OT. I've been infected....with Winfixer

Damn!!

[rant]

In case you havent noticed my short absense (likely not) but anyway Last Friday morn I sit down at my confuser turn on the monator and find like 50 browser pages open with all sorts of garbage. So I start closing them. Right,...faster then I can close them more pop up......The most prevelent was this "WinFixer" thing wanting to install some BS utility on my machine. So after 4 different people here give it a shot...(all self proclamed "experts") I finally find this forum called www.GeekstoGo.com where some guy with the handle "greyknight" walked me through a bunch of steps and now I'm back in busniess....4 days later.

Here's a poll for Casey: What should we do with the jerks that put this stuff out there?
A) Quick & painless death, or
B) Long slow painfull death, or
C) Chop off their fingers so they have to write this code by typing with their nose.

Seriously, I'd rather had my car stolen, or caught my wife with my best friend. Our controller, (the person who counts the money) told me the disruption cost us a few $K+!

[/rant]

Anyway, apparently the typical antivirus pattern files havnet caught up with this yet so I'd thought I'd mention it and If your unlucky, I'd suggest not wasting your time and go directly to www.geekstogo.com get on the forum, and start a thread. Worked for me. A real God-send....

D) All of the above.

-mind posting what you did to fix it? My neighbor got it too, I think. They took it to Worstbuy and spent $170 to get it fixed.

edit: I googled and found reference to this thing back in 2001. There is actually a website for it. Why are they still in business?!

Harrything,

Whatever you do, dont go to that site!

I was actually infected with Nail, Qoologic, Winfixer, & Look2me, amongst a few others.....

Here's the thread: http://www.geekstogo.com/forum/index.php?showtopic=52262&pid=280277&st=30&#entry280277

If you get infected (with anything) always start a new thread on that fourm. (each infection is unique so dont try it on your own). Only you and the tech will be allowed to post on that thread.

None of the spyware & anti virus scanners work on cleaning this junk, so dont waste your time. Just go there and start a thread, and follow the instructions to the letter.

Figureing how much this ba$tard cost me, I gladly made a donation. This guy spent a considerable amount of time with me on it.

What Virus, Spyware & Addaware software do you run, all that you have listed (apart from winfixer, which i cant find) is covered by my virus and spyware guard

I changed recently form a couple of well known brands to

Panda Titanium 2005 (www.pandasoftware.com)

I have so far found the protection to be 100% bulletproof

I also run SpyWare Guard (This spots sites with that pop up **** and spy ware trying to change your registry without your knowledge)

And Spyware S&D which i run once a week

Were running a few diffenrent virus scanners, including Norton. We also do maintenance with Adaware & Spybot. Each seems to catch differnt stuff, but these sliped through them all. The last thing I did at work on Thursday was to browse some CAD font (fnt) files on the web. I've now decided I can live with the current fonts....

I'll check out panda, thanks.

I am just another self proclaimed....

Were running a few diffenrent virus scanners, including Norton.

Click to expand...

You do realize the worst thing you can do is run multiple scanners?

elevmike said:

Harrything,

Whatever you do, dont go to that site!

..

Click to expand...

Oops, too late. But I didn't download anything and so far my PC seems ok. I spent a few minutes researching this thing and it I'm not 100% sure what it is. Seems like it's either a malware called itself the same as a legit software OR a badly written POS software. Anyhow, I never download anything from place I don't trust, so far that has worked ok <knock on wood>. My neighbor just never learns.. sigh.. and she keep sending me attachment of "cute" stuff.
Note: I have seem other type "helper" program doing the samething-keeping opening popup, as long as 3 years back. From what I can remember, it wasn't by design but from bad programming and/or an side-effect of adware "fighting" with adware stopper.

rsdoran said:

You do realize the worst thing you can do is run multiple scanners?

Click to expand...

Really? I didnt know that. Why? Actually on my machine I leave it off/inactive (slows down the machine) and run it at night.

Yeah, me too. What's the argument against using multiple scanners? Especially when they all seem to detect different things when you run them.

And a word in favour of Mr Gates, for a change. I've been very impressed with the current beta of Microsoft's Anti Spyware software. OK, so it's not Seattle born and bred. They liked the product so much, they bought the company who wrote it. http://www.giantcompany.com/default.htm

Ken

elevmike said:

I leave it off/inactive (slows down the machine) and run it at night.

Click to expand...

Get a faster computer and leave the virus software enabled. New computers are cheap, but they are really cheap compared to lost time and data.

I'll preface with mostly I know Norton, but I know it pretty well... Virus software is very effective at keeping your computer nice and healthy if it catches stuff on the fly in real time. If you install virus software (or enable it) after the fact its not a very effective tool for fixing what is already broken; usually at this point you need someone with a whole bunch of knowledge and a lot of time.

Also keep in mind that virus software will not protect you from yourself (at least not completely)... If you go to a site and download a piece of software and install it and it breaks your computer don't blame the anti-virus software... AV software is to keep viruses at bay, not trojans (ie malicious software installed by you). I know there are sites that require you download and install some active-x or similar software; my advice is stay away from those sites; if the web programmers couldn't get it done with java, asp, or flash then you probably don't want to touch anything they wrote anyway (of course there are exceptions).

This is just my 2c, but I've worked on a lot of computers over the years (including my own servers for my web hosting side business) and I find this to be true at least 99% of the time. Its much easier and tons cheaper to prevent than it is to repair (funny, I tell my customers the same thing about controls and safety).

Mark,

You are absolutly correct, however my main busniess is elevators & not upgradeing computers every time something new comes out. The problem is I took it too far........I'm working on a 500mhz, CPU, with few frills. However Today....I'm getting a new one.....full boat, and I'll be sure to run the real-time virus protection on that one!!

Mike,

Trust me I understand not upgrading every time something new comes out; actually (except for virus software) I prefer to run a couple of generations back from the bleeding edge of computers. I try to upgrade about every 3 years (usually 2-4), but I don't go to the extreme, just where the price break seems to be... For example if the upgrade from a 2.5ghz to a 2.Hz is $30 that might be worth it, but if the upgrade from 2.Hz to 3.Hz is $150 then I don't consider it worth it...

My primary web server hasn't been upgraded in 5 years, its getting close to time to replace that one, but it'll wait another year (probably)...

Panda software do a free online virus check of your system http://www.pandasoftware.com/activescan/

I use AVG as my primary anti virus software (again.. its free). I've found some of the commercial anti virus to be more like a virus themselves. Norton for instance is all very well when its running but to try and uninstall it is a nightmare.

Ad-aware is a cracking free piece of software for getting rid of 'spyware'.

And Sygate do a great personal firewall (free...)

Also, Search and Destroy gets rid of some of the other beasties that some of programs might miss...

These are what I use and touch wood... I've never had a problem.

Oh, I also use Mailwasher (not free but worth it) to screen incoming email and get rid of spam and other nasties therein...

I often wonder if, behind the scenes somewhere, the likes of Norton et al are writing their own virii. After all without a computer virus, they wouldn't be in business...

(Conspiracy theory #204)

elevmike said:

I'm working on a 500mhz, CPU, with few frills.

Click to expand...

That sucker is at least 6 years old. I went from a 500MHz PIII to a 2.0 AMD 64 a few months ago. Yeah you can tell the difference.

We use ETrust from Computer Associates at work. I think it is a corporate type version though because the virus signatures get updated over the network so they only download them once over the internet then distrubute it internally. I also use it at home, its $20 bucks a year for what I use at home.

Johnny T said:

I often wonder if, behind the scenes somewhere, the likes of Norton et al are writing their own virii. After all without a computer virus, they wouldn't be in business...(Conspiracy theory #204)

Click to expand...

I often wonder myself, surly some do, but I doubt that Norton & Symatic would be involved in that. You can never keep a secret like that unless you kill all your employees before they left for the day......

That sucker is at least 6 years old. I went from a 500MHz PIII to a 2.0 AMD 64 a few months ago. Yeah you can tell the difference.

Click to expand...

6 years is about right. (Y2K upgrade). I wonder if I'll see any diffenence with stuff like Office, TCAD, CME, & DS4. That's about all I use. Not a big game player.....so I didnt take notice of all the new bigger - faster stuff.

I'll know later today though....my new pc is now on the network so I've got to move my profiles....later.