Win Fix

[Guest]

some how i have this one website that keeps popping up on my internet its
called winfix and it wont go away. and if anyone knows how to fix that please
help out thanx

 

[Carey Frisch [MVP]]

Winfix is a bogus, malware, program!

Perform the following maintenance:

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/?­id=827315

Download Ad-aware SE and scan your PC for the presence of sp­yware:
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

Symantec Security Check
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym&plfid=23&pkj=RRJXPKXYSHMSPCSIZME

Microsoft Windows AntiSpyware
http://www.microsoft.com/downloads/...a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en

Here's what you can do to enhance the security on your PC
http://www.microsoft.com/athome/security/protect/windowsxpsp2/Default.mspx

Antivirus software: Frequently asked questions
http://www.microsoft.com/athome/security/protect/antivirus.mspx

4 Ways to Speed Up Your Computer's Performance
http://www.microsoft.com/atwork/getstarted/speed.mspx

--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/

-------------------------------------------------------------------------------------------

:

| some how i have this one website that keeps popping up on my internet its
| called winfix and it wont go away. and if anyone knows how to fix that please
| help out thanx
| --
| John

 

[David H. Lipman]

From: "Johny0711" <[email protected]>

| some how i have this one website that keeps popping up on my internet its
| called winfix and it wont go away. and if anyone knows how to fix that please
| help out thanx
| --
| John

Please download, install and update the following software...

Ad-aware SE v1.06
http://www.lavasoft.de/
http://www.lavasoftusa.com/

SpyBot Search and Destroy v1.4
http://security.kolla.de/

After the software is updated, I suggest scanning the system in Safe Mode.

I also suggest downloading, installing and updating BHODemon for any Browser Helper Objects
that may be on the PC.

BHODemon
http://www.definitivesolutions.com/bhodemon.htm


Download WinFixerFix.exe from the URL --
http://www.ik-cs.com/programs/virtools/WinFixerFix.exe

On the infected PC...

Execute; WinFixerFix.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
It is suggested that you move the report out of c:\mcafee before performing another scan.
It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.

 

[Leythos]

I have a removal tool that works. It was specifically designed to remove
Winfixer. Email me at (e-mail address removed) and I will send it to you.
Remove the XXX from address to make it valid.

 

[Leythos]

I have a removal tool that works. It was specifically designed to remove
Winfixer. Email me at (e-mail address removed) and I will send it to you.
Remove the XXX from address to make it valid.

Ignore ANY lamer that post asking you to contact them via email for
help.

The jack-ass above is not posting using a real identity, it's pcbutts1
pulling his normal BS and thinking he's pulling something over on
people.

Message-ID: <[email protected]>
Newsgroups: microsoft.public.windowsxp.general
NNTP-Posting-Host: adsl-69-226-169-240.dsl.bkfd14.pacbell.net
69.226.169.240

As you can see, the poster is the same pcbutts1 idiot.

He's not even smart enough to fake being me.

 

[Nick Skrepetos \(SuperAdBlocker.com\)]

Hello,

In addition to the tools the other posters have suggested, you may wish to
try Super Ad Blocker with SUPERAntiSpyware:
http://www.superadblocker.com

Super Ad Blocker | SUPERAntiSpyware offers several unique features such as
using a system level driver to delete detected items, so pests do not come
back once detected and cleaned.

Super Ad Blocker offers a fully functional 15-day trial. You can scan and
clean your computer and then remove Super Ad Blocker if you do not wish to
keep it. We do appreciate when users support our development efforts by
purchasing the product

If that does not find and/or remove the spyware/adware on your machine, you
can submit a diagnostic and I will diagnose your machine for free and post
the results back to the group and update our rules with anything found:
http://www.superadblocker.com/diagnostic.html?id=nicks

You may also wish to "see" what is running on your computer here:
http://www.fileresearchcenter.com

Nick Skrepetos
SuperAdBlocker.com - SUPERAntiSpyware
http://www.superadblocker.com
http://blogs.superadblocker.com
http://forums.superadblocker.com

** Please note that I am the author of the above programs and sites and I do
have a vested interest in Super Ad Blocker, SUPERAntiSpyware and
FileResearchCenter.com. You, the user, have no obligation to purchase the
software and are free to try the software, clean/fix your system, and then
uninstall.

 

[Uncle Joe]

Good ol' PCBUTTS1. What would we do without him?
Probably live five years longer. (Smile.) He's like a big
purple pimple that won't go away.

 

[Phyllis]

Jack-ass or not . . . PCButts1 does in fact have a fix for your problem. I
had the same WinFixer problem recently and he e-mailed me the fix. It is
quick and simple.

 

[David H. Lipman]

From: "Phyllis" <[email protected]>

| Jack-ass or not . . . PCButts1 does in fact have a fix for your problem. I
| had the same WinFixer problem recently and he e-mailed me the fix. It is
| quick and simple.

You mean what he stole from someone else. Do you support that ?

I have fixed a bug in my tool and it was tested and shown that it does indeed work.

 

[Leythos]

Come now David, are you still pissed that your tool didn't work and mine
did? Sounds like it, now grow up. Don't blow a fuse now.

 

[Leythos]

Jack-ass or not . . . PCButts1 does in fact have a fix for your problem. I
had the same WinFixer problem recently and he e-mailed me the fix. It is
quick and simple.

And the tool he provided was stolen from the person that put the work in
to make it and then butts changed the names so that it would appear as
though he made it.

Trusting anything from him is a chance at being compromised as he
doesn't comply with security standards and is a proven thief in this
community.

 

[Leythos]

I'm not a jackass Phyllis, they just don't like the way I do things and
after numerous attempts to stop me and countless emails they are really
pissed because EVERYTHING they have tried has failed. That ONLY means that I
have done nothing wrong. If I had I surely would not be here right now. They
can't accept that fact so they make up lies and constantly spread them
throughout Usenet.

Thank you for your kind words and I am glad that program worked for you.

Jack-ass or not . . . PCButts1 does in fact have a fix for your problem.
I had the same WinFixer problem recently and he e-mailed me the fix. It
is quick and simple.

 

[Phyllis]

No, I don't support theft of any kind. I'm sorry, but at the time that I
needed it, your tool wasn't working properly. I am glad you got it fixed
and it is now available for others. I was desperate for a fix so I took
what help was offered. I have always gotten help when I asked for it here
and I am thankful to all that has provided that help. I respect all of you
who work diligently to develop these tools for those of us who are not
computer experts and are unable to even know where to begin to fix problems.
Nothing is as maddening as a computer that is not working correctly, I know
it drives me crazy. Sorry if I stepped on toes. I will try to keep my
mouth shut and not add my two cents worth since I am sure that I will need
help again. Sorry . . .

 

[Leythos]

I'm not a jackass Phyllis, they just don't like the way I do things and
after numerous attempts to stop me and countless emails they are really
pissed because EVERYTHING they have tried has failed.

Not pissed, although it seems to have worked - you have your site
passworded so that the common user can't access it. You have hidden the
stolen code you got from Noadfear's site.

That ONLY means that I
have done nothing wrong. If I had I surely would not be here right now. They
can't accept that fact so they make up lies and constantly spread them
throughout Usenet.

If you have nothing to hide then why do you keep changing names/nick's?
It's not to hide as you keep exposing yourself and even baiting others.

Thank you for your kind words and I am glad that program worked for you.

To bad you didn't do the work that you're taking thanks for.

 

[David H. Lipman]

From: "Leythos" <[email protected]>

| Come now David, are you still pissed that your tool didn't work and mine
| did? Sounds like it, now grow up. Don't blow a fuse now.


No I'm pissed that you berate the MVPs and then steal INF and VBS files from them.

I'm pissed that you stole that SitFraud Removal code from nahdfear

I'm pissed that you plagiarize software by stealing code and rem,ving the authors name and
substituting yours in its place

I'm pissed that you posted that license.html page on your sh~tty web site and lied about it

I'm pissed that you host files on that web site without permission from the authors/vendors

I'm pisssed that you can conform to UseNet FAQs.

I'm pissed that you won't listen to thde Microsoft employeees, our hosts in these News
Groups.

I'm pissed that you are now impersonating Leythos now and Robert Dyer previously which is a
violation of the rules of using the Microsoft News Groups.

I'm pissed that you are a comsumate liar.

There is probably more but I'm tired and you are lowlife pond scum and you have wasted
enough of my time !

At least I can say the problem was a bug in my code. Code I created from scratch and didn't
steal from someone else !

 

[Leythos]

Spreading more lies I see Leythos the stalker. Since you are trying to
convince everyone that I stole that program then go ahead and name that
stolen program. Let everyone know how smart you are. Go ahead Leythos,what
program was it that I gave to the other poster? Name the program, the
author, how I stole it, and how I changed it. if you do that I will leave
this NG forever. That's a promise. Don't come back here with an excuse. Best
you just shut up and don't say nothing less I embarrass you. I'm waiting.

 

[David H. Lipman]

From: "Leythos" <[email protected]>

| Spreading more lies I see Leythos the stalker. Since you are trying to
| convince everyone that I stole that program then go ahead and name that
| stolen program. Let everyone know how smart you are. Go ahead Leythos,what
| program was it that I gave to the other poster? Name the program, the
| author, how I stole it, and how I changed it. if you do that I will leave
| this NG forever. That's a promise. Don't come back here with an excuse. Best
| you just shut up and don't say nothing less I embarrass you. I'm waiting.
|

He isn't stalking you.

YOU invited his response, as you have done so often, by impersonating him !

Leythos is < censored> his handle and you know it.

Text excerpt of your version of RunThis.Bat obtained from your web site (10/23 @ 0945hrs)...

:notice
color 1F
cls
@echo off
echo.
echo.
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º º
echo º Trojan-Spy.HTML.smitfraud.c Killer º
echo º º
echo º by pcbutts1 º
echo º º
echo º version 2.2 º
echo º º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
echo.
echo This tool was tailored to kill smitfraud.c and variants
echo.
echo If you do not trust the source, close this window.
echo.
echo pcbutts1 does not assume any liability
echo.
echo for damage or loss from running this tool
echo.
echo Use at your own risk!!
echo.
echo.
echo.
echo.
pause
cls

Text excerpt of naoahdfer's version of RunThis.Bat obtained from his web site...

:notice
color 1F
cls
@echo off
echo.
echo.
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º º
echo º Trojan-Spy.HTML.smitfraud.c Killer º
echo º º
echo º by noahdfear º
echo º º
echo º version 2.7 º
echo º º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
echo.
echo This tool was tailored to kill smitfraud.c and variants
echo.
echo If you do not trust the source, close this window.
echo.
echo noahdfear does not assume any liability
echo.
echo for damage or loss from running this tool
echo.
echo Use at your own risk!!
echo.
echo.
echo.
echo.


Specific text found in your version of RunThis.Bat obtained from your web site (10/23 @
0945hrs)...


echo.>>%systemdrive%\smitfiles.txt
echo smitRem log file>>%systemdrive%\smitfiles.txt
echo version 2.2>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo by noahdfear>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo. |date |find "current" >>%systemdrive%\smitfiles.txt
echo. |time |find "current" >>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo Pre-run Files Present>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo ~~~ Program Files ~~~>>%systemdrive%\smitfiles.txt


Note the line...

echo by noahdfear>>%systemdrive%\smitfiles.txt

Case Closed -- Theft and plagiarism !

 

[Leythos]

No, I don't support theft of any kind. I'm sorry, but at the time that I
needed it, your tool wasn't working properly. I am glad you got it fixed
and it is now available for others. I was desperate for a fix so I took
what help was offered.

No one hear felt their toes were stepped on by you. What we worry about
is people like you feeling it's proper to trust an anonymous person in
Usenet, to visit their personal download site instead of the real
vendors site, and downloading that unknown/unconfirmed software.

Not that we think butts has done anything to compromise the files he's
hosting against the vendors wishes, but you can never tell - just look
at the way he morphs all the time and ask yourself if you would have
trusted him if you had know this.

 

[Leythos]

Spreading more lies I see Leythos the stalker. Since you are trying to
convince everyone that I stole that program then go ahead and name that
stolen program. Let everyone know how smart you are. Go ahead Leythos,what
program was it that I gave to the other poster? Name the program, the
author, how I stole it, and how I changed it. if you do that I will leave
this NG forever. That's a promise. Don't come back here with an excuse. Best
you just shut up and don't say nothing less I embarrass you. I'm waiting.

David beat me to it - read his post about the details. Now, go away like
you promised.

 

[Phyllis]

No one hear felt their toes were stepped on by you. What we worry about
is people like you feeling it's proper to trust an anonymous person in
Usenet, to visit their personal download site instead of the real
vendors site, and downloading that unknown/unconfirmed software.

Not that we think butts has done anything to compromise the files he's
hosting against the vendors wishes, but you can never tell - just look
at the way he morphs all the time and ask yourself if you would have
trusted him if you had know this.

It does seem a little dishonest to constantly change one's name and even to
use other's names to post. I didn't go to his website to download files, he
sent them to me in an e-mail to my Hotmail account. I asked the question of
David in the Newsgroup, if I could trust the file to be safe before I used
it. Hotmail scanned for viruses which was what I feared by using
attachments sent from a stranger. Anyway, it worked and if someone else
developed it, I am thankful to them as well.