Trovi Virus - help to remove please

[Tousdae]

I don't know where I picked this up but it's attached to my Chrome. I followed some directions for regedit to try to get rid of it. It's still here. Please help.

 

[Slartybart]

See if this helps: How to remove Trovi Search (Virus Removal Guide)

 

[Tousdae]

Would you happen to know a way I could find out if I still have the virus? It attached to Chrome. Everytime I tried to open Chrome I'd get Trovi windows. I uninstalled Chrome so now I can't tell if I still have the virus.

I'm looking thru the directions and I did use "AdwCleaner" yesterday. I'm still going to follow your directions. I just have no idea if I'm still infected or not.

Thank you

 

[gregrocker]

Did you follow fully the removal guide which Bill posted earlier?

Then if a full scan with your AV, Malwarebytes and SUPERAntiSpyware - Downloads finds nothing then you should be OK.

Monitor your browser Add-On's to make sure nothing is in there except Flash, Silverlight and a Reader. No Search services except Google in the stable browser Search box or Omnibox where it cannot spy unless it's Chrome which is spyware to begin with - like all installed and signed-in Google.

Those who get chronically infected I recommend should buy the real time protection of MBAM in addition to their lightweight AV like MSE - at $29 for life I've never had anyone get reinfected again.

After reboot test again and when all scans show clear run SFC /SCANNOW Command to see if System files were damaged.

If so then I'd strongly consider reinstalling following these same steps compiling everything that works best in tens of thousands of installs we've directly helped with here: Clean Reinstall - Factory OEM Windows 7

If not then monitor performance to decide if you need to reinstall because infection shows lingering effects.

Then it depends on how performance goes

 

[Slartybart]

Would you happen to know a way I could find out if I still have the virus? It attached to Chrome. Everytime I tried to open Chrome I'd get Trovi windows. I uninstalled Chrome so now I can't tell if I still have the virus.

I'm looking thru the directions and I did use "AdwCleaner" yesterday. I'm still going to follow your directions. I just have no idea if I'm still infected or not.

Thank you

If you have not followed the removal guide, then your machine is still infected.

 

[Jacee]

Please download AdwCleaner by Xplode and save to your Desktop.
Step 1.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Step 2.
Using AdwCleaner v3: Scan & Clean:
This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder


******Post both .txt logs

 

[Tousdae]

I seem to be fine now! Thank you for your responses!

 

[gregrocker]

Did you follow any of the steps we gave you? :sarc:

 

[Tousdae]

I did the best I could. When I was done I ran the scans as you suggested. I used Malwarebytes, spybot, and that adwcleaner and nothing turned up. There was nothing in add-on's that was out of the ordinary.

 

[gregrocker]

Spybot is 7-8 years out of favor and has never been recommended here in our five years as top tech forums. Use SUPERAntiSpyware - Downloads real time scanner (decline trial) then remove it from startup programs.

 

[Tousdae]

Thanks for the tip. I will check it out in 5. I still have this stinkin Trovi. I reinstalled Chrome becuz it plays best with FB games and there it was. I'm currently backing up the pc and I'm just going to do a reinstall of windows. You see how confused I get so I think this is my best option. Incredible that I picked this up by trying to download the right memory test thingy. How's that for ironic. smh

 

[gregrocker]

Always the best choice if you stick with the steps, tools and methods in http://www.sevenforums.com/tutorials/219487-clean-reinstall-factory-oem-windows-7-a.html#post1839164.

Those who do only stop back in to rave about their results and help others. Those who don't we see with problems regularly here. This is because the tutorial compiles everything that works best to the exclusion of what to avoid

 

[Tousdae]

Speaking of memory test thing, I bought a new video card and a bigger power supply (since my 350 couldn't support the new card) and no more black screen.

Whoa ... those are some steps! ... ok lol

Do I need to copy over the App Data folder to put back on the clean install?

Thanks

 

[gregrocker]

No, avoid AppData which is a corruption path.

 

[Tousdae]

Thanks!

 

[Tousdae]

... I reinstalled windows twice. Both time Trovi is here. ... wth!

 

[Slartybart]

See if this helps: How to remove Trovi Search (Virus Removal Guide)

Post the scanner logs here so members can check the results and advise further.

 

[Borg 386]

Possibly your Windows disk/image is corrupted with the malware, or there's a possibility that you have a rootkit, which can survive a clean install in some instances. Did you make the Windows disk/image on a clean PC? If you made it on the infected one, the image could become corrupted.

It also wouldn't hurt to run TDSSKiller just to be sure.

When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.

 

[Tousdae]

I've begun the process.

Last night after a clean install when I looked in the C drive it had items in there that have been long deleted. I never got a chance to put anything back on the pc so, I'm really confused about this.

Back to the tutorial. Thanks. I'm actually following along for now lol

 

[Tousdae]

Hi Borg. Continue with removal guide first? .. I do not know what you mean by "Did you make the Windows disk/image on a clean PC?" I stick the windows disk in the drive and we're on our way.