Help! annoying "WinFixer" popup, but not installed.
in [Spyware]
|
From: Marie Brown on 3 Sep 2005 00:48 "Bubba Gump" <ambrosia_1(a)REMOVE.dslextreme.REMOVE.com> wrote in message news:Xns96C58F1317D59abcom(a)216.168.3.50... > "YoKenny" <YoKenny(a)noway.invalid> wrote in > news:iFQRe.8800$884.817084(a)news20.bellglobal.com: > >> Please read: >> http://www.tenebril.com/src/info.php?id=461193304 >> http://www.vitalsecurity.org/2005/07/winfixer-where-did-this-thing-come >> .html http://geekstogo.com/forum/index.php?act=ST&f=37&t=56960 >> http://castlecops.com/t130077-WINFIXER.html > > Links to ads for more anti-spyware or people telling others about the > existence of "WinFixer" is no help. :( I didn't see anything there worthwhile either. Like you, I can't locate this spyware on my PC. Marie
From: Marie Brown on 3 Sep 2005 00:50 "Bubba Gump" <ambrosia_1(a)REMOVE.dslextreme.REMOVE.com> wrote in message news:Xns96C57183C8207abcom(a)216.168.3.50... > "Someone" <someone(a)somewhere.com> wrote in > news:CQQRe.500$xl6.147(a)tornado.tampabay.rr.com: > >> Can you please elaborate on "I have Pro level anti-virus software on >> my machine and can't >>> What kind of anti-spyware software do you use? > > I use NOD32 anti-virus (better than Norton) and AdAware-SE anti-spyware. > I tried activating the Windows firewall and still I get the Winfixer pop- > up. :( I not only have Norton but also Spyware Blaster, MS Antisoftware-Beta, Spybot, HiJackThis and Adaware and none of them can find this "Winfixer" popup. Marie
From: Marie Brown on 3 Sep 2005 00:57 "dak" <postmaster@[127.0.0.1]> wrote in message news:pu9ih1dv5ppsleoapbkois7v131rajl3ng(a)4ax.com... > DO IT YOURSELF: > <http://www.help2go.com/modules.php?name=HJTDetective> How do you get a reply from this one? I submitted the HJT log and another screen came up with no information on the log submitted. Is there a secret to using this site? Marie
From: Dave Stone on 3 Sep 2005 14:42 Bubba Gump <ambrosia_1(a)REMOVE.dslextreme.DELETE.com> wrote in news:Xns96C4DECBECE71abcom(a)216.168.3.50: > Hopefully someone can solve this. > > > First off, maybe I'm just a glutton for punishment, but I don't use a > firewall. It interferes with my work. I'm a tech, so I know all the > precautions to ensure my computers' safety none-the-less. I had this on a newer laptop that rarely uses IE, I think I got it off/out. The other poster's right, you need the latest version of HJS. On mine it appeared to be the 3 entries listed below, but YMMV. I would suspect a rogue dll from what little I've read about it. O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C: \WINDOWS\Fonts\mfcad.dll O20 - Winlogon Notify: mfcad - C:\WINDOWS\Fonts\mfcad.dll O20 - Winlogon Notify: psras - C:\WINDOWS\RegisteredPackages\psras.dll http://www.webuser.co.uk/forums/showflat.php/Cat/0/Number/216210/an/0/page/ 0 I went to this forum and followed all the directions in the 2nd post up to the registry part. Not sure if that's all that needed to be done, however it seems to be gone. Here's what my log said before it was removed (Dell laptop, lots of stuff running): Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Apoint\Apntex.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Dave\Desktop\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.com/ O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C: \WINDOWS\Fonts\mfcad.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin \ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper \SpySweeper.exe" /startintray O9 - Extra button: AIM (R) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C: \Program Files\AIM95\aim.exe O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin \LgNotify.dll O20 - Winlogon Notify: mfcad - C:\WINDOWS\Fonts\mfcad.dll O20 - Winlogon Notify: psras - C:\WINDOWS\RegisteredPackages\psras.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS \system32\Ati2evxx.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless \Bin\EvtEng.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell \NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel \Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: WLANKEEPER - IntelĂ˝ Corporation - C:\Program Files\Intel \Wireless\Bin\WLKeeper.exe
From: nospam4usegroups on 4 Sep 2005 00:35 Marie Brown wrote: > "dak" <postmaster@[127.0.0.1]> wrote in message > news:pu9ih1dv5ppsleoapbkois7v131rajl3ng(a)4ax.com... > > DO IT YOURSELF: > > <http://www.help2go.com/modules.php?name=HJTDetective> > > > How do you get a reply from this one? I submitted the HJT log and another > screen came up with no information on the log submitted. Is there a secret > to using this site? > > Marie Marie, Go to the following URL at "PC World Magazine"... http://www.pcworld.com/downloads/collection/0,collid,1347,00.asp Download "Ad-Aware SE Personal v1.06" and run on your computer... That's how simple it is! No more "Winfixer" and no more tedious HJT logs and analyses... Joe
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: Privacy - free! Next: Spybot Finds Microsoft Security Center |