How do I remove the Winfixer 2005 pop-up?

msolga no need to pay for a tech - try everything you can first before you go shelling out money.

I have been using Firefox and it had no problem with the Winfix thing. Opera was going nuts trying to deal with it so I stopped using it for a while. But I'm using Opera right now as I write this and it seems fine. No Winfix.

Of course having said that the bloody thing will probably be along any minute...

Anyway I will report back anything useful. As I say in the meantime Firefox seems to handle it.

Well, I did it gf! Cross all fingers & toes!

Firefox is a lot faster than IE! Just feels a wes bit sort of *jerkier* scrolling down through stuff like the "search" list. But not half as sluggish! Now we'll see about the pop-ups!

Firefox is fun.

If problems occur, Msolga, go to Tools


Click on Options (at the bottom of the menu)


There you will see "Web features"


In my copy, which remains as it chose to set itself up, "Block Popup windows" is NOT selected.

I would try selecting it if the bastard returns!!!





I love Firefox, but mainly stay with Opera cos it will recall which windws I had open when I closed it, and return me there.


I really like that.

Well, I've found the "smooth scrolling" option, so we've stopped jerking around like drunken sailors, Deb.

"block pop up windows" is selected in mine. That's the way it was downloaded.

Aha!!!

It's a useful feature isn't it? You can also do it with firefox if you use this extension: https://addons.mozilla.org/extensions/moreinfo.php?id=436

Not that I am advocating a switch to Firefox from Opera (I think Opera is a far better browser).

Also note that browser selection isn't going to heal an infected computer. The malicious code needs to be removed.

I have tried all these except the Firefox because I don't have it. But, I am beginning to just think this freaking machine is possessed! Anyone know a computer exorcist?

Ah! Thank you! I figured there would be a way of making Firefox do that!

I am interested that you think Opera better, people talk so much about Firefox, if you had time to say why I would be interested.

I am not using Firefox, so I was thinking of uninstalling it. But it is so nice to use!




Sigh. I know.

Thing is, doing a hijack this log looks so daunting that I will need to psych myself up to do it, and I am actually having to learn so much right now for work that I want to use my puter time just for fun.


I WILL do it, though.


I am a bit like the old fella in the tale of the Arkansaw Traveller...you kmnow, can't fix his roof when it's raining because he will get wet, and doesn't need to fix it when it is dry.

This minute, it is dry.


Hmmmmm.......I guess the nasty stuff can be doing more nasty stuff while I let it lie, eh?

Because for many of those people "better" or "good" have more to do with being the anti-thesis to Microsoft than with the software quality.

Microsoft is a commercial (read capitalist) company, Firefox is open-source (read socialist) browser.

Opera is merely a better browser than both but as it is a commercial company as well it lacks the political undertones that spur a lot of the Firefox fanaticism.




It involved pressing one button and then copying the log file onto a thread.

Thing is, if I remember correctly this spyware runs in a way that hijackthis won't help much.

"It involved pressing one button and then copying the log file onto a thread. "

Huh? Timber's instructions for hijack this stuff look both endless and complicated.


Any ideas what will help?

Doing the scan is easy, selecting which items to remove out of the resulting log is what you are thinking of.

Just open, press scan and save logfile, then post contents of logfile.

winfixer removal
here is a link that provides a guide to remove winfixer malware:

http://www.spyware-removal-guideline.com/winfixer-removal

you have to check if your hijackthis log contains specified line and proceed with removal guide.

Re: winfixer removal



The current flavor of the Winfixer nasty is based on a recent variant of a fairly well-known exploit and incorporates coding which renders it much less susceptible to detection and removal than its elder kin. This stuff evolves; thats its nature.

The "fix" recommended by garney is a relatively safe and generally reliable method, though it is pretty involved for the typical user. The instructions leave quite a bit to be desired, and the process should not be followed without first posting a HiJackThis log for informed advice, as some of the specific suggestions offered refer to folder, file, and registry item values which very well may be - in fact typically are - variables and will not apply to everyone's particular individual situation. In some cases, HJT will not provide the necessary info (the trojan is very good at concealing itself), something which may necessitate a different track-down method for the discovery of the info needed to permit effective follow-through removal steps. Knowing what to look for and how to find it are the keys to getting it done.

While I have nothing against spyware-removal-guideline.com, I think it should be pointed out that is a commercial website which promotes download and purchase of its own particular security/privacy products. The free removal process they offer there is based on aTribune's VundoFix utility, an essentially well regarded free tool, safe and reliable in most cases, though there have been reports of problems (generally of the user-error type, but problems none the less, and lots of them).

Downloading (and of course carefully reading and following the instructions) Symantec Trojan.Vundo Removal Tool, V. 1.31 (or later), most recent update at time of this writing Oct 17, 2005, would be the option I recommend, though also I strongly recommend a HiJackThis log be posted first, as other things may be (and most often are) involved.

Finally, the entire cleanup process outlined HERE should be followed in its entirety to ensure a clean and secure system. I know the process appears daunting to some, but it really is quite simple. There are only 4 main compnents;

1) perform the recommended downloads and updates without running the scans, tools, or fixes yet,

2) perform the online scans, saving logs as requested,

3) disconnect from the internet, boot into safe mode, execute the applications in the order listed, saving logs as requested,

4) reboot normally, perform the two scans, HJT and EWIDO, one more time, saving the logs, reconnect to the internet, navigate to your help request thread, and post the saved logs as detailed.

Yeah, its nitpicky and takes a bit of time effort, but it is free, safe, thorough, and proven effective. If getting rid of the sorta yuckware that brought you to this discussion was easy, there wouldn't be a problem, there wouldn't be all sortsa scammers and opportunists out there on the web offering fee-based "help", and you wouldn't be looking here or elsewhere for a solution. Think about it.

Hey.

My Windows Download thingy (which is on automatic update) downloaded a whole heap of stuff the other day, including a "Malicious Code removal tool".


a. Is there a chance this will quietly do the job?

b. I have tried accessing it, in case I was actually able to make it do its thing, but all I get is an unopenable folder when I search for it.



Any comments?

Microsoft's Malicious Software removal Tool will not eliminate Vundo/WinFixer - sorry. However, the 9 updates Microsoft fed you last week are critical, and should be installed. Normally, Microsoft releases updates and patches on the 2nd Tuesday of the month, and that's what you've got there. Most of what was in that download addresses flaws or exploits which have begun popping up "in the wild" over the past few days, which typically is the case; Microsoft identifies and presents a fix, update, or patch which closes a door, and the badguys immediately set out to see how many open doors they can find.

Its my very strong recommendation that almost all home users immediately act on the genuine Microsoft update and patch downloads as provided via Windows Automatic Updates.

I install 'em as they arrive.

Oh, BTW - the stand-alone version of the Microsoft Malicious Software Removal Tool can be run from or downloaded HERE. However, if the normal monthly Microsoft Automatic Update is executed and installed, the tool will extract, run, and close in the background with no further user input; it just happens. Normally, the tool's latest version accompanies every monthly Automatic Update series, though from time to time there are interim updates to it (which are announced by Microsoft on the Malicious Software Removal download page.

Well, (touch wood!) I have reverted to Internet Explorer (after a few frustrations with the alternative browser I was using - mainly to do with posting images) & have had no recent problems with Winfixer 2005. I feel nervous when coming to this thread & I'm going to get out of here quickly! I haven't seen the Winfixer ad. for quite a while on A2K but this was the thread where I saw it most! (Touching wood again) Anyway, for what it's worth, it seems to me that when the ad. is not appearing I experience no pop up-related problems. (Touching wood again!)