Spyware Info

Spyware Removal

Viruses

Other

Winfixer Removal and Steps to Remove other Spyware







Spyware is abundant and we are here to help make spyware removal much more painless!



remove spyware


Steps for Detecting and Removing Spyware (Winfixer 2005 / Winfixer 2006):


This particular Spyware is nearly impossible to remove by hand. This spyware has a number of names like: winfixer 2005, winfixer, winfixer 2006, virtumundo, vundo, trojan.vundo.b, win fixer, MSEvents, and look2me. We have a number of spyware tools that will help eliminate it. Typical spyware entries that one would find listed in hijackthis would be the following:.

Symptoms:
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS\System32\pmnli.dll
O2 - BHO: MSEvents Object - {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - C:\WINDOWS\System32\gebcd.dll

Typical spyware listings under "Winlogon Notify" are the follow.

O20 - Winlogon Notify: gebcd - C:\WINDOWS\System32\gebcd.dll
O20 - Winlogon Notify: pmnli - C:\WINDOWS\SYSTEM32\pmnli.dll


Step 1

Backup any important data. Imaging your drive would be wise. (removing spyware and viruses MAY cause data loss!!!)
A great program for backing up your entire drive is Acronis True Image 11.0
If you haven't already completed Step 2-6, do so now.

Step 2

Follow the Tutorial for Webroot's Spysweeper
Spysweeper will remove Winfixer 2005 / Winfixer 2006. The 14 day trial version will remove it assuming you've never used Spysweeper in the past. Spysweeper has come along as one of the top Spyware Removers on the market so it certainly is not a waste of money. In addition, it would have kept you from getting Winfixer in the first place!

Step 3

Follow the Tutorial for Ad-Aware

Step 4

Follow the Tutorial for Spybot

Step 5

Follow the Tutorial for Microsoft Windows Defender

Step 6

Follow the Tutorial for Ewido Security Suite

Step 7
Run Online Virus Scanner Trend Micro then after it is finished. Reboot


Step 8 (tools for removing this spyware)

Use these programs and instructions at your own risk!


Step 9
Remove any outdated virus scanner you have and only continue to Step 10 if your virus scanner is outdated. (ex.Norton, Mcafee) DO NOT install more than one virus scanner for "full-time/resident scanning." Remove any of the previously used programs you feel are unneeded, by going to "Start" -> "Control Panel" -> "Add/Remove Programs". In the list should be "Ad-Aware SE Personal," "Spybot Search & Destroy," "Microsoft AntiSpyware," "Ewido Security Suite." Microsoft Antispyware has a background component that can slow down your computer. Thus making it a good candidate to be uninstalled. Ewido Security Suite is also not a free program, so if you do not intend to purchase it, then it would be a good candidate to be uninstalled as well.

Step 10*
Get yourself a virusscanner! We recommend NOD32 if you need JUST a virus scanner and if you need a firewall AND a virusscanner we highly recommend Kaspersky. NEVER run more than one virus scanner or firewall at a time.

Kaspersky Lab North America Free Trials




Step 11

Download and install newest version of Firefox (a replacement for Internet Explorer). Firefox has a much better track record as far as security goes. It is updated more often and there are less attacks against Firefox. The odds of you getting spyware again after using Firefox are MUCH less likely. Which is due to Firefox not supporting ActiveX and less attacks being developed against the browser itself. Download Firefox from the link below!

Download and install newest version of Firefox (a replacement for Internet Explorer). Firefox has a much better track record as far as security goes. It is updated more often and there are less attacks against Firefox. The odds of you getting spyware again after using Firefox are MUCH less likely. Which is due to Firefox not supporting ActiveX and less attacks being developed against the browser itself. Download Firefox from the link below!


Step 12

Complete Steps 2-6 again, though do not reinstall the software, simply run Adaware, Spybot, Microsoft Antispyware, Ewido Security Suite, MicroTrend Virus Scan.


Other sample file names commonly found with a this Spyware infection are the following .dll files (certainly not limited to these though). Winfixer randomly generates the name of the .dll files, though the names of the files do not appear to be very random. So you may see the .dll files on your system to look strikingly similar to any of these. Most commonly the Winfixer spyware files's will be 5 characters in length.

Common file names of Winfixer Spyware
C:\WINDOWS\system32\pmnnm.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\ljhgh.dll
C:\WINDOWS\system32\nnnnk.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\ssqpn.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\qopnm.dll
C:\WINDOWS\system32\vtstq.dll
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\ddccy.dll
C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\System32\jkklm.dll
C:\WINDOWS\system32\req.dll
C:\WINDOWS\system32\igfxsrvc.dll
C:\WINDOWS\system32\yabya.dll
C:\WINDOWS\system32\geebc.dll
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtqq.dll
C:\WINDOWS\system32\sstqq.dll
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\ddayv.dll
C:\WINDOWS\system32\mljge.dll
C:\WINDOWS\system32\sstts.dll
C:\WINDOWS\system32\pmnno.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\jkkji.dll
C:\WINDOWS\system32\jkkli.dll
C:\WINDOWS\system32\efeca.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\pmnkk.dll
C:\WINDOWS\system32\service.dll
C:\WINDOWS\System32\msvmon.dll
C:\WINDOWS\system32\gebyx.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\ssqro.dll
C:\WINDOWS\system32\wvwtk.dll
C:\WINDOWS\system32\nnnll.dll
C:\WINDOWS\system32\ddccb.dll
C:\WINDOWS\system32\ddaya.dll
C:\WINDOWS\system32\byxww.dll
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\mllmn.dll

Please Email us if you find errors in our Tutorials or have problems. Contact Us