Help strange virus

Status
Not open for further replies.
D

D@nny

Posts: 176   +0
For a week now I think my computer has a virus yet avg and clamwin free anti virus don't pick anything up when scanning.Adaware picks up this thing with a tac rating of 7 that is always there no matter how many times I scan but i'v had that even before the problem. Which brings me to my problem after the computer is on for an hour or so everything starts working . I click firefox or IE or a exe application like a game or aim and nothing opens up not even cntrl alt delete. Now lets say firefox was already open or IE then I can continue to browse them but if I close out I can't open anything back unless I reboot. Any ideas on how I can get rid of this bug? And is it a virus or a reoccurring computer glitch like a BSOD?
Can someone give me some advice that doesn't have to do with system restoring [ can't it was turned off :(] and reformatting the computer?
 
Hi D@nny and welcome to techspot. =)

Very Important: Please read this thread HERE before you decide whether to clean or reformat your system. < Read it first. Don't just go ahead and think about cleaning.

Should you decide to clean your computer, please go ahead to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given. Do follow all the instructions exactly. They will provide logs for analysis of your system so I will know how to instruct you to proceed.

Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.

Also, please let me know the results of the AVG Antirootkit scan


Regards,
Your friendly momok =)

This thread is for the use of D@nny only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I did the online scan and finished it this time It found like 3 things and html cookies and after the scan the problem hasn't showed up again. I tried doing a scan again but it wouldn't start up that time. I also downloaded AVG rootkit which is supposed to flush out any key loggers in my computers system right?
 
The AVG Antirootkit programme is as it`s name implies, supposed to check your system for the presence of rootkit infections.

Unless you follow all the instructions and post the requested logfiles, there`s no way for us to know if your system is clean or not. ;)

Regards Howard :)

This thread is for the use of D@nny only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
nope problems still there and trend micro scan always freezes and just stays in one spot when it starts scanning now. I'v become very reluctant in finding this virus if it even is one since that virus scanner didn't remove it. Unless it came back again is there anything else you know of that can be causing my computer to just freeze up any not open up any programs?
Just did a fresh restart and the problems are happening already my computer doesn't open up and IEexplore doesn't want to load up any webpage. Everything can't even move hijack this off of my desktop. Is there a way to have the internet working in safe mode?
 
I placed hijack.exe in my programs and renamed it to anaylze.exe and scanned. Here's the result hope this helps. Now that I have avg 7.5 anti-spyware should I remove my avg 7.5 control/test center program? I have it turned off.


Edit: And here's combofix

combo fix log
 
You have not posted an AVG antispyware log. Please do so in your next reply.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Viewpoint
Viewpoint manager
Viewpoint Toolbar

Close control panel.

Click start/run and type services.msc into the run box and press the enter key.

When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

Viewpoint Manager Service

Close the services window.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ViewMgr.exe
ALCMTR.EXE

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll

O3 - Toolbar: (no name) - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - (no file)

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O24 - Desktop Component 1: Warning homepage - C:\WINDOWS\warnhp.html

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\warnhp.html
C:\Program Files\Viewpoint<Delete the entire folder.
C:\windows\ALCMTR.EXE
C:\Program Files\Common Files\Viewpoint<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Post a fresh HJT log as well as an AVG Antispyware log.

Regards Howard :)

This thread is for the use of D@nny only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I'm going to try and run the adaware se / avg anti virus in safe mode and see if it gets rid of the win hound virus
 
you should leave avg to scan until it finishes, it can take up to about 2 hours. also don't uninstall or turn off avg anti virus. the anti virus and anti spyware programs are totally different things.
 
Click start/run and type regedit into the run box and press the enter key. When the window appears maximise it. Click file/export and save a copy of your registry to wherever you want.

Click edit and choose find. Type WinHound.com into the dialogue box and click the find next button. Regedit will now search your registry for any entries that contain a reference to WinHound.com and display them in the righthand pane. Right click on any such WinHound.com entries and choose delete.

Now click edit again and choose find next. Again, delete any entries that reference WinHound.com.

Repeat the above, until no more WinHound.com entries are found.

Then post the Requested logfiles.

Regards Howard :)

This thread is for the use of D@nny only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
it seems like the virus only grows stronger as my options grow smaller and smaller. I can't delete the winhound.com folder "Error while deleting key" and avg antispyware freezes when trying to quarantine it and ADAWARE finds psyguard every time during a safe mode scan but can't seem to get rid of it each time just finding it again. My computer continues to grow unresponsive it probably is right now...Any more ides Howard?
 
hi D@nny.
the people that are working on are extremely good at what they do. nevertheless, i will add another two penneth, have you tried deleting in safe mode, and have you switched off systems restore ? if i have overlooked these in previous postings , my excuse is it was a quick read i done.
here are a couple of links. in the instructions they refer to 'ewido', but it is now known as 'avg anti-spyware'.
I'm sure that the help you are getting is as good as information in these links, or perhaps you may be just missing something in the clean-up.
http://www.superantispyware.com/?tag=DEFINITION

http://www.spywareremovalnews.com/sitemap1.htm
 
Go HERE and follow the instructions for removing Winhound.

Post a fresh HJT and AVG Antispyware log once done.

Regards Howard :)

This thread is for the use of D@nny only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Howard reading what you posted in your link it seems like winhound is just there to deliver fake warnings onto my computer? Could it be making my applications stop working? I'm going to try and get rid of it after this restart since my computer is frozen once again. Feels like I have to restart 10 times a day now because of this virus.
 
Winhound like so many rogue antivirus/antispyware programmes, issues fake warnings in order to try and make you buy the programme. It`s definitely nasty and needs getting rid of asap.

Once you`ve completed the removal instructions be sure to post the requested logfiles.

Regards Howard :)

This thread is for the use of D@nny only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
well I did this and I guess it's gone because avg antispyware no longer picks it up in a scan like it used to. Unfortunately :( though programs still stop to open up on my computer at random intervals causing me to restart and I know it's not good for a computers life span if you keep shutting it off and on , right? Any other ideas?
 
same old same old. This virus seems to work at random. I'm starting to think could it be a hardware malfunction , some possible way. Or maybe it's not a virus but a certain program glitching up that causes the computer to freeze up opening other things. I'v noticed when it happens not even cmd prompt will open up. Here's the requested log files , Howard.
Appreciate you going through them but I'm starting to doubt there still is a virus and maybe im just dealing with the irreparable damage it caused.
 
Wow, good find! Man now I'm all excited thinking this could makethe problem just disappear.Guess I'll have to wait and see.
Edit: No it doesn't look like it fixed the problem.
 
Hi,

Howard is away for a few weeks, meanwhile I'll help you with this problem. I need you to post a fresh AVG antispyware log, HijackThis log as well as a ComboFix log please.

Please also run AVG Anti Rootkit via Step 11 of the instructions HERE. Let me know the results of the scan.


Regards,
Your friendly momok =)

This thread is for the use of D@nny only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
here's the hijack this log. AVG was posted above and avg rootkit congratulated me saying no rootkits were found in my system.
 
Hi,

You have not posted a fresh ComboFix log. Please do so in the next post.

Meanwhile have HijackThis fix this entries:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.printme.com/support/adobe/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 88.116.69.154:8080
O4 - Global Startup: Remocon Driver.lnk = ?

Regards,
Your friendly momok =)

This thread is for the use of D@nny only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

M
Virus warning popup
Replies
1
Views
539
Mark Fuller
M
Jess_123
My num pad + doesn't work ...
Replies
0
Views
277
Jess_123
Jess_123
Mickey1
PC Freezes & won't open anything
Replies
3
Views
523
info12345
info12345

Latest posts

Back