also @ TechSpot: Android 4.0: Tracking Ice Cream Sandwich's Availability on Smartphones

TechSpot

Need help with winh32

Discussion in 'Virus and Malware Removal' started by spark plugs., Dec 3, 2007.

Thread Status:
Not open for further replies.

  1. spark plugs. Newcomer, in training

    I hope someone can help me remove a virus from a computer. its running windows XP.

    anti-virus captures winh32.exe as a trojan (among other things). It keeps showing up. the desktop background is being changed to a screen which says "Warning! Spyware threat has been detected on your PC." it goes on to say that unauthorized access was gained by another computer. I cannot bring up the task manager because the option is greyed out (spybot found the reg key which is doing this, but it reappears after being removed) I am also getting pop ups and security warnings in the taskbar. one of the pop-ups is a suspicious looking window with poorly formatted graphics, it has links to some pay-ware anti-spyware stuff.

    I have run spybot and adaware, it has avg antivirus. I will post the hijack this and combofix logs below. I would greatly appreciate any help anyone could offer to clear this computer.
    spark plugs., Dec 3, 2007
    #1

  2. momok Newcomer, in training

    Hi spark plugs and welcome to techspot. =)

    It appears your system is most likely infected with some rogue anti-spyware.
    I suggest you do the following before doing anything else

    Important: Please read this thread HERE before deciding if you should CLEAN or FORMAT your system

    Should you decide to that cleaning your system is the best option, please go to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given.
    Do follow all the instructions exactly.

    Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.

    Our experts here will tend to your queries thereafter.

    Also, please provide the results of the Antirootkit scan


    Regards,
    momok =)

    This thread is for the use of spark plugs only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    momok, Dec 3, 2007
    #2

  3. spark plugs. Newcomer, in training

    i am currently running an avg scan to get the log, please post when available.
    spark plugs., Dec 3, 2007
    #3

  4. spark plugs. Newcomer, in training

    panda shows that there are no rootkits
    spark plugs., Dec 3, 2007
    #4

  5. Jase123 Banned

    Good!

    Now just post the 3 requested logs. :)

    Regards Jason :)
    Jase123, Dec 3, 2007
    #5

  6. spark plugs. Newcomer, in training

    just waiting for avg to finish scanning. it is quite slow. ;)
    spark plugs., Dec 3, 2007
    #6

  7. evilfantasy Banned

    The HijackThis scan needs to be ran after all other cleaning is done. Running it before will show entries that have been removed by other tools.
    evilfantasy, Dec 3, 2007
    #7

  8. spark plugs. Newcomer, in training

    new hijackthis file uploaded
    spark plugs., Dec 3, 2007
    #8

  9. evilfantasy Banned

    Is the AVG done yet?

    The combofix log is bad, but we need to wait on AVG to finish and see the log.
    evilfantasy, Dec 3, 2007
    #9
Thread Status:
Not open for further replies.