.comment-link {margin-left:.6em;}
Plenty Of Free Parking
Friday, December 23, 2005
 
Getting rid of WinFixer

I was recently inflicted with the WinFixer malware, but I was able to get rid of it using various information and programs available on the Net.

I offer enormous thanks to everyone who puts their own time/effort/bandwidth into eradicating problems of this type.

The WinFixer malware apparently installs itself on your Windows machine using security bugs in Internet Explorer. After that, it pops up IE windows every once in a while (apparently including when you're not actually running IE!) and gives you an ad for WinFixer itself, which, conveniently enough, is supposed to be able to remove malware! I got ads for other sites (porn sites nauturally) which I believe were also coming from the WinFixer malware.

WinFixer itself is trying to pose as real software that people will pay money for, and the WinFixer malware apparently attempts to actually install it on your machine. Some of the instructions you'll see on the Net (particularly from the big time antivirus vendors) basically describe how to deinstall WinFixer itself, but they don't cover getting rid of the malware. In my case, WinFixer itself never got installed, so those particular instructions were useless for me.

I ran McAfee with recent virus data, and it never found this thing. They claim that they will catch WinFixer and label it as a "Potentially Unwanted Program", but I think they're looking for WinFixer itself and not the malware. I don't know if McAfee is capable of catching the malware.

So, to get rid of this thing, I did some google searches, and one of the things that kept coming up was a tool called HiJackThis (hjt). I downloaded version 1.99.1 from http://www.tomcoyote.org/hjt/. HJT goes through your registry and other system areas and tells you what it find there, and flags certain things as potential problems. It then gives you the option of correcting each potential problem. It doesn't tell you what to do, though, you get to dig your own grave.

So, using the HJT log and advice from the net, it looked likely that the WinFixer malware in my case was using the "Vundo Trojan", and there's a program available (http://www.atribune.org/downloads/VundoFix.exe) to eliminate it. It's a little bit sneaky, in that the filename it uses isn't always the same. This is the line from the HJT log that was most relevant:

O20 - Winlogon Notify: iiiff - C:\WINDOWS\system32\iiiff.dll

In my searches on the net, I saw many other names for this file. It's a random combination of letters.

So, using the procedures given to other people as examples, I downloaded and ran VundoFix.exe, and that seems to have solved all my problems.

Did I infect myself with more malware in the process of downloading and running these random programs off the net? I certainly hope not! I'll run McAfee again soon, but I don't trust it as much as I used to.

Another good site for system tools is sysinternals.com.

I got a lot of information from the forums on tomcoyote.org, dslreports.com, and cs.net.

Again, thanks to everyone who makes the tools available to fix these problems! PayPal donations will be forthcoming.
 
Sunday, December 04, 2005
 
Produce/Consume

You can produce or you can consume, and I think I want to produce. Experiences, artifacts, art, industry.

Unfortunately, I'm a low energy (read lazy) and low inspiration kind of guy, and that gets in the way. But I will try.

I salute all of you good folks out there who genuinely take steps to make a positive difference with something somewhere. I wish I was one of you, and maybe I will be.

The choice is particularly stark here in Cleveland, or any other place with an overall lack of dynamism. If you live in some place with a lot going on (New York, Washington, San Francisco, London, whatever), you can wait for things to be provided to you by the many many energetic people around you, and you can still feel like you're doing lots of stuff even when it doesn't take that much effort.

But the status quo in Cleveland is decline. If we all continue doing pretty much what we've been doing, then everything interesting here will just continue to slowly leak away, and that process feeds on itself. So, produce, produce, produce. Don't just wait for other people to give you something to do. (And certainly don't bitch because they haven't done so!)

(Incidentally, I don't know for a fact that the decline of Cleveland is ongoing, although that's what it seems to me in my more depressed moments. It's actually hard to see these things while you're in the middle of them. But, maybe, out there somewhere, there's a tipping point, and we've already passed it. Nice to imagine.)
 
 
Christmas Lights

So, it looks like we're staying in Cleveland. It was really questionable there for a while, but my wife has gotten a new job that's maybe pretty good. It wasn't at all obvious that this would happen, and I think we would have left if she had been out of work for more than a couple of months. I kinda like my job, but I don't like it so much that I wouldn't be willing to leave if that's what seemed best for her.

But now winter's here, and this increases the number of occasions when one of us asks ourselves, "Is this really what I want?".

Tonight, though, the houses and trees are covered with Christmas lights and snow, and it really is kind of magical.

It occurred to me that I never really saw this particular conjunction in Washington, because it doesn't generally snow there until January or February.

It's a small thing, yes. But I'm going to work on enjoying the moments, and maybe everything else will follow. Or not.
 
Q: What's the difference between the city and the suburbs?
A: Plenty of free parking!

Cleveland, trains, urbanism, righteous indignation

Name:
Location: Northeast, Ohio, United States

Subscribe to
Posts [Atom]

ARCHIVES
May 2005 / December 2005 / January 2006 / February 2006 / October 2006 / December 2006 / November 2007 / January 2008 / February 2008 / March 2008 / June 2008 / September 2008 / October 2008 / December 2008 / April 2009 / August 2009 / October 2009 / November 2009 / December 2009 / January 2010 / July 2010 /


PERMANENT POSTS
Getting rid of Winfixer
Sprawl: a Compact History, by Robert Bruegmann -- Collected Posts
Gus Gallucci's/Gust Gallucci's


LINKS
Christine Borne/Really Bad Cleveland Accent
Cleveland Area History
Cleveland Crib Webcam
An Unamplified Voice
Jane Galt/Megan McArdle/Asymmetrical Information
Mickey Kaus/Kausfiles

Powered by Blogger