System restore

By some other dude · 11 replies
Jan 2, 2009
  1. I had a virus yesterday and now I'm not sure if I'm clean or not I used a combo of spybot snd, spyware doctor, and Malwarebytes' Anti-Malware. I used SuperAntiSpyware Home Edition Free Version free edition but that came back clean I also used SmitfraudFix in safe mode. I have some of the logs but not all of them I can post them if you like. I tried to do a system restore to a point before a got the virus and when the pc reset it said restore incomplete no chages made. I made a restore ponit today to test, and that restore point worked. Does this mean that I'm clean and the older restore point is just corrupt?

    Also I'm attaching my current system scan with hijackthis.

    Attached Files:

  2. rev_olie

    rev_olie TS Guru Posts: 560

    Welcome to Techspot

    Please follow my exact instructions.

    1, you are infected with Viewpoint. Although its not considered bad it usually installs without your prior notice.

    Download Viewpoint killer from here

    Unzipp and run and follow the instructions

    Then to check,
    1) Right-click on the clock in your task bar and choose Task Manager
    2) Click on the Processes tab and search for VIEWMGR.EXE, if its found, click on it and then click End Task to close it
    3) Click on Start, Control Panel, Add/Remove Programs
    4) Uninstall any of the following programs associated with Viewpoint

    * Viewpoint Manager
    * Viewpoint Media Player
    * Viewpoint Toolbar

    5) Close the Add/Remove Programs and Control Panel
    6) Restart your computer

    Please complete the 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
    Post fresh Superantispyware and Malwarebytes logs.

    Download and run SDfix from here

    Then follow the instructions HERE

    Then post a reply with:
    • A FRESH hijack this log
    • Malwarebytes log
    • the SDfix log
    • Superantispyware log
  3. Ultiweap

    Ultiweap TS Enthusiast Posts: 606

    Don't think that making a system restore will remove a virus as a virus is a or some files on your HDD and also some files are processes. So sometimes making a system restore may delete it but rarely it do. So the best way to remove virus is Antivirus software, spyware software etc...
  4. some other dude

    some other dude TS Rookie Topic Starter

    Thankyou so much for your replies I'll give your instructions a try
  5. Ultiweap

    Ultiweap TS Enthusiast Posts: 606

    You're welcome mate.

    Also try to put AVG on your PC or Avira Antivir Free Edition.
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    some other dude, it is never a good idea to do a System Restore when there has been malware. At the end of cleaning a system, we remove all the old restore points and create a new one.

    Viewpoint isn't an infection. We usually recommend it being removed however as it is considered foistware:

    Update Java:
    Update Adobe:
    Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.
    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot into Safe Mode:.
    You system has to be running slow. You have too many programs running, too many processes loading. If you want to speed it up:

    Start> Run> msconfig> enter> Selective Startup> Startup tab> UNCHECK everything except the Trend Micro antivirus program> Apply> OK.

    Start> Run> services.msc> right click on Viewpoint Manager Service> Properties> Change the Startup type to Disabled> Stop the service

    Control Panel> Add/Remove Programs> Uninstall any of the following:
    Reboot the computer into Normal mode. You will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.

    Please update and scan with Malwarebytes, SuperAntispyware, follow with new HijackThis and attach all three logs.

    DO NOT use System restore.
  7. some other dude

    some other dude TS Rookie Topic Starter

    I turned off my system restore, and here's my new logs I haven't tried your advice yet Bobbye but I think Viewpoint is uninstalled already, and my pc doesn't seem slow to me I'm trying to make sure it's not infected, I don't feel the need to speed it up.

    anyway here are the logs rev_olie asked for

    I know I shouldn't double post but do these logs say if I'm I o.k, or is their still an infection lurking around that these scanners couldn't pick up. The suspense is killing me, lol.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Apparently the other member who was helping has gone elsewhere. Hope you don't mind- I took a few hours off to sleep!

    The logs are clean.
    This entry remains:
    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)

    You have not updated Adobe as instructed.
    You are still running BitTorrent

    If all you care about is malware and not the overall health of your system, you're through.

    Remove the cleaning tools:
    Clear system restore points

    If you still have the problem with System Restore, it is likely because you don't have the available 'space':
    System Restore Troubleshoot:

    Boot into Safe Mode: Start> Run> cmd> type in:

    which is the Restore program, it will prompt with Create vs Restore and you can pick
    a Restore point.
  9. some other dude

    some other dude TS Rookie Topic Starter

    Sorry for being inpatient. Thank you for the help, as long as the malware is gone then I fine. I will uninstall Adobe Reader reader and replace it with FoxIt Reader, bittorrent is going to go as well I just haven't gotten around to it yet. Right now just want the malware to be gone. I haven't turned system restore on to test it yet but I have 163 GB of free space, so I don't think theirs a disk space problem.
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    You must have edited your post- we use the cleaning program because it will remove all the entries from the cleaning programs.

    Let us know if you need any more help.
  11. some other dude

    some other dude TS Rookie Topic Starter

    I did edit my post because when you were talking about removing cleaning tools I thought you meant Superantispyware and malwarebytes, but I tried OTCleanIt and now I see you meant and I see you meant things like sdfix and viewpoint killer. Well at least that's what I think it cleaned.
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    No, actually it should remove all the cleaning program you downloaded.

    It's pretty spooky when I get the feedback in email and go to the board and the post if missing! That's what happened with your comment- saw it in email, but gone on the board.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...