Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 318
  • Last Modified:

Winfixer Removal

I have the Winfixer 2006 popup. What is the best way to rtemove it please? I have tried Vundo.

This is the HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 10:37:35, on 09/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\ClipMate7\clipmate.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program Files\V-Stream Multimedia\TV88X Utilities\C8XRCtl.exe
C:\Program Files\V-Stream Multimedia\TV883 Utilities\C8XRCtl.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\PC Magazine Utilities\RapidRes\RapidRes.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\XoftSpySE\xoftspy.exe
C:\Program Files\Executive Software\Diskeeper\DfrgNTFS.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=192.168.0.1:8000;http=192.168.0.1:80;https=192.168.0.1:443;socks=192.168.0.1:1080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>;localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - c:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - c:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [1] Õ
O4 - HKCU\..\Run: [2] Õ
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpriteService] "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [ClipMate7] C:\Program Files\ClipMate7\clipmate.exe
O4 - HKCU\..\Run: [Startup Manager] C:\Documents and Settings\Beryl Mathews\Application Data\Systweak\ASO 2\smstartUp manager.exe
O4 - Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
O4 - Startup: RapidRes.lnk = C:\Program Files\PC Magazine Utilities\RapidRes\RapidRes.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\V-Stream Multimedia\TV88X Utilities\C8XRCtl.exe
O4 - Global Startup: TV883 Remote Control.lnk = C:\Program Files\V-Stream Multimedia\TV883 Utilities\C8XRCtl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1082\en-gb\bin\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\program files\microsoft office\office11\excel.exe/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1110\en-gb\msntabres.dll/229?af75385ccca8474aaba42135775d4648
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1110\en-gb\msntabres.dll/230?af75385ccca8474aaba42135775d4648
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O15 - Trusted Zone: http://www.ntlworld.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0466533a3519fa0d5615/netzip/RdxIE601.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132065330171
O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://c.ancestry.com/cab/ImageViewer/MFImgVwr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\system\intralaunch.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.tescophoto.com/wpp/tesco/app/opcuploader.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab
O16 - DPF: {E82ED244-76EF-4D34-BDB3-AB21A522F38E} (webhelper Class) - http://www.btconnect.com/public/home/download/btbconnectwebcontrol013.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FAEEB5E-64CC-4988-BE1F-2106C86B6D97}: NameServer = 172.16.0.1
O18 - Protocol: bw+0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw+0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw-0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw-0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw00 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw00s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw10 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw10s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw20 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw20s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw30 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw30s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw40 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw40s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw50 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw50s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw60 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw60s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw70 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw70s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw80 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw80s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw90 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bw90s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwa0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwa0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwb0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwb0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwc0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwc0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwd0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwd0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwe0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwe0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwf0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwf0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwg0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwh0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwh0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwi0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwi0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwj0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwj0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwk0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwk0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwl0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwl0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwm0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwm0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwn0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwn0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwo0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwo0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwp0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwp0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwq0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwq0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwr0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwr0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bws0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bws0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwt0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwt0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwu0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwu0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwv0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwv0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bww0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bww0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwx0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwx0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwy0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwy0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwz0 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: bwz0s - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {62AB497C-1297-4CCF-A4CE-136AD50BF4D7} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\PROGRAM FILES\SPEEDWAY!\de_serv.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect Helper - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

Any help will be appreciated, thanks.

0
StephenRM
Asked:
StephenRM
  • 2
1 Solution
 
r-kCommented:
For future reference, you can post your log to http://www.hijackthis.de/ and just post a link to the analyzed log here.

I did this for you, and it is at:

 http://www.hijackthis.de/logfiles/900c525db612f4eba0cc2adf5e489a6d.html

You'd definitely want to fix these entries:

 O4 - HKCU\..\Run: [1] Õ
 O4 - HKCU\..\Run: [2] Õ
 
If this doesn't fix it, review some of the other items marked nasty, possibly nasty, or unknown there and see what else you don't need. Keep in mind that not all of those are necessarily bad.

Also check these recent links re. Winfixer

 http://www.experts-exchange.com/Security/Win_Security/Q_21733115.html
 http://www.experts-exchange.com/Security/Win_Security/Q_21679767.html

 
0
 
StephenRMAuthor Commented:
Thank you for the help.

Do I just delete the registry keys?

0
 
r-kCommented:
"Do I just delete the registry keys?"

 You can do it manually, but it may be easier to just run HJT and have it fix the entries you select.
0
 
davidis99Commented:
Winfixer is annoying, but can be removed through its own uninstall within its program group.    It was on my roommate's PC, but by steering clear of its attempts to discourage uninstallation, I got rid of it.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now