Help / review of my fix for My Computer Attacking Winifixer.com

Hello
It s been a while ... I was having a proble with MY computer attacking a winifixer.com site. My norton is now told to apply a block to this and it has stopped. This started when I down loaded a file and failed to scan it before double clicking on it (got to slow down!!!)

My internet setting have placed this site in the "security - restricted sites"
I have ran the procedures as shown and in the order shown.

I have attached the logs because I dont know how to read them and want to be sure this problem is taken care of.

Also befor running the procedures I was getting an error that a file in a temp folder could not be found when I was booting up. It no longer happens.

Could you tell me if I am safe and what was causing this problem??? The

 

Sorry for posting in the thread.... could you direct me to the proper location???? Its beenquite a while since I have posted a log and forget where t o post them...

 

Failed to finish reading the instructions on what to do after processing the MGTools program.

Here is the zipped log file from the C:\drive

Hope this is in the correct location

Dobbie

 

I want to thank you for your rapid response to my posting.

I am going to redo the whole procedure again starting from step 1 (my goof - over looked the Java steps....

I always thought that java uninstalled older versions when it installed the latest one.... Ill have to watch out for this java thing....

JUst got home and to late to do tonight ... got a very early sun rise tomorrow so have to get some shut eye.

Ill get the re processed files up there very shortly...

Again... thank you and I hope to get this done tomorrow after work...

 

Good day....

I read your last reply after I had reran all the programs... I really wanted to do it the right way.. I really plan on doing this on a regular basis....

First, I have cleaned up all the old Java versions, down loaded the latest from the site and have installed it.

I have reran all of the programs recommeded. I have removed spy bot and replaced it with the version I have DL from the site.
After running the programs I removed the webroot washer program. I have emptied the recycle bin. I have toggled off system restore, shut down the system. I have then restarted the computer and toggled the restore system back on.
I am normally pretty careful but getting the trojans that I had (which really suprised me that I had) really shocked me.

Hopefully, I have removed all the malware on the system.

I have attached the 4 files mentioned (three on this message and 1 on the next) and I am hopeing you can look them over and tell me that I am now cleaned of the trojans and virus.
Normally, norton protects me but I guess it really cant catch the trojans.

 

I am sending the 4th file under this message.....

Got to hit the sack now.... getting later and sun comes up early....:wave

Want to again thank you for your assistance in this and any advise will be well taken....

 

Good Evening.....

You have resolved my problem I think????

I cleared all of my Norton Logs and I am getting the following alerts -

8/6/2008 7:12:24 PM UNAUTHORIZED ACCESS LOGGED

ABOUT THREE TIMES EVERY MINUTE
from
Event Details:
Actor: C:\PROGRAM FILES\WINDOWS DEFENDER\MSMPENG.EXE (PID=1380)
Target: C:\Program Files\Common Files\Symantec Shared\ccLgView.exe
Action: Unauthorized access
Reaction: Unauthorized access stopped

Is there anyway I can get this stopped??? Isnt this a windows program??
I dont remember this happening befor....


Now.... I want to thank you for your help in this matter.... it puts my mind at easy.

I would like to mention the the reg fix worked.

I did not notice a ud.exe file but I did see a "ud " 1kb file dated 6/10/08 11:50 PM. I did not delete this file in the windows\system32 directory. Can I????

I did the system restore routine.

Would like to see if you have any guidance on teh above UNAUTHORIZED ACCESS LOGGED problem and the "ud " file.

Again, Thank you for your help in this matter....

Dobbie :wave

 

Good Evening

I have unhid files and folders as originally suggested and again have double checked as suggested.

I found the file called system_.ini the first time and deleted it but did not find the ud.exe........ just "ud" file.
I still have not found the ud.exe

will this cause problems??? or should I not look a gift hourse in the mouth???

 

OK renamed file and no complaints from the box...

I want you to know that I understand that this takes a lot of you time, working on these problems, and that I really appreciate your help.

Again, thank you and have a great weekend (if it is your weekend that is)

Dobbie