1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Badly Infected - Need Help Removing

Discussion in 'Virus & Other Malware Removal' started by OfficerBooty, Jan 3, 2015.

Thread Status:
Not open for further replies.
  1. OfficerBooty

    OfficerBooty Thread Starter

    Joined:
    Jan 3, 2015
    Messages:
    4
    Hello there! My name is Chris and I need a lot of help with removing viruses. Before we get started, and to make things easier, I'll paste my computer information below:

    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz, Intel64 Family 6 Model 42 Stepping 7
    Processor Count: 8
    RAM: 8139 Mb
    Graphics Card: Radeon (TM) HD 7470M, 1024 Mb
    Hard Drives: C: Total - 690371 MB, Free - 430754 MB; D: Total - 20768 MB, Free - 2208 MB; E: Total - 4054 MB, Free - 1092 MB;
    Motherboard: Hewlett-Packard, 17F9
    Antivirus: ThreatTrack Security VIPRE, Updated and Enabled

    I figured anyone helping me may want or need that sort of information. Now I read the first post about backing up information, but I'm actually so badly infected that I can't back up anything, nor do I have any resources to back anything into. I can't even create a restore point. With that aside, any of my documents, photos, music, and emails aren't important to begin with.

    Now then, I downloaded VIPRE a few months ago, but that was after the infected files were already on my computer. Whenever I try to delete one by using the "securely delete" option that VIPRE gives me, it doesn't work, as usual. I ran a free version scan with SpyHunter 4 and it found a whopping 98 viruses, which I'll list below now.

    Rogue.Windows Web Shield (1 infection)
    - [RV] {Rogue.Windows Web Shield} LowRickFile Types

    Trojan.Poweliks (3 infections)
    - [RV] {Trojan.Poweliks} 1803
    - [RV] {Trojan.Poweliks}
    - [RV] {Trojan.Poweliks} a

    Conduit Search/Toolbar (3 infections)
    - [D] {Conduit Search/Toolbar} Conduit
    - [D] {Conduit Search/Toolbar} SearchProtect
    - [D] {Conduit Search/Toolbar} Logs

    Search.ividi.org (2 infections)
    - [RK] {Search.ividi.org} ividi.org
    - [RK] {Search.ividi.org} plug-in

    Adtech (1 infection)
    - [C] {Adtech} JEB2.BSF8QV92.txt

    Advert (1 infection)
    - [C] {Advert} uuid.9IJQ4RXT.txt

    Adware Helpers (3 infections)
    - [RV] {Adware Helpers} {4d2d3b0f-69be-477a-90f5-fddb05357975}
    - [RV] {Adware Helpers} bprotectnewtabpageshow
    - [RV] {Adware Helpers} bprotectshowtabswelcome

    Adware.PassShow (5 infections)
    - [D] {Adware.PassShow} PassShow-soft
    - [F] {Adware.PassShow} 170.dat
    - [F] {Adware.PassShow} a.db
    - [F] {Adware.PassShow} b.db
    - [F] {Adware.PassShow} Sqlite3.dll

    Adware.PlayBryte (1 infection)
    - {Adware.PlayBryte} playbryte:prefs.js

    Adware.Superfish Window Shopper (6 infections)
    - [RK] {Adware.Superfish Window Shopper} superfish.com
    - [RV] {Adware.Superfish Window Shopper} NumberOfSubdomains
    - [RV] {Adware.Superfish Window Shopper} Total
    - [RK] {Adware.Superfish Window Shopper} www.superfish.com
    - [F] {Adware.Superfish Window Shopper} www.superfish[1].xml
    - [F] {Adware.Superfish Window Shopper} www.superfish[1].xml

    Adware.WebSpeed (5 infections)
    - [RK] {Adware.WebSpeed} tempo runner
    - [RV] {Adware.WebSpeed} Id
    - [RV] {Adware.WebSpeed} Index
    - [F] {Adware.WebSpeed} Tempo Runner
    - [F] {Adware.WebSpeed} Tempo Runner.job

    Blingee Plus Toolbar (1 infection)
    - [RK] {Blingee Plus Toolbar} blingee.com

    PUP.Reimage Repair (64 infections)
    - [F] {PUP.Reimage Repair} ttjVSXZ7O69.js
    - [F] {PUP.Reimage Repair} ttjAVFI3BAO.js
    - [F] {PUP.Reimage Repair} ttjAFXE4KXR.js
    - [F] {PUP.Reimage Repair} ttjC6O2ESWH.js
    - [F] {PUP.Reimage Repair} ttjGBJSKDCS.js
    - [F] {PUP.Reimage Repair} ttjMNBA2RG2.js
    - [F] {PUP.Reimage Repair} ttjO8A63DS8.js
    - [F] {PUP.Reimage Repair} ttjOSHWSOA1.js
    - [F] {PUP.Reimage Repair} ttjRJMCPKLI.js
    - [F] {PUP.Reimage Repair} ttj14P786Q3.js
    - [F] {PUP.Reimage Repair} ttjAEEJPAWS.js
    - [F] {PUP.Reimage Repair} ttjCTMBYAO3.js
    - [F] {PUP.Reimage Repair} ttjFFVDGDAK.js
    - [F] {PUP.Reimage Repair} ttjJOWD63AM.js
    - [F] {PUP.Reimage Repair} ttjLEPO7XSL.js
    - [F] {PUP.Reimage Repair} ttjPEU2IZPQ.js
    - [F] {PUP.Reimage Repair} ttjQZJVIXVF.js
    - [F] {PUP.Reimage Repair} ttjLDTSPZYF.js
    - [F] {PUP.Reimage Repair} ttj56A6HCAV.js
    - [F] {PUP.Reimage Repair} ttjI86GXUWK.js
    - [F] {PUP.Reimage Repair} ttjJXW49LER.js
    - [F] {PUP.Reimage Repair} ttjQ07KHKD2.js
    - [F] {PUP.Reimage Repair} ttjT0K3GKN3.js
    - [F] {PUP.Reimage Repair} ttjV51WEFNP.js
    - [F] {PUP.Reimage Repair} ttj[3].js
    - [F] {PUP.Reimage Repair} ttj[1].js
    - [F] {PUP.Reimage Repair} ttjN05WUWH1.js
    - [F] {PUP.Reimage Repair} ttj[6].js
    - [F] {PUP.Reimage Repair} ttjAQIILD0V.js
    - [F] {PUP.Reimage Repair} ttj38DN9SN3.js
    - [F] {PUP.Reimage Repair} ttjDZPB0L1V.js
    - [F] {PUP.Reimage Repair} ttj99LVQRNH.js
    - [F] {PUP.Reimage Repair} ttjCHKMCSQT.js
    - [F] {PUP.Reimage Repair} ttjALRQUOVU.js
    - [F] {PUP.Reimage Repair} ttj9S40AJBC.js
    - [F] {PUP.Reimage Repair} ttjGTZI1XUZ.js
    - [F] {PUP.Reimage Repair} ttj4EASPF07.js
    - [F] {PUP.Reimage Repair} ttjKXFDLUON.js
    - [F] {PUP.Reimage Repair} ttjRHTSBUZB.js
    - [F] {PUP.Reimage Repair} ttjS47DH395.js
    - [F] {PUP.Reimage Repair} ttjSDS53N6Q
    - [F] {PUP.Reimage Repair} ttjT0R7HWAU.js
    - [F] {PUP.Reimage Repair} ttjVSKYECG4.js
    - [F] {PUP.Reimage Repair} ttjAJ243ZV8.js
    - [F] {PUP.Reimage Repair} ttj6Y1LEZO4.js
    - [F] {PUP.Reimage Repair} ttjOSWQIU8P.js
    - [F] {PUP.Reimage Repair} ttj[1].js
    - [F] {PUP.Reimage Repair} ttj2GZSGHFO.js
    - [F] {PUP.Reimage Repair} ttjACVTG47J.js
    - [F] {PUP.Reimage Repair} ttjBRWHI1PU.js
    - [F] {PUP.Reimage Repair} ttjHCQZQUSR.js
    - [F] {PUP.Reimage Repair} ttjSNYJX4XN.js
    - [F] {PUP.Reimage Repair} ttjVEWEI06F.js
    - [F] {PUP.Reimage Repair} ttjW20ME9LK.js
    - [F] {PUP.Reimage Repair} ttjX7DGUM8F.js
    - [F] {PUP.Reimage Repair} ttjY7L74ERD.js
    - [F] {PUP.Reimage Repair} ttjFXVL2G62.js
    - [F] {PUP.Reimage Repair} ttj4UFWA9KT.js
    - [F] {PUP.Reimage Repair} ttjBO984QGX.js
    - [F] {PUP.Reimage Repair} ttjCTGD7UZ1.js
    - [F] {PUP.Reimage Repair} ttjT2H27XQG.js
    - [F] {PUP.Reimage Repair} ttjT7N26DFH.js
    - [F] {PUP.Reimage Repair} ttjXW4T4ZDI.js
    - [F] {PUP.Reimage Repair} ttjNA6A57SG.js

    Statcounter (2 infections)
    - [C] {Statcounter} is_unique
    - [C] {Statcounter} is_visitor_unique

    Aside from these viruses, I have a thing that's called dvdupgrd.exe and it's a virus in my System 32 folder. I can't delete it, but it's a big problem. Any and all help would be greatly appreciated. What brought my attention to this happened to be VIPRE blocking something from opening countless times. I also want to say that Google Chrome takes forever to load pages sometimes, and this has only happened about three to four days ago. Also, my games start lagging really badly, which is unusual for me. I lag, but I don't lag as bad as this.

    Thank you in advance and I hope we can resolve this issue quickly without ruining my computer.
     
  2. OfficerBooty

    OfficerBooty Thread Starter

    Joined:
    Jan 3, 2015
    Messages:
    4
    I also forgot to mention that I'd like to avoid completely erasing my computer and starting over from scratch, if possible.
     
  3. BrianDrab

    BrianDrab

    Joined:
    Oct 22, 2014
    Messages:
    173
    Hi. My name is Brian, and I would be happy to look into your issue.

    I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


    - General Instructions -

    • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
    • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
    • Any fixes provided by myself are for this log file only and should not be used on any other systems.
    • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
    • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
    • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
    • Please feel free to ask any questions, especially if you are having problems with my instructions.

    - Save ALL Tools to your Desktop-

    All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

    Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
    [​IMG]Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.[​IMG] Choose Settings. at the bottom of the screen click the
    "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
    [​IMG]Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. [​IMG] Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
    and the click the "Select Folder" button. Click OK to get out of the Options menu.
    [​IMG]Internet Explorer - Click the Tools menu in the upper right-corner of the browser. [​IMG] Select View downloads. Select the Options link in the lower left of the window. Click Browse and
    select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
    NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

    - Finally Before We Start-

    Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.





    OK, let's see if we can get you cleaned up. Are you able to do the following to get logs?

    Step#1 - FRST Scan

    1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
    2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
    3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
    4. Press Scan button.
    5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
    6. Please copy and paste log back here.
    7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1140495

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice