Virus, Delete it and keep going or Fully Reinstall Windows 7

[Yun4xGaming]

Today after my pc started having randomly hard problems i scanned my pc with kaspersky and malware bytes and found some viruses (trojan) ive delted them via malware bytes free version and now i can't decide if i should fully reinstall win 7 or keep going. and if i reinstall windows 7 will be my game settings (mouse sensitivity) deleted? And if i reinstall windows 7 i have to download 163gb of games with 1mb/s

[qwertywarrior]

when my cousin uses my pc and i find spyware adware etc

 

i just do a fresh install because those things are hard to remove

[helping]

If your computer is no longer acting strangely, there is no need to reinstall.

[Yun4xGaming]

If your computer is no longer acting strangely, there is no need to reinstall.

it feels normall but im scared that there could be a hidden virus

[helping]

it feels normall but im scared that there could be a hidden virus

Unless you've been looking at some really freaking stuff online or digging for pizza on limewire, you should be ok if Kaspersky checks out.

[Yun4xGaming]

Unless you've been looking at some really freaking stuff online or digging for pizza on limewire, you should be ok if Kaspersky checks out.

Kaspersky didn't find the virusses, malware bytes did

[helping]

Kaspersky didn't find the virusses, malware bytes did

Do you have a log of the files and or executables?

[Yun4xGaming]

Do you have a log of the files and or executables?

i have from malwarebytes but in german.

1.Log

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Datenbank Version: v2013.09.18.09

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Flusis :: FLUSISPC [limitiert]

18.09.2013 19:03:57

mbam-log-2013-09-18 (19-03-57).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 596190

Laufzeit: 59 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3

C:\Users\Flusis\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Flusis\AppData\Roaming\OpenCandy\46D6C9975919491A9AC3285A72E5A884 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Flusis\AppData\Roaming\OpenCandy\OpenCandy_46D6C9975919491A9AC3285A72E5A884 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 6

C:\Users\Flusis\AppData\Local\Temp\MZwgbKdw.exe.part (PUP.Optional.Amonetize.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Flusis\AppData\Local\Temp\vc4YCpiS.exe.part (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

D:\Microsoft Flight Simulator X\Qualitywings\qwings.dll (Trojan.Scar) -> Erfolgreich gelöscht und in Quarantäne gestellt.

D:\Microsoft Flight Simulator X\SimObjects\Airplanes\CS_B707-300\panel\captainsim.707.&.vc-137.expension-patchV2.exe (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Flusis\AppData\Roaming\OpenCandy\46D6C9975919491A9AC3285A72E5A884\TuneUpUtilities2013_2200212_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

2.Log/Scan after deleting virus

Malwarebytes Anti-Malware (Test) 1.75.0.1300

www.malwarebytes.org

Datenbank Version: v2013.09.18.09

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Flusis :: FLUSISPC [limitiert]

Schutz: Aktiviert

18.09.2013 20:10:37

mbam-log-2013-09-18 (20-10-37).txt

Art des Suchlaufs: Flash-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: Registrierung | Dateisystem | P2P

Durchsuchte Objekte: 190907

Laufzeit: 20 Sekunde(n)

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)

(Ende)

3.Log, this one isn't a viruss it tought DayzCommander is spyware

2013/09/18 20:10:03 +0200    FLUSISPC    Flusis    MESSAGE    Starting protection

2013/09/18 20:10:03 +0200    FLUSISPC    Flusis    MESSAGE    Protection started successfully

2013/09/18 20:10:03 +0200    FLUSISPC    Flusis    MESSAGE    Starting IP protection

2013/09/18 20:10:04 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection started successfully

2013/09/18 20:11:28 +0200    FLUSISPC    Flusis    MESSAGE    Executing scheduled update:  Daily

2013/09/18 20:11:33 +0200    FLUSISPC    Flusis    MESSAGE    Scheduled update executed successfully:  database updated from version v2013.09.18.09 to version v2013.09.18.10

2013/09/18 20:11:33 +0200    FLUSISPC    Flusis    MESSAGE    Starting database refresh

2013/09/18 20:11:33 +0200    FLUSISPC    Flusis    MESSAGE    Stopping IP protection

2013/09/18 20:11:33 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection stopped successfully

2013/09/18 20:11:35 +0200    FLUSISPC    Flusis    MESSAGE    Database refreshed successfully

2013/09/18 20:11:35 +0200    FLUSISPC    Flusis    MESSAGE    Starting IP protection

2013/09/18 20:11:36 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection started successfully

2013/09/18 20:17:13 +0200    FLUSISPC    Flusis    IP-BLOCK    222.186.42.160 (Type: outgoing, Port: 59640, Process: dayzcommander.exe)

2013/09/18 20:17:13 +0200    FLUSISPC    Flusis    IP-BLOCK    46.252.132.181 (Type: outgoing, Port: 60098, Process: dayzcommander.exe)

2013/09/18 20:17:13 +0200    FLUSISPC    Flusis    IP-BLOCK    217.199.218.245 (Type: outgoing, Port: 60132, Process: dayzcommander.exe)

2013/09/18 20:17:21 +0200    FLUSISPC    Flusis    IP-BLOCK    193.106.172.115 (Type: outgoing, Port: 60887, Process: dayzcommander.exe)

2013/09/18 20:17:21 +0200    FLUSISPC    Flusis    IP-BLOCK    46.252.132.181 (Type: outgoing, Port: 61391, Process: dayzcommander.exe)

2013/09/18 20:17:29 +0200    FLUSISPC    Flusis    IP-BLOCK    193.106.172.115 (Type: outgoing, Port: 61665, Process: dayzcommander.exe)

2013/09/18 20:17:37 +0200    FLUSISPC    Flusis    IP-BLOCK    222.186.42.178 (Type: outgoing, Port: 62538, Process: dayzcommander.exe)

2013/09/18 21:00:54 +0200    FLUSISPC    Flusis    MESSAGE    Stopping IP protection

2013/09/18 21:00:55 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection stopped successfully

2013/09/18 21:00:55 +0200    FLUSISPC    Flusis    MESSAGE    Starting IP protection

2013/09/18 21:00:56 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection started successfully

2013/09/18 21:01:51 +0200    FLUSISPC    Flusis    IP-BLOCK    46.252.132.181 (Type: outgoing, Port: 59796, Process: dayzcommander.exe)

2013/09/18 21:01:51 +0200    FLUSISPC    Flusis    IP-BLOCK    217.199.218.245 (Type: outgoing, Port: 59829, Process: dayzcommander.exe)

2013/09/18 21:01:57 +0200    FLUSISPC    Flusis    MESSAGE    Stopping protection

2013/09/18 21:01:57 +0200    FLUSISPC    Flusis    MESSAGE    Protection stopped successfully

2013/09/18 21:01:57 +0200    FLUSISPC    Flusis    MESSAGE    Stopping IP protection

2013/09/18 21:01:57 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection stopped successfully

2013/09/18 21:02:08 +0200    FLUSISPC    Flusis    MESSAGE    Protection stopped

2013/09/18 22:02:17 +0200    FLUSISPC    Flusis    MESSAGE    Starting protection

2013/09/18 22:02:17 +0200    FLUSISPC    Flusis    MESSAGE    Protection started successfully

2013/09/18 22:02:17 +0200    FLUSISPC    Flusis    MESSAGE    Starting IP protection

2013/09/18 22:02:18 +0200    FLUSISPC    Flusis    MESSAGE    IP Protection started successfully

 

[CleanerTax]

Kaspersky didn't find the virusses, malware bytes did

You should try out Symantec Endpoint Protection, that thing is just awesome

[Yun4xGaming]

You should try out Symantec Endpoint Protection, that thing is just awesome

I'l check it out!

[niksuto]

download Netbalancer and check if there are weird incoming/outgoing connections. if there's strange stuff uploading or downloading you can always block it.. then you at least don't have it uploading or tracking your passwords or whatever.

[Yun4xGaming]

download Netbalancer and check if there are weird incoming/outgoing connections. if there's strange stuff uploading or downloading you can always block it.. then you at least don't have it uploading or tracking your passwords or whatever.

Thx downloading it right now

[Godlygamer23]

You can also use some kind of anti-virus that allows for a boot time scan. This way the virus can't initalize and make itself hidden.

[helping]

snip

 

Odd that Kaspersky didn't pick up on it since it seems well known. Wait a few more days to see if your PC acts normally and then do another scan in safe mode to confirm. If everything appears to be normal and Mbam produces another negative scan, you should be fine.

 

Boot into safe mode now and run a scan.

download Netbalancer and check if there are weird incoming/outgoing connections. if there's strange stuff uploading or downloading you can always block it.. then you at least don't have it uploading or tracking your passwords or whatever.

also monitor your traffic to be sure.

[Yun4xGaming]

You can also use some kind of anti-virus that allows for a boot time scan. This way the virus can't initalize and make itself hidden.

you know any antivirus capable of that?

[Godlygamer23]

Avast is capable of that. The free version has that functionality.

[Yun4xGaming]

Avast is capable of that. The free version has that functionality.

Thanks i download it

[Godlygamer23]

If you need any help navigating it, PM me. I'll help you as soon as I see the message.

[Yun4xGaming]

my traffic looks like this right now, is this good?

 

[GoodBytes]

Once you have a virus, meaning one that have infected your system, the damage is done. The Anti-virus will remove it to avoid further or possible propagation of it from your system, but any system file replaced or damaged, is done. Anti-Viruses can't fix that. You need to format and re-install.

 

Alternatively you can bring your computer back in time before the infection with System Restore.

[Raboo]

Looks good.

[Godlygamer23]

Looks okay to me.

[Yun4xGaming]

Once you have a virus, meaning one that have infected your system, the damage is done. The Anti-virus will remove it to avoid further or possible propagation of it from your system, but any system file replaced or damaged, is done. Anti-Viruses can't fix that. You need to format and re-install.

 

Alternatively you can bring your computer back in time before the infection with System Restore.

So il reinstall windows 7 then tmorrow when i have time, but in the logs the system files werent attacked. so if my pc is stable should i just let it how it is or still reinstall?

[Kuzma]

Malbytes Anti-malware, Spybot Search and Destory and AVG are the only two anti-virus/malware's that I trust all in combination that is - mostly due to the fact that they're the only programs I had to think about when I was making virus' a few years back but it may have changed since then.