TechSpot

Went thru 8 steps last night..

By csphillips26
Dec 20, 2009
  1. Last night my cpu got attacked by the "antivirus live" virus. It blocked me from accessing all apps, but I used instructions from another site to kill it from popping up & blocking me to do things. Then I came on this site & went through all 8 steps as outlined here: http://www.techspot.com/vb/topic58138.html
    The last instruction was to post the 3 logs, which is what I am doing now. Everything seems to be fine as of now. Internet Explorer is working normally (except sometimes it stops responding & freezes, but it has always occassionally done that). I just want to be sure everything is off & my computer is clear. Thanks
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Welcome to TechSpot, csphillips26 and thank you for following our steps> I'd like to take you a bit further to make sure all the infected processes were found and removed. For the freezing, since that is not a new problem, you might want to work on that in the Windows Os forum.

    I will put a guess out though that it's because you use up all of your available RAM. Then the system freezes, you have to reboot and that frees up the RAM and starts the cycle again. You have SO many processes starting on boot and they will continue to run in the background. After you've surfed for a while, you get a load of temporary internet files on top of that. Windows XP needs a minimum of 512MB. But I doubt that would be enough to handle all you have.

    To finish up on the malware:
    Download SDFix HERE and save it to your Desktop.
    • Double click SDFix.exe and it will extract the files to %systemdrive%
      (Drive that contains the Windows Directory, typically C:\SDFix)

      Boot into Safe Mode
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

      Run SDFix
    • Open the extracted SDFix folder and double click RunThis.bat to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    • Attach Report.txt back here
    Run Eset NOD32 Online AntiVirus Scanner HERE

    Note: You will need to use Internet Explorer for this scan.
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    You have Viewpoint Media Player installed on your system. This program is not malware but it is foistware in that it is usually installed without the user's knowledge or approval, and for this reason I recommend you remove it. If you actually use this program, I recommend you try using safe and free alternatives such as VLC Media Player:

    To remove, find and remove Viewpoint Media Player

    Boot into Safe Mode
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
    • Click on Start > Run and type: services.msc> OK
    • Click the "Extended tab".
    • Scroll down the list and find the service called "Viewpoint Manager Service"
    • When you find the service, double-click on it.
    • In the Properties Window > General Tab that opens, click the "Stop" button.
    • From the drop-down menu next to "Startup Type", click on "Disabled".
    • Now click "Apply", then "OK" and close any open windows.
    • Click on Start > Settings > Control Panel >Add/Remove Programs
    • Highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.

    Finally, delete the following folders if they still exist: Open Windows Explorer> Programs:
    C:\Program Files\ViewManager\ <-- and delete this folder
    C:\Program Files\Viewpoint\ <-- and delete this folder

    Empty the Recycle Bin

    When you have finished, please leave the report from SDFix and the Eset log in your next reply.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.