User Panel
Posted: 3/8/2006 5:27:45 AM EDT
Everytime I open my IE, it ask me to dnld some winfixer program. I can't just close it, it lock my pc. I would have alt cntl del out. Tried running safe mode and seeing if the anti virus or my adware/spyware can pick it up and clean it. That doesn't work. It doesn't recognize it.
Anyone know how I can get this off my PC. |
|
Here is an even better fix. Format HD and install Linux. |
|
|
download ALL these programs in safe mode WITH network support. run updates for all programs if needed. then run full scans. one at a time..
xblock ewido install background support hijackthis(click direct download to download program) post WITH logfile and then paste the logfile into the hijackthis homepage. and it will tell you what to remove. ccleaner to get rid of unused files and alot of trojans possibly in your temp folders. a squared install update and do full system scan. |
|
You could probably install your hard drive as a slave drive in a clean PC and run anti-virus software from the clean system to scan the infected drive. Even beter if you can get an ide-to-usb cable and attach the infected drive after booting the clean machine.
|
|
Plz don't do any of the above yet!!
Try this...go to control panel > internet options > general. Check to see what your default homepage is. If it's not what you expected, change it. It's possible you may have had a site redirect your homepage. Best, Ed |
|
Do a google search for virtumudobegone, download it. It worked for me.
|
|
you obviously have never seen what he is talking about have you |
|
|
Won't be able to dnload a damn thing. Here at work the firewall prevents internet dnlds. At home I can't even open up my browser without this popup locking up my puter. |
|
|
you have been root-kitted. only solution is to throw your pc away and buy a new one.
the winfixer thing comes from a company in the ukraine btw.. |
|
Won't be able to dnload a damn thing. Here at work the firewall prevents internet dnlds. At home I can't even open up my browser without this popup locking up my puter. can you accept emails. you can copy the files to a cdd if needed |
|
That's why you are supposed to do it in safe mode. Follow cruze5's advice. |
|
|
My email at work can't accept .exe files. But my yahoo addy can.
[email protected] I can pull it down from there. |
|
Rubbish. ANY software problem can be fixed even if they somehow managed to reflash the Bios or even the CMOS. I would Look up two things, The VX2 virus (you might have that) , Or a rootkit problem. Also use google to look up all the things you can about this particular problem. Type in the exact problem and someone might have already found a solution. The small programs mentioned above like killbox, highjack this & process explorer will help. Get even more of them. Make 100% absoltutely sure your anti-virus is the best and 100% up to date. For example type into google 'winfixer virus' or' winfixer root kit' then follow the instrucyions as prescribed. Here are some top hits just from that - vundo root kit & Microsoft forum fix Eventually you might have to do a lot of shit to your comp to get it back online and you might have to do a complete reinstall but the idea that you have to get rid of your comp from a root kit is wrong. I got rid of a root kit AND a VX2 about 3 months ago, it took hard work and a lot of aggravation but it finally worked. Good luck!!! |
|
|
Simpler: download www.knoppix.net and burn to a CD. Boot off the CD whenever you're connected to the internet. Works for me. |
||
|
indeed.. it is rubbish... and i have fixed the exact problem described above.. for a relative who is sorry they ever brught it up... how did i do it? removed their drive from their PC, put it into a special chasis, attached chasis to special computer that i use to isolate and remove viruses, cleaned the drive, remounted in original machine, ran hijackthis scan, used scan to remove a bunch of registry entries, dll files still extant.. reboot, install new firewall, virus prevention software, return to owner.. about 8 hours work (and i am a computer pro). you know what to look for in hijackthis scan.. what to remove and what to keep? cut the red wire or the blue wire?? so above statement was sacrasm sorta.. when winfixer first appeared there was no downloadable fix for it. there may be now. dunno. you take this problem to a shop they're gonna charge several hundred dollars... telling someone they have to go out and buy a new computer MAY get their attention so they don't go back to the porn or warez sight they got the thing from..... it is possible and has been discussed on security boards to rootkti a computer so thoroughly that only the above methodology will work.. becase a root kit can actually replace the sotfware and dlls that read and reply about entries in the disc directory and give false information about disc content thus completely hiding malware and spyware..... this is supposed to be the next BIG thing in viruses. rootkits are the beall and endall of computer trashings.. |
||
|
well no kidding ANY software problem can be fixed but to what cost or extent.
who is gonna pay someone like me $100 dollars an hour to attempt to fix a software problem. when you can backup the info and do a fresh install in under 2 hours. I could understand this on a mission critial system, but not on an end users system. the key is backing up your information. if its backed up its not an issue. if its not backed up, WHOS FAULT IS THAT!!!!!! it surely isn't mine
|
||
|
"winfixer" is a rogue anti-virus that's really a fake scanner and browser hijacker that reports false infections and tries to force you into buying the "cure" from them. The main thing you have to do is remove the line from the "Run" key so it won't load on boot. Start in Safe Mode and use REGEDIT to clear "WFX5.exe" from this key -
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Then you basically just have to pick through the system to clean out all the trash left behind. Get full details here. |
|
Fixed the link for you. |
|||
|
|
Keep pressing the F5 key repeatedly as the computer is starting. It should give you the boot options for windows, and select safe mode. |
|
|
Thanks for the info ....... but how is that any safer than starting regular way ? |
||
|
Its used for troubleshooting mostly. If a problem does not appear in safe mode, you can eliminate the default settings and minimum device drivers as causes of the problem. |
|||
|
adair_usmc Sounds like you know your stuff. Thank you for the tutorial. |
||||
|
Get both. I always use F5 myself. It has never failed for me. I guess if you have any doubt, just press both at the same time |
|
|
|
|||||
|
A combination of these 2 suggestion and my internet suite worked. X Clean found some of its extension and deleted it. I was still getting the pop up though but it was not locking my PC any longer. So I used the Vundo and it deleted somemore extensions. I rebooted and the internet suite found the rest of them. I then went to Trend Micro and ran there Malware tool. It did not find anything. PC seems to be working fine now. Thanks guys!!! |
||
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.