It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: winxn
Filename: winxn.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | WinXn

Command: %Temp%\winxn.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [WinXn] %Temp%\winxn.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“WinXn”=%Temp%\winxn.exe

Description: malware

How to remove: use HijackThis + Kaspersky virus removal tool

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Windows Scan associated files and folders:

%Temp%\{RANDOM}.exe
%AllUsersProfile%\{RANDOM}
%AllUsersProfile%\{RANDOM}.dat
%UserProfile%\Desktop\Windows Scan.lnk
%UserProfile%\Start Menu\Programs\Windows Scan
%UserProfile%\Start Menu\Programs\Windows Scan\Windows Scan.lnk
%UserProfile%\Start Menu\Programs\Defragmenter\Defragmenter.lnk

Windows Scan associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %AllUsersProfile%\{RANDOM}.exe
HijackThis shows WindowsScan:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Windows Scan is a fake hard disk drive defragmenter software.Once installed, it will display false information and fake critical alerts on the computer. Moreover, it will perform a fake scan and state that the system has some serious problems, such critical errors in Windows registry, hard drive is missing or unreadable. Windows Scan will also blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Do not be scared into purchasing the bogus software! You should remove Windows Scan malware from your computer as soon as possible.

How to remove: use the Windows Scan malware removal guide.

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Memory Optimizer associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Memory Optimizer.lnk
%UserProfile%\Start Menu\Programs\Memory Optimizer
%UserProfile%\Start Menu\Programs\Memory Optimizer\Memory Optimizer.lnk

Memory Optimizer associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Memory Optimizer:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Memory Optimizer is a computer optimization software.Once installed, it will display false information and fake critical alerts on the computer. Moreover, it will perform a fake scan and state that the system has some serious problems, such critical errors in Windows registry, hard drive is missing or unreadable. MemoryOptimizer will also blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Do not be scared into purchasing the bogus software! You should remove Memory Optimizer malware from your computer as soon as possible.

How to remove: use the Memory Optimizer malware removal guide.

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

HDD Fix associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\HDD Fix.lnk
%UserProfile%\Start Menu\Programs\HDD Fix
%UserProfile%\Start Menu\Programs\HDD Fix\HDD Fix.lnk
%UserProfile%\Start Menu\Programs\HDD Fix\HDD Fix.lnk

HDD Fix associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows HDD Fix:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: HDD Fix is a fake computer optimization software that display false information and fake critical alerts on the computer. Moreover, it will perform a fake scan and state that the system has some serious problems, such critical errors in Windows registry, hard drive is missing or unreadable. HDDFix will also blocks all the legitimate and trustful applications used on your computer. In order to repair the entire system, the program will prompt you to purchase its full version. Do not be scared into purchasing the bogus software! You should remove HDD Fix from your computer as soon as possible.

How to remove: use the HDD Fix removal.

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Quick Defrag associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Quick Defrag.lnk
%UserProfile%\Start Menu\Programs\Quick Defrag
%UserProfile%\Start Menu\Programs\Quick Defrag\Quick Defrag.lnk
%UserProfile%\Start Menu\Programs\Quick Defrag\Quick Defrag.lnk

Quick Defrag associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Quick Defrag:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Quick Defrag is a malicious program that pretends to be a computer optimization software. The rogue is installed via trojans without user knowledge and permission. Once started, it will report false information and display fake alerts on the computer. The rogue will perform a fake scan and state that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, QuickDefrag will blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Most important, do not pay for the fake software! Instead, follow the removal guide below to remove Quick Defrag from your computer for free using legitimate free antimalware software.

How to remove: use the Quick Defrag removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

It is a fake security program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Security Shield associated files and folders:

C:\Documents and Settings\All Users\Application Data\{RANDOM}
C:\Documents and Settings\All Users\Application Data\{RANDOM}\{RANDOM}.exe.

Security Shield associated registry keys and values:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\{RANDOM}

Core filename: {RANDOM}.exe
Command: C:\Documents and Settings\All Users\Application Data\{RANDOM}\{RANDOM}.exe
HijackThis shows Security Shield:

O4 – HKCU\..\RunOnce: [{RANDOM}] C:\Documents and Settings\All Users\Application Data\{RANDOM}\{RANDOM}.exe

Description: Security Shield is a fake antivirus program that installed through the use of trojans without user knowledge and permission. When is started, it will perform a fake scan and state that your computer is infected with viruses, spyware and malware. Moreover, SecurityShield will display numerous fake security alerts and block all the legitimate and trustful applications used on your computer. In order to cure your PC, the program will suggest you to purchase its full version. Most important, do not pay for the fake software! Instead, follow the removal guide below to remove Security Shield from your computer for free using legitimate free antimalware software.

How to remove: use the Security Shield removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.
2. Download HijackThis from here and save it to your desktop.
3. Run HijackThis. Click to Scan button. After HijackThis completes the system scan, check the box to the left of the following items:

O4 – HKCU\..\RunOnce: [{RANDOM}] C:\Documents and Settings\All Users\Application Data\{RANDOM}\{RANDOM}.exe

Please be very careful, do NOT check any other boxes! Next, click on Fix checked on the bottom left side of the HijackThis screen. Close HijackThis.
4. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Win Scanner associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Win Scanner.lnk
%UserProfile%\Start Menu\Programs\Win Scanner
%UserProfile%\Start Menu\Programs\Win Scanner\Win Scanner.lnk
%UserProfile%\Start Menu\Programs\Win Scanner\Win Scanner.lnk

Win Scanner associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Win Scanner:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Win Scanner is a fake hard disk drive defragmenter software.Once installed, it will display false information and fake critical alerts on the computer. Moreover, it will perform a fake scan and state that the system has some serious problems, such critical errors in Windows registry, hard drive is missing or unreadable. Win Scanner will also blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Do not be scared into purchasing the bogus software! You should remove Win Scanner virus from your computer as soon as possible.

How to remove: use the Win Scanner virus removal guide.

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Defragmenter associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Defragmenter.lnk
%UserProfile%\Start Menu\Programs\Defragmenter
%UserProfile%\Start Menu\Programs\Defragmenter\Defragmenter.lnk
%UserProfile%\Start Menu\Programs\Defragmenter\Defragmenter.lnk

Defragmenter associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows HDD Tools:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Defragmenter is a fake hard disk drive defragmenter software.Once installed, it will display false information and fake critical alerts on the computer. Moreover, it will perform a fake scan and state that the system has some serious problems, such critical errors in Windows registry, hard drive is missing or unreadable. Defragmenter will also blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Do not be scared into purchasing the bogus software! You should remove Defragmenter virus from your computer as soon as possible.

How to remove: use the Defragmenter virus removal guide.

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

HDD Tools associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\HDD Tools.lnk
%UserProfile%\Start Menu\Programs\HDD Tools
%UserProfile%\Start Menu\Programs\HDD Tools\HDD Tools.lnk
%UserProfile%\Start Menu\Programs\HDD Tools\HDD Tools.lnk

HDD Tools associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows HDD Tools:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: HDD Tools is a fake computer optimization software that display false information and fake critical alerts on the computer. Moreover, it will perform a fake scan and state that the system has some serious problems, such critical errors in Windows registry, hard drive is missing or unreadable. HDDTools will also blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Do not be scared into purchasing the bogus software! You should remove HDD Tools from your computer as soon as possible.

How to remove: use the HDD Tools removal.

It is a malicious program, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Smart HDD associated files and folders:

%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Desktop\Smart HDD.lnk
%UserProfile%\Start Menu\Programs\Smart HDD
%UserProfile%\Start Menu\Programs\Smart HDD\Smart HDD.lnk
%UserProfile%\Start Menu\Programs\Smart HDD\Smart HDD.lnk

Smart HDD associated registry keys and values:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

Core filename: {RANDOM}.exe
Command: %Temp%\{RANDOM}.exe
HijackThis shows Smart HDD:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}.exe

Description: Smart HDD is a malware that pretends to be a computer optimization software. The rogue is installed via trojans without user knowledge and permission. Once started, it will report false information and display fake alerts on the computer. The rogue will perform a fake scan and state that your computer has some serious problems such critical errors in Windows registry, hard drive is missing or unreadable. Moreover, SmartHDD will blocks all the legitimate and trustful applications used on your PC. In order to repair the entire system, the program will suggest you to purchase its full version. Most important, do not pay for the fake software! Instead, follow the removal guide below to remove Smart HDD from your computer for free using legitimate free antimalware software.

How to remove: use the Smart HDD removal instructions or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Download OTM by OldTimer from here and save to your desktop. Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[Reboot]

Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).