HT Logs. Tips, FAQs, Analyze.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: winconfig
Filename: winconfig.dll
Command: C:\Windows\System32\winconfig.dll
CLSID: {D263FA6D-84CC-48A8-9AF6-C664362B7A5B}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {D263FA6D-84CC-48A8-9AF6-C664362B7A5B} – C:\Windows\System32\winconfig.dll

Description: trojan fake-alert, component of Antivirus 360

How to remove: use the instructions How to remove Antivirus 360

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

CLSID: {69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {69135BDE-5FDC-4B61-98AA-82AD2091BCCC} – (no file)

Combofix/RSIT Line:
Description: part of SPYW_IMISERV.C, looks here

How to remove: Use HijackThis

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: IEPlugin163
Filename: IEPlugin163.dll
Command: C:\Program Files\WinCleaner\modules\IEPlugin163.dll
CLSID: {2F3D01F3-2A8E-4814-AA0F-8315172D22BF}
Startup Type: BHO
HijackThis Category: O4
HijackThis Line:

O2 – BHO: AntiSyware (IE PlugIn) – {2F3D01F3-2A8E-4814-AA0F-8315172D22BF} – C:\Program Files\WinCleaner\modules\IEPlugin163.dll

Description: component of WinCleaner 2009

How to remove: How to remove WinCleaner 2009 (Delete instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: QWProtect
Filename: QWProtect.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70FEAD04-A7FD-4B89-B814-8A8251C90EF7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D187DFF-423F-41d3-A331-A60DE5886675}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2182220D-AA70-4764-B4E6-1F5BBA322C9C}

Command: C:\Documents and Settings\All Users\Application Data\AV1\QWProtect.dll
CLSID:

{70FEAD04-A7FD-4B89-B814-8A8251C90EF7}
{8D187DFF-423F-41d3-A331-A60DE5886675}
{2182220D-AA70-4764-B4E6-1F5BBA322C9C}

Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: QWProtectBHO – {70FEAD04-A7FD-4B89-B814-8A8251C90EF7} – C:\Documents and Settings\All Users\Application Data\AV1\QWProtect.dll
O2 – BHO: QWProtectBHO – {8D187DFF-423F-41d3-A331-A60DE5886675} – C:\Documents and Settings\All Users\Application Data\AV1\QWProtect.dll
O2 – BHO: QWProtectBHO – {2182220D-AA70-4764-B4E6-1F5BBA322C9C} – C:\Documents and Settings\All Users\Application Data\N1\QWProtect.dll

Description: component of Anti-virus-1 and Anti-virus number 1

How to remove: How to remove Anti-virus-1 (Delete instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: bfgtoolbar
Filename: bfgtoolbar.dll
Command: [%PROGRAM_FILES%]\bfgtoolbar\bfgtoolbar.dll
CLSID: {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} – (no file)

Description: Adware OneToolBar
Notes: Big Fish Games Toolbar

How to remove: Use HijackThis.