DelphiFAQ Home Search:
General :: Windows :: Processes
Do you wonder what that long list of processes in your task manager comes from? Are all those programs running there really needed or are they a virus, adware, spyware.. recording all your keystrokes and then sending your passwords to a remote server? Read the articles below and learn about some of those processes.

Articles:

This list is sorted by recent document popularity (not total page views).
New documents will first appear at the bottom.

Featured Article

What is WinFixer 2005? It warns me about errors in my registry

Question:

I had a message box pop-up that supposedly (?)comes from Internet Explorer and warns me about errors in the registry database. It offers then to install a tool (?) WinFixer 2005 to check my computer for free (Recommended). The message box was a real message box (not a browser pop-up window) here is a screenshot:



Answer:

Anything that offers itself (as it is likely in this scenario) sounds suspicious. There is nothing wrong with free software. I am a big fan of open source software which can be both free like a free beer or free like a free human being (free from license limitations).
However, software that comes uninvited for free may not be so free after all. It probably wants to install further spyware or send data back to advertising servers. And yes, it is possible that they try to send back the user ids and passwords that browsers store for in local files for your convenience.

That WinFixer tries to also install an Active-X control from WinSoftware, certified from Thawte Code Signing CA. Certified only means that this download indeed comes from WinSoftware.com. It is not any kind of endorsement of this software.



What is WinFixer? WinFixer falls in the category advertising software. It secretly installs itself or any other item without the user permission or knowledge. You probably got it from a web site by accidentally clicking on a confusing ad (you know, those seemingly uncloseable browser windows). When WinFixer is not running, popup and popunder ads are displayed while the main product is not running. That way it seems not to be related to the popups that it pretends to cure. Once you actually 'install' (activate) WinFixer, it keeps coming back, warning you about problems with your registry.

Below is a list of files and registry entries associated with WinFixer 2005.

// Files on hard disk to detect WinFixer
 
 c:\Program Files\Winfixer 2005\install.exe
 c:\Program Files\Winfixer 2005\sr.exe
 c:\Program Files\Winfixer 2005\unins000.exe
 c:\Program Files\Winfixer 2005\updater.exe
 c:\Program Files\Winfixer 2005\wfx5.exe
 c:\Program Files\Winfixer 2005\compcln.dll
 c:\Program Files\Winfixer 2005\df_fixer.dll
 c:\Program Files\Winfixer 2005\df_proxy.dll
 c:\Program Files\Winfixer 2005\ffcom.dll
 c:\Program Files\Winfixer 2005\ffwraper.dll
 c:\Program Files\Winfixer 2005\fixcore.dll
 c:\Program Files\Winfixer 2005\ftrec.dll
 c:\Program Files\Winfixer 2005\idletrac.dll
 c:\Program Files\Winfixer 2005\mmfix.dll
 c:\Program Files\Winfixer 2005\oedrop.dll
 c:\Program Files\Winfixer 2005\strres.dll
 c:\Program Files\Common files\winsoftware\crxml.dll
 c:\Program Files\Common files\winsoftware\pcheck.dll
 
 
 // Entries in the registry:
 
 HKEY_CLASSES_ROOT\compcleancore.appcleaner.1\clsid
 HKEY_CLASSES_ROOT\compcleancore.appcleaner\clsid
 HKEY_CLASSES_ROOT\compcleancore.appcleaner\curver
 HKEY_CLASSES_ROOT\compcleancore.filecleaner.1\clsid
 HKEY_CLASSES_ROOT\compcleancore.filecleaner\clsid
 HKEY_CLASSES_ROOT\compcleancore.filecleaner\curver
 HKEY_CLASSES_ROOT\compcleancore.inetcleaner.1\clsid
 HKEY_CLASSES_ROOT\compcleancore.inetcleaner\clsid
 HKEY_CLASSES_ROOT\compcleancore.inetcleaner\curver
 HKEY_CLASSES_ROOT\compcleancore.regcleaner.1\clsid
 HKEY_CLASSES_ROOT\compcleancore.regcleaner\clsid
 HKEY_CLASSES_ROOT\compcleancore.regcleaner\curver
 HKEY_CLASSES_ROOT\compcleancore.systemcleaner.1\clsid
 HKEY_CLASSES_ROOT\compcleancore.systemcleaner\clsid
 HKEY_CLASSES_ROOT\compcleancore.systemcleaner\curver
 HKEY_CLASSES_ROOT\df_fixer.fixer.1\clsid
 HKEY_CLASSES_ROOT\df_fixer.fixer\clsid
 HKEY_CLASSES_ROOT\df_fixer.fixer\curver
 HKEY_CLASSES_ROOT\df_proxy.drivermanipulate.1\clsid
 HKEY_CLASSES_ROOT\df_proxy.drivermanipulate\clsid
 HKEY_CLASSES_ROOT\df_proxy.drivermanipulate\curver
 HKEY_CLASSES_ROOT\ffcom.flfixer\clsid
 HKEY_CLASSES_ROOT\ffwraper.ffenginwraper.1\clsid
 HKEY_CLASSES_ROOT\ffwraper.ffenginwraper\clsid
 HKEY_CLASSES_ROOT\ffwraper.ffenginwraper\curver
 HKEY_CLASSES_ROOT\fixcore.mmfixcore.1\clsid
 HKEY_CLASSES_ROOT\fixcore.mmfixcore\clsid
 HKEY_CLASSES_ROOT\fixcore.mmfixcore\curver
 HKEY_CLASSES_ROOT\interface\{1ce1c25b-f8b4-4974-99d2-5d4ae96b9900}
 HKEY_CLASSES_ROOT\interface\{9e984934-cd94-4763-9dbc-618e483d4b7f}
 HKEY_CLASSES_ROOT\typelib\{30ed49a5-ca6c-4918-b5f3-5e6818c91d8b}\1.0
 HKEY_CLASSES_ROOT\typelib\{6a077841-5016-42c8-92c8-f2d6b865bcd1}
 HKEY_CLASSES_ROOT\typelib\{ad70ac89-f460-4e7e-b5a5-7eaf7e207736}
 HKEY_CLASSES_ROOT\typelib\{b6625280-8cd8-4632-97c0-83cec12a49a3}
 HKEY_CLASSES_ROOT\typelib\{f458adae-d53b-4859-b99f-9fa127791278}
 HKEY_CLASSES_ROOT\typelib\{fc76a5b8-db35-4f3e-8b9a-bf0eea098d64}
 HKEY_CURRENT_USER\software\winsoftware\winfixer 2005
 

Generated 16:02:28 on Oct 19, 2017