winfixer

i can not seem to get rid of something called winfixer no matter what i run can someone give me some ideas what to do thanx.

 

Welcome to MajorGeeks.com, please follow the steps below:

http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis

 

winfixer

 

Please download CounterSpy 1.5.77.

Install, when the setup wizard comes up just click "Skip" and then it will update. After all updates are completed click CLOSE.

Click on "Run Spyware Scan" and then click on Scan Options, be sure "Full System" is checked. After you completed the steps above, click "Scan Now" to begin the scan.

Afterwards please attach the log along with a fresh HJT log.

 

winfixer

 

Hello i ran counterspy it detected 11 spyware i am sorry i do not know how to send the results like you asked could you possible tell me thank you for all your help

 

Inline log attached!

 

Please attach a current HJT log from normal mode.

 

i am still having truoble with winfixer help please.

 

Before we start this fix, I would like to remind you that in order to remove these infections you need to reply in a timely manner because a delay can allow the to return.

Please see my thread below on the removal of this baddie.

Virtumonde aka Trojan Vundo Fix w/ Tool

 

i hope this is it

 

Please see the below thread on how to install and run Ewido Security Suite.

• Running Ewido Security Suite ...

 

here is the scan report from ewido

 

Attach a fresh HJT log from normal mode.

 

here is hjt log thanks

 

Please see the below thread on how to install and run Spy Sweeper.

Running Spy Sweeper...

 

here is the logs thankyou

 

Please look in Add or Remove Programs for the following and Uninstall them if found:

Ewido

Spy Sweeper

Now scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - blank (file missing)
O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe

O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: awtqo - awtqo.dll (file missing)
O20 - Winlogon Notify: ssqpp - C:\WINDOWS\system32\ssqpp.dll (file missing)
O20 - Winlogon Notify: ssttu - ssttu.dll (file missing)
O20 - Winlogon Notify: vtsqn - C:\WINDOWS\system32\vtsqn.dll (file missing)

Again, make sure ALL browser windows are closed when you click FIX.

Now, Please boot into Safe Mode, be sure you have the Viewing of Hidden Files & Folders Enabled per the tutorial. Now, navigate to and DELETE the following if they should remain:

ShowWnd.exe ← Search for this file and delete if found! It will most likely be in C:\WINDOWS\system32

MsgPlusLoader.dll ← Search for this file and delete if found! It will most likely be in C:\WINDOWS\system32

Next, run CCleaner to clean up cookies and temp files.

Run full scans with Ad-Aware SE & Spybot S&D and have both programs fix what they find.
Note: Remember to get all updates before doing the scans.

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:

• Temporary Files
• Temporary Internet Files
• Recycle Bin

And Click OK.


Finally, I would like you to flush your System Restore points. Please follow the instructions in the below:

• Disable and Re-enable System Restore
  
  
• Turn OFF System Restore to flush any bad Restore Points.
  
  
• Then, follow the instructions at the bottom of the linked page to Re-enable the Restore Utility which will create a fresh restore point.

Reboot to Normal Windows, Scan with HijackThis and attach the new log.
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

things seem to be running good you guys are awesome thanks again for all your help and patience it was unbelivable.

 

Your HJT log is clean, are you having any further problems?

 

I do not seem to be having any problems at this time, I am running adaware, AVG, Spybot, Spyware Blaster. I still have Microsoft Antispyware loaded and I use RegscrubXP are these good choices, to much or do you have any suggestions. Thanks Again

 

Yes, those are good choices except for RegscrubXP because I'm not familiar with it.

You should see this article on How to Protect yourself from malware!

Surf Safely!