PDA

View Full Version : spyware and WinFixer


Enola Straight
11-19-2005, 01:50 PM
Lately I've been under attack by spyware, and and am getting a Pop-up from something called WinFixer...supposedly an anti-virus software.

Could installing this unsolicited program cause more problems than it solves?

I already have two other programs I run which worked well...until now, that is.

Norton Antivirus and Spyhunter.

Myglaren
11-19-2005, 02:08 PM
I would suspect anything to do with popups, and Norton. Just spent ages rooting it out of my brother's laptop, ridled with malware to the extent that he'd been told his hard drive was screwed and needed replacing.

Your best action would be to read through the 'Computer Questions' sticky as the majority of virus/worm/trojan/spyware questions have arisen and been dealt with there.

there are some items relating to WinFix though, doesn't look encouraging.

Castle Cops (http://castlecops.com/article-6343-nested-0-0.html)

Spyware Information Centre (http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453094807)

Verges on Gobbldygook (http://guestbooks.pathfinder.gr/read/winfixer) but the inference is clear enough.

Spyware Guide (http://www.spywareguide.com/product_show.php?id=2263)

I would say the concensus is to avoid it like the proverbial plague!

Rikster
11-20-2005, 12:17 AM
Norton has a program that removes the winfixer spyware that is seperate from their antivirus. You have to go to their website and look it up, sorry don't remember the name and I deleted it after using it. It worked well and caused no other problems for me. good luck

Enola Straight
11-23-2005, 10:17 AM
My virus removers aren't removing the viruses...I run a scan, find the parasites, click "remove", run the scan again , and they're still there!

I can't restore to an earlier date: the only date I can restore to is the VERY DAY I first got infected!

dragongirl
11-23-2005, 11:54 AM
That's nasty. I just got rid of winfixer myself. Read the computer questions thread and use hijack this then post at those forums for help.

I have no idea what I did that fixed it, but I can't say enough good about the guy that helped me.

Skammer
11-23-2005, 12:02 PM
I'll add that I had WinFixer on my PC about a month ago, and it was a bear to get rid of. I just couldn't find too much about it, and the fixes that were posted online were horribly complicated. I did eventually get rid of it, but I'm not sure how.

Queuing
11-23-2005, 01:27 PM
My virus removers aren't removing the viruses...I run a scan, find the parasites, click "remove", run the scan again , and they're still there!

I can't restore to an earlier date: the only date I can restore to is the VERY DAY I first got infected!

System restore rarely helps in virus removal. In fact the first step in most virus removals is to turn off system restore. Norton sucks, and its a shame that it is included on so many systems that you buy. What you may want to try is go into safe mode (restart your system, hit f8 until you see a screen with boot up options, choose safe mode with networking) Go to www.trendmicro.com, they have a free online scan for viruses, spyware and security holes. Hopefully that will get rid of your virus. If not, and you know the name, it will have detailed instructions on how to remove said virus. However you may need to be in regular mode to effectively do this, depending on your level of comfort with computers as safe mode can occasionally be a real pain to navigate in. Good luck.

Enola Straight
11-23-2005, 03:56 PM
The virus remover couldn't remove the lil bastard, but could tell me its name during the scan, so I pulled up search, then un-installed it as if it was a utility.

BOO-YAH!
:D

Myglaren
11-23-2005, 04:15 PM
The virus remover couldn't remove the lil bastard, but could tell me its name during the scan, so I pulled up search, then un-installed it as if it was a utility.

BOO-YAH!
:D

That's the way to do it!

nesta
11-23-2005, 05:39 PM
WinFixer / Vundo is either a real pain to remove, or really easy, depending on the varient. Get the Symantec Vudo removal tool (http://securityresponse.symantec.com/avcenter/venc/data/trojan.vundo.removal.tool.html) and see if that fixes it. If that doesn't work, I recommend doing google searches for "vundo" and "winfixer" and follow the steps for running HijackThis to clean out what's left.

hajario
11-23-2005, 05:59 PM
That is one nasty virus. I got rid of it a few times and it kept coming back. It eventually fucked my whole hard drive and I had to get a new one.

nesta
11-23-2005, 06:40 PM
That is one nasty virus. I got rid of it a few times and it kept coming back. It eventually fucked my whole hard drive and I had to get a new one.
It is nasty. The most recent variant seems to get itself very deep into the system, so even once you think it's gone, it still loaded its DLLs and slows the system down. A good clue if it's still there is to see how much memory you are using right after booting Windows. If it's 100M higher than usual, it's still there.

I really don't think it ruined your hard drive, though. It may have contributed to the hard drive dying a natural death by making the system swap more heavily, and therefore use the hard drive more, but if that was the case your hard drive was about to die anyway.

hajario
11-24-2005, 04:35 PM
I really don't think it ruined your hard drive, though. It may have contributed to the hard drive dying a natural death by making the system swap more heavily, and therefore use the hard drive more, but if that was the case your hard drive was about to die anyway.

That is excatly what happened. The little bastard was using tons of system resources for a while before I realized what was going on.

Guy Incognito
11-25-2005, 09:36 AM
I've tried to remove this from a coworker's PC for quite a while and I've used several of the removal tools that others have mentioned above. The only thing that I have used which seemed to work is Webroot's SpySweeper. You can download a 14-day trial version at their web site:

http://www.webroot.com

Give it a try and see what you think. (Note: I don't have any affiliation with this company. I'm just very happy with the results that I got with SpySweeper.)

Good luck!