Re: Pop Up MALWARE: winfixer2005, winantivirus etc.

xlurker_at_lycos.com
Date: 11/28/05

  • Next message: Nick Skrepetos \(SuperAdBlocker.com\): "Re: Pop Up MALWARE: winfixer2005, winantivirus etc." 
    Date: 27 Nov 2005 20:57:39 -0800

    All of these fixes may be a very long trip to what should be a very
    short and quick solution. I have an application which overwrites files
    with random numbers. I would use it on the file with the virus if
    access to that file were not denied.

    Does that infected file generate this problem? Why are Symantec and I
    denied access to it? How can we disolve that denial? Why could Symantec
    not quarantine that file so that no code from it could ever run?

    Anyhow, I ran Spybot and the Symantec FixVundo utility on 11/27/2005.
    FixVundo created a log which includes:

    "Trojan.Vundo has been successfully removed from your computer!
    Here is the report:
    The total number of the scanned files: 183114
    The number of deleted files: 0
    The number of viral processes terminated: 3
    The number of viral processes suspended: 3
    The number of viral threads terminated: 7
    The number of registry entries fixed: 2"

    When I next rebooted after running FixVundo, the virus alert
    immediately appeared as it had before.

    The Spybot search and destroy function delivered a list of what it
    thought were suspicious cookies. All of those looked innocuous to me
    except some in a folder with WinFix in its folder name. I let Spybot
    kill the cookies in that folder. However, I do not intuit that cookies
    can execute a pop up intrusion.

  • Next message: Nick Skrepetos \(SuperAdBlocker.com\): "Re: Pop Up MALWARE: winfixer2005, winantivirus etc."