[Insaneman1731]

So I downloaded this program like and idiot, and it turns out to keep giving me random pop-ups after I deleted the program. How can I get rid of this? Thanks.

[evilfantasy]

Please see Malware Removal Guide: Please Read Before Posting

[Insaneman1731]

Here is my Hijackthis log..

[evilfantasy]

Please see Guide For Attaching Logs To A Post

Next:
1. Please download Combofix by sUBs. Place it on your Desktop. combofix.exe
2. Double click combofix.exe & follow the prompts. Enter 1 and press enter at the prompt.
3. When finished, it shall produce a log for you. Attach that log in your next reply.
Combofix will create a backup to anything removed in C:\qoovox

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


Next post, please attach the combofix log and a new HijackThis log.

[Insaneman1731]

Here ya go.

[evilfantasy]

Did you uninstall Winzix in add/remove programs?

===

Go to http://www.virustotal.com/ select "Browse" and find this file

C:\Windows\mrofinu2000400.exe

double click it to enter it into the window. Then select "Send File"
This will take a few minutes and run it through 32 virus scanners and show the results.
Post back and let me know what (if anything) was found.

===

Delete these files/folders, as follows:

* Open notepad and copy/paste the text in the quotebox below into it (all except the word QUOTE):

File:: C:\Program Files\WinZix Folder:: C:\Documents and Settings\All Users\Application Data\Wait Find Browse New\REAL STUPID.exe

* Save this as CFScript on the desktop.
* Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!


* ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang.

===

Next post attach the combofix log and let me know the results of the virustotal scan.

[Insaneman1731]

Ok I did that stuff, here are the files..

[evilfantasy]

Have you uninstalled Winzix?

[Insaneman1731]

Yes.

[evilfantasy]

Enable Viewing Of Hidden System Files & Folders

Windows XP
1. Right Click Start.
2. Select Control Panel.
3. Select the Tools menu and click Folder Options.
4. Select the View Tab.
5. Under the Hidden files and folders heading select Show hidden files and folders.
6. Uncheck the Hide extensions for known file types option.
7. Uncheck the Hide protected operating system files (recommended) option.
8. Click Apply.
9. Click OK.

Then locate and delete C:\Program Files\WinZix (if there)

=====

This will help reduce the time for the next scan.

Please download ATF Cleaner by Atribune. ATF Cleaner.exe This program does not require an installation. The executable actually runs the program.

NOTE: ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.
* Double-click ATF-Cleaner.exe to run the program.
* Under Main choose: Select All
* Click the Empty Selected button.

If you use Firefox browser
* Click Firefox at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser
* Click Opera at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main ATF Cleaner menu to close the program.

=====

Run the BitDefender Online Scanner.

[FONT=Arial][SIZE=2]Agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files.
[/SIZE][/FONT]
Once Bitdefender completes the scan:
Click-on the Detected Problems tab.
Then select Click here to export the scan report.

When the window comes up to save the report, change the Save as type: box to:
Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click Save.

This will save a file named bdscan.txt. I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later).
This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to us.

Post the bdscan.txt file as an Attachment.
[SIZE=1]Thanks To Chaslang For The Bitdefender Guide!

=====

[SIZE=2]Next Post:
[/SIZE][/SIZE]bdscan.txt file as an Attachment.