|
Posted by Deebsat on November 27, 2005, 1:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
others, who you don't know from a hole in the wall, who told you to try this
and try that yet you still have the same problem. Your problem is you don't
know who to trust and I don't blame you, you have been trusting everybody
else and listening to everybody else and you are still infected. Why don't
you take David's advice and use his method and after 2 hours of scanning, if
it does not crash, when it does not work then use Leythoses method and spend
another 2 hours formatting and re-installing everything, or spend 10 minutes
max and use my method. As far as offering you proof of who I am and what I
do you have not emailed me. If you do not want to take my offer of help then
so be it. It is your problem not mine.
> Ahh, the OTHER poster, who has offered me his REAL NAME, has over 31,000
> Google entries showing his long-standing membership in the IT community.
> He
> has personally phoned me to offer assistance as WELL as offering me his
> bona-fides, so that I may vet that he is "for real" and really trying to
> help.
>
> Why don't you do similar; tell me who YOU are and convince me you're not
> actually one of the authors of this vicious trojan, and show me the
> qualifications you ahve to have written a safe program to remove it.
> Someone who would listen and obey a stranger in a forum who tells them
> "trust me, I'm telling you MY solution will work" makes about as much
> sense
> as a kid listening to a child molester, don't you think?"
>
> If you can't even agree with that simple logic, and don't care to provide
> your bona fides as to who you are, what youv'e done in the software world,
> and a couple of real world employer references, please don't bother to
> reply
> to any more of my postings regarding Winfixer. Nothing personal, but I
> don't
> trust you OR "L" yet....not until I've vetted HIS credentials, which he
> freely offered.
>
> I don't know your game, but people usually reveal themselves over time no
> matter how many internet aliases they assume. That's one of the reasons I
> use my REAL NAME. Maybe, if you seek credibility, you should A) try doing
> likewise, and B) stop attacking other people on forums. ANYONE who
> attacks
> someone else, to me, is immediately ans strongly suspect. Think about
> it.
>
> Wade Nelson
>
> "Deebsat" wrote:
>
>> I told you my fix works. Send me an email at fiveXcornersXme@yahXoo.com
>> and
>> I will send you a fix tool that will remove that pest. Remove the XXX to
>> make the email valid. Oh BTW ignore the response you will get from David
>> or
>> Leythos he is a sick obsessed stalker who cannot fix your problem. He
>> would
>> rather have you suffer with this issue then to receive help from me.
>>
>>
>>
>>
>>
>> message
>> > After believing for almost 20 hours that I'd pulled the last tentacles
>> > of
>> > Winfixer out of my Windows XP machine, I got another popup. I
>> > immediately
>> > ran Symantec Vundo Removal tool V1.5 dated 11/26 and it found no
>> > instances,
>> > processes, etc.
>> >
>> > Obviously this Winfixer still has another variant Symantec's solution
>> > isn't
>> > able to clean--- yet. At least they appear to be working on it, unlike
>> > (silent) Microsoft and McAfee.
>> >
>> > My 11/26 "battle report" somehow didn't get posted, so here's a repeat.
>> >
>> > I've battled this virus for over a week now. McAfee claims their
>> > antivirus
>> > software cleans it, it doesn't. There is no mention of Winfixer on
>> > the
>> > Symantec knowledge base, and Symatec's online "free" virus scan program
>> > found
>> > nothing on my PC.
>> >
>> > In the hours preceeding re-infection, the only thing I've done I can
>> > think
>> > of that might have led to infection is run a copy of JASC Paint Shop.
>> >
>> > I have sent information about this "extortion-ware" program to numerous
>> > media outlets.
>> >
>> > I am also about to launcha PR campgain against T-mobile, whose
>> > advertising
>> > apprently supports these virus writers.
>> >
>> > Yes, I have followed Symantec's instruction to disable the restor
>> > feaature
>> > on my PC before trying to remove Vundo.
>> >
>> > How vundo is related to Winfixer is unclear.
>> >
>> > I have notified CERT, the FBI, the Colorado attorney general and others
>> > regarding Winfixer, which I consider online "extortion" -- pay us $39
>> > or
>> > we'll make your PC unusable through a combination of popups and
>> > hijacked
>> > browser screens.
>> >
>> > Here is the "story" I am sending to the media outlets, in an effort to
>> > get
>> > Symantec and/or Microsoft moving on developing a fix, AND communicating
>> > about
>> > the problem and what is being done. Silence doesn't help, Mr. Gates.
>> >
>> > My next battle report will be posted sometime tomorrow.
>> >
>> > Wade
>> >
>> >
>> > Vicious new "Extortion-ware" computer virus striking PC's
>> >
>> > rev 2.1, available free to print/quote. Wade Nelson 970 259 1494
>> >
>> > A new, exceedingly difficult to exorcise computer virus has begun
>> > infecting
>> > PC's across the United States. Nickenamed "Winfixer," the
>> > adware/spyware
>> > program "hijacks" screens being opened by the user and replaces them
>> > with
>> > an
>> > ad for $39 Winfixer software, which promises to "fix your Windows
>> > registry,
>> > eliminate viruses, ...." According to one user infected with the
>> > "extortion-ware," "I imagine a large number of users are going to get
>> > so
>> > unproductive and irritated because of this virus theywill even consider
>> > paying the $39 'blackmail' just to regain control of their PC's.
>> >
>> > Individuals seeking information on how to permanently eliminate the
>> > Winfixer
>> > adware/hijacker have rocketed "Winfixer" to the #1 topic on Microsoft's
>> > Technical / Security Support forums, with "No current solutions offered
>> > by
>> > Symantec, or McAfee, the leading anti-virus vendors." Microsoft's own
>> > Malware/Spyware removal tool "Doesn't even touch Winfixer" according to
>> > Wade
>> > Nelson, a freelance writer who has battled the virus for several days
>> > now.
>> > One user reported on the forum that Microsoft's tool identified
>> > numerous
>> > instances of Winfixer, but was unable to remove them successfully."
>> >
>> > "It's basically extortion" says Nelson. If you don't buy their $39
>> > program
>> > you get an ever increasing number of popups, not just from Winfixer,
>> > but
>> > from
>> > numerous adult content sites, even T-mobile.com. Nelson has contacted
>> > both
>> > the FBI and Colorado State Attorney General's office about the program,
>> > the
>> > authors of which, he believes, are breaking the law. He adds, " I am
>> > going
>> > to hold T-Mobile's feet to the fire for paying whoever this
>> > spammer/virus
>> > writer is to advertise their cellular services. He intends to launch a
>> > massive PR campaign to let cellphone users know that T-Mobile is one of
>> > the
>> > clients paying these virus writers to corrupt their PC's if T-mobile
>> > doesn't
>> > immediately jump in and assist in getting this operation shut down
>> > immediately. He is also contacting the credit card companies
>> > processing
>> > "Winfixer's" online sales.
>> >
>> > Winfixer, a real nightmare of a "virus," apparently uses numerous
>> > methods
>> > to
>> > re-install itself, including monitoring users keystrokes. If a user
>> > types
>> > "eliminate winfixer" into a search engine like Google, yet another ad
>> > for
>> > Winfixer pops up. It apparently also uses Windows XP's restore
>> > feature
>> > to
>> > "restore itself" after being temporarily deleted. "If you put your
>> > XP-equipped PC into shutdown mode, it apparently triggers something
>> > too,
>> > as
>> > I'm seeing disk activity I didn't used to see," says Nelson.
>> >
>> > According to Nelson, "McAfee's support techs claim their antivirus
>> > program
>> > eliminates the 'virus. My experience proves it doesn't, and they don't
>> > even
>> > post any decent information about it on their website / knowledge base.
>> > I
>> > paid $39 for nothing but to speak to a tech rep in India who doesn't
>> > know
>> > squat about this particular virus."
>> >
>> > Some users, including the folks at Symantec, apparently believe the
>> > Vundo
>> > virus is somehow related, although their knowledge base is equally
>> > devoid
>> > of
>> > any entires on Winifixer, perhaps because it is simply "too new."
>> > Symantec
>> > has released a Vundo virus removal program they just updated today
>> > (11/26
>> > version 1.50 ) , yet even it doesn't seem to eliminate all the
>> > variants.
>> > According to Nelson, "I followed Symantec's instructions, explicitly,
>> > rebooted, ran it again, their Vundo removal program said I was clean,
>> > yet
>> > 10
>> > minutes later I had a popup appear for www.sexbuddies.com.
>> >
>> > While various programmers on the Microsoft Security Technical forums
>> > offer
>> > various self-written programs to supposedly "clean" your PC of
>> > winfixer,
>> > writer Nelson is wary: "Some of these programs may simply load a newer
>> > and
>> > more dastardly version of the program INTO your computer. "In
>> > situations
>> > like this you need to pretend you're an 11 year old girl and never
>> > trust
>> > ANYONE you just met in a forum."
>> >
>> > Nelson has sent emails to all his friends warning them of the Winfixer
>> > "scam" and "extortion-ware" program, but as of 4:00 on Nov 26th still
>> > has
>> > not
>> > found any workable solutions to getting his PC back under control. "I
>> > know
>> > Symantec is working on it, even though they won't say so. Nelson has
>> > also
>> > contacted CERT, the Computer Emergency Response Team, but has not
>> > received
>> > a
>> > reply from them either.
>> >
>> > "I worry I'm over-reacting, but because I use the Internet up to 10
>> > hours
>> > a
>> > day I tend to be the canary in the coal mine when new viruses/trojans
>> > come
>> > along. Anti-virus software generally can't prevent a new TYPE of virus
>> > it's
>> > never seen before. This one is nasty, and I expect it will run
>> > rampant
>> > until Symantec, McAfee, or Microsoft offers a viable fix. And I hope
>> > the
>> > @#$@#!!ss who wrote it go to jail . At the very least they shouldn't
>> > be
>> > allowed to take orders and process Mastercard/Visa for a program to fix
>> > a
>> > virus they themselves created."
>> >
>> >
>>
>>
>>
| 
XML site map