and recover itself upon boot.

Please follow this tutorial to disable system protection (system restore points) until we confirm your pc is clean. Keep it off until I tell you that you can turn it back on.

When you turn off system protection, it deletes all restore points and prevents windows from making new ones. (So malware cannot make new ones either.)

Here is the tutorial:

System Protection - Turn On or Off

_________________________________________________________________________________


Reboot the pc, and then re-enable system protection.


Now, rerun a scan with herdprotect and post the log.
My System SpecsSystem Spec
13 Sep 2014   #19
brummyfan

Windows 7 Home Premium 64bit
 
 

Here's the herdProtect log after switching off the System protection.


Attached Files
File Type: txt Scan_2014-9-14-0-15.txt (67.3 KB, 1 views)
My System SpecsSystem Spec
13 Sep 2014   #20
andrew129260

Windows 10 Pro
 
 

Log looks good.

Make sure you turn system protection back on, and have it at least 10%.




Make sure your data is backed up either on an external hard drive or somewhere else before proceeding: (Just a precaution)

1.) Please download and save the file TFC by Old Timer. Again, save the file to your downloads folder or your desktop. Do not run it.

Downloading TFC


2.) Close your programs before running this tool. TFC will close ALL open programs.

3.) Browse to where you saved tfc. Right click on tfc.exe and choose Run As Administrator.

4.) Click the Start button to begin the cleaning process and let it run uninterrupted to completion. When it finishes it will say total files cleaned, and the start button will be grayed out. Click exit.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
My System SpecsSystem Spec
Reply

 Help me remove virus/infection




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
How to restore network and LAN configuration after virus infection?
Hello, Some times I have got any computer thatīs infected by some virus and internet is not working. Booting Linux, Internet is working, but in Windows it is not. I am sure itīs virus problem, because IP, and others adjust are OK. Sometimes after scanning Windows with some antivirus system,...
Network & Sharing
[WTA] Virus Infection from another Notebook
guys , sorry for a weird question, i want ask , when i lend my friends HDD External , lookslike his notebook have virus, then i ask him to format then safely remove, if like that , that virus will infect the HDD External after format ? and will infect too clean notebook if i plug-in to clean...
System Security
Infection by fake AV virus
Visiting a friend who is massively infected by fake AV scan. All of his files are hidden and nothing will run. I just ran bootable Windows Defender Offline which appears to have found nothing. System Restore is infected back a few days although there are more points to go back further. Any...
System Security
BSOD after virus infection and removal
Yesterday I had a virus infection on my computer, which brought up a fake "Anti virus Protection" tool. I've had these in the past, and I usually just restore from my Acronis True Image backup, which is scheduled to run each day and backup my entire C drive. The problem this time is that even...
BSOD Help and Support
Big virus infection going on here
i have a huge virus infection going on in my PC and i just reinstalled the windows:mad: i got the following ones: hotstopshield trojan.win32.Generic!BT backdoor.win32.hupigon everytime i scan i find them in here , but cant remove them , anyone?
System Security
Constant BSODs after virus infection
Hey guys. I got a virus two days ago (Avast claims it was a rootkit) and I've been hitting BSOD after BSOD. I've since scanned the PC with numerous programs (Avast, MBAM, Avira, Microsoft Security Essentials, Microsoft Malicious Software Removal Tool) and I'm fairly sure it's clean now. However,...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Đ Designer Media Ltd

All times are GMT -5. The time now is 10:07.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App