Jump to content

Trovi and other junk


Harrison

Recommended Posts

So last night I left my PC on and went away for about 4 hours. No, I was not browsing porn at the time I went AFK. 

I came back and my laptop wouldn't boot up. I had to plugin my power cord to start it up. battery was at 16%, though. Then pops up a failure to start and pc repair window (the kind that doesn't load windows fully) It looks like win 98. I restored windows to a "previously working point in time" and went on. 

Then I ran MBAM out of curiosity. I found trovi and other malware. Obviously i attempted to remove them all. I was prompted to restart for full removal so I did, BUT after 30 mins of waiting I decided to go ahead and restart while it still said "shutting down" still.

My real problem is that I can't remove trovi and the other crap again. I can't even find it. I don't have the logs to show you either. 

How can i fix this?

Link to post
Share on other sites

I actually did find the log with torvi in it. 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/15/2014
Scan Time: 12:55:05 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.15.03
Rootkit Database: v2014.09.13.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Harry S
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 396212
Time Elapsed: 19 min, 41 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-313453830-395109726-2256184908-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [35f640ad32495fd76cecbacadb27b24e], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 13
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nsbF7B2.exe, Quarantined, [b279cd207ffccb6be651038fcf326a96], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nsbFDCB.exe, Quarantined, [b7743faea1da5bdb51e6543e6d9412ee], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nskBC80.exe, Quarantined, [8aa126c74635c6702e09dcb6a061d32d], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nsl7FDE.exe, Quarantined, [0526df0ec6b593a3e1560f835fa242be], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nsl850D.exe, Quarantined, [919ad5186219e94df4436032d72a8f71], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nslE691.exe, Quarantined, [46e545a8e09ba591ec4bfc9651b0b34d], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\nsv7A03.exe, Quarantined, [15167875ec8f1521b18697fb4bb68b75], 
PUP.Optional.SearchProtect.A, C:\Users\Harry S\AppData\Local\Temp\sp-downloader.exe, Quarantined, [d15a7b72d1aad363e938424fc73a06fa], 
PUP.Optional.Conduit.A, C:\Users\Harry S\AppData\Local\Temp\~nsu.tmp\Au_.exe, Quarantined, [89a2519ccead49ed1423eba7d32eb34d], 
PUP.Optional.OpenCandy, C:\Users\Harry S\AppData\Local\Temp\nsa5E86.tmp\OCSetupHlp.dll, Quarantined, [b972b23beb90c07674c327fc2fd6dc24], 
PUP.Optional.OpenCandy, C:\Users\Harry S\AppData\Local\Temp\nsv7B49.tmp\OCSetupHlp.dll, Quarantined, [6ebd5d90f982e84e49ee4dd631d4857b], 
PUP.Optional.OpenCandy, C:\Users\Harry S\Downloads\PowerISO6-x64.exe, Quarantined, [d556a647592286b02c0bc06306ff6d93], 
PUP.Optional.Trovi.A, C:\Users\Harry S\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (         "new_tab_url": "https://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M188E8FB8-2685-49F7-8FB0-10152F539FC0&SearchSource=69&CUI=&SSPV=SP21715TB_sp_ch&lay=5&p=cnts&UM=6&UP=SPCE0592D8-C338-43FF-8AF4-F00CF22809E1&SAT=CNTS",), Replaced,[4dde94594a3164d2e7c97fb234d1e21e]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

  • 2 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.