Winfixer 107 - Trojan

[pammy]

aaaaaaaaaaaargh - don't know how - but I seem to have picked up or been given a trojan. Nothing I've got can get rid of it. Help? Words/actions of one syllable please.

It seems to be Winfixer 107 - but Adaware, Spybot say they've fixed it - but it's still there.

 

[Pietre]

Have you tried AVG? its a free download

 

[Pietre]

Have sent you a PM with the link for free download latest version.

 

[pammy]

Already done that P Have used AVG for years and never had a thing.

Thanks anyway

 

[Pietre]

http://www.pctools.com/spyware-doctor/?ref=google_th

It says this removes Winfixer and its free.

 

[neilrr]

Where'd you pick that one up Pammy!!!!?????

 

[masqueraid]

The most common causes of winfixer popups is Vundo infection, have you tried either of these fixes below?

1. Please download VundoFix.exe to your desktop.
http://www.atribune.org/ccount/click.php?id=4
Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less.
Click OK
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.

2. Download VirtumundoBegone from here:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
and save it to your desktop. When you have done this doubleclick on VirtumundoBeGone.exe and follow the instructions. When it has finished, reboot. Do not worry if you see a BLUE SCREEN "Fatal Error" Message, it is normal and expected.

 

[pammy]

Where'd you pick that one up Pammy!!!!?????

I have no idea!! Might not even have been me - could have been one of the kids - but I just don't know. It's getting to be a real pain though!

 

[pammy]

Thanks masqueraid - mmmmmm - weird - I ran both those checkers and they found nothing and it's started behaving itself!! all of a sudden. Yet my Photoshop won't work saying it's got an unrecovrable error - end of!

If anyone else has any ideas - please do let me know.

 

[Flash]

I used to use AVG (Free Edition) - unfortunately, it failed to protect me and I ended up having to do a complete rebuild of my PC and was fortunate because I had made a backup of all my data. I've now invested in Norton AV 2006 and the amount of times it has protected my PC has been incredible - most of the Viruses/Trojans are put into the vault and fixed.

If you can Pammy just make sure you have a back up of all your data and do a rebuild and if possible get Norton AV 2006 if you continue to experienc further problems with your PC.

 

[masqueraid]

Pammy, sorry, looks like Vundo has also messed the Photoshop Elements settings on your PC, you may need to do a repair install to get it afloat again .

If you're feeling brave you could download and install HiJackThis! which will help check if all the nasties have gone. Please don't use it to do anything other than scan your computer unless you are certain what you are doing but you're welcome to PM me the scan result.

There are lots of particularly malevolent programs out there at the moment which bury themselves deep in the computer and refuse to come out Vundo is one and I've just had to sort out another (smitfraud) which does much the same thing.

They are however on the whole installed programs which users have run themselves. They tend to masquerade as helpful programs or even free spyware tools and are more often spread by file sharing than email.

I suppose the bottom line is if you are presented with a program you are being asked to install and are unsure of its origin check the source before doing anything - no matter how useful it sounds. They take about 15 seconds to install and a couple of hours to remove!

 

[pammy]

Pammy, sorry, looks like Vundo has also messed the Photoshop Elements settings on your PC, you may need to do a repair install to get it afloat again .

If you're feeling brave you could download and install HiJackThis! which will help check if all the nasties have gone. Please don't use it to do anything other than scan your computer unless you are certain what you are doing but you're welcome to PM me the scan result.

There are lots of particularly malevolent programs out there at the moment which bury themselves deep in the computer and refuse to come out Vundo is one and I've just had to sort out another (smitfraud) which does much the same thing.

They are however on the whole installed programs which users have run themselves. They tend to masquerade as helpful programs or even free spyware tools and are more often spread by file sharing than email.

I suppose the bottom line is if you are presented with a program you are being asked to install and are unsure of its origin check the source before doing anything - no matter how useful it sounds. They take about 15 seconds to install and a couple of hours to remove!

Fortunately - I'm pretty watchful for what I install and don't accept any pop-up unless I can fully link it with what I am doing! So I'e not followed any of the tricks that this ne throws up!.

I have already installed HJT and done a scan. I'll rerun it and PM you the results - that would be massively helpful.

P

 

[Satch]

Winfixer is swine to get rid of. See link below. (not sure if this is same one as "Winfixer 107" but indicates that without editing your Registry it will return)

http://www.symantec.com/security_response/writeup.jsp?docid=2005-120121-2151-99&tabid=3

 

[jwarren]

You need to disable system restore, boot in safe mode and run the fixes. As windows doesnt delete per se, it will always recover itself, hence the need to disable and safe mode it. To disable system restore, right click my computer and select properties, uncheck the box, apply and wait for a moment.

There is another nasty strain to it and is infostealer.dll, does what it says, they come in via unprotected browser settings (not updated) and imbedded in other programs, files etc that have been downloaded. Make sure your internet security stops active x controls, a pain as you do get prompted but the software learns and will stop some malicious crud getting in.

The sods are a nightmare to clear from the registry, they hang in the HK- local machine / windows Nt/ logon and activate when you go online. Symantec are good at giving you the strings that need to be removed.

Unfortunately, I have experienced this this very weekend (cant mention the file as the largest corporation in the world are highly litigous, but starts in M and ends in soft) following a download of the IE7 update, I guess the domain was spoofed and forced a fake download with it jammed in.

Several hours later and cleaning out the system - back and running. No words can mention my symapthy for you!

 

[pammy]

Oh yes - and you're right - the bloody thing's back

But it won't let me disable system restore!!

I can sense a trip to the PC shop at this rate

 

[jwarren]

I eventually had to reformat the drive. Thankfully any documents, important stuff is isolated on a separate drive (my virtual filing cabinet), its just a $£%^ having to reload every program. I did it mainly because my system was full of junk anyway, I did get rid of the trojans and viruses beforehand but was an absolute @rse, they go off and get their buddies to infect you with another strain. My pc is so locked down and tight I was surprised at the velocity of the attack, no data was compromised thankfully.

Made me laugh when windows defender (the new all singing and dancing tool - free from Msoft as a download tool) said my system was safe and problem free, shame it cant read the screen with all my Nortons Virus alerts! Ho hum, good luck!

 

[Flyer]

Complete format and reinstall might be the only answer Pammy. I've had two clients with a variant of this in the last week or so and the only surefire way of dealing with it was to wipe the HD and start again. A real PITA but it works and if you haven't reinstalled Windows for some time, you will quite likely notice a sizeable performance increase.

 

[pammy]

Complete format and reinstall might be the only answer Pammy. I've had two clients with a variant of this in the last week or so and the only surefire way of dealing with it was to wipe the HD and start again. A real PITA but it works and if you haven't reinstalled Windows for some time, you will quite likely notice a sizeable performance increase.

Prob is I've lost all my windows stuff have no idea where it's all gone or anything I've lost loads of discs - don't know if it was in the move and they got in the wrong box or what - but I've lost Windows and Office so I can't reformat and start again anyway. I've done that in the past and it takes forever to recover the stuff. I can easily back up the files tho as I have an external hard drive I can chuck them all onto.

I was toying with buying new kit anyway but wanted to try and tie it into the house move etc so I don't waste money buying sommat that isn't going to work in the new house. Oh poo!!! If I ever got hold of the lowlifes that do this stuff - they'd think Mr Bobbitt had been treated with mercy!

 

[Flyer]

Prob is I've lost all my windows stuff have no idea where it's all gone or anything

Oops Don't suppose you have the install on a partition/in a folder anywhere? First thing I do with a customer's PC that needs a new installation, after installing Windows, is to copy the Windows installation disks into a folder onto the HD. Office, etc. is then also copied and installed from there. I also create a txt file with the software keys in. Some OEMs setup a separate partition with the Windows installation in for backup.

I was toying with buying new kit anyway but wanted to try and tie it into the house move etc so I don't waste money buying sommat that isn't going to work in the new house.

What wouldn't work in the new house? Are you thinking broadband/cable/router stuff?

If I ever got hold of the lowlifes that do this stuff - they'd think Mr Bobbitt had been treated with mercy!

 

[pammy]

lol - love the piccies

No - what I mena in the house is space. I'd like a desk top but might have to make do with a notebook instead. I won't really know until I actually get in there though and see what space I've got where for a desk - which is prob not a lot!

Might have a solution on the way though thanks to a very kind soul