WinFixer and other pop-ups

[Flack]

Hey guys.

I followed the steps listed in "How to remove Begin2Search / CoolWebSearch and other Nasties" and restarted my computer.

However, I still am getting some random popups from WinFixer, dating and loan services, etc.

I have attached my HJT log file.

Any help is appreciated.

Thanks

 

[RealBlackStuff]

First Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/R/ unRegister the xxx.DLL in that line
Transfer the text from between these dotted lines underneath to between the dotted lines of the above post.
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines indicated here!
...................................................................................................
/R/ O2 - BHO: DosSpecFolder Object - {FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - C:\WINDOWS\system32\ddaby.dll
/P/ O4 - Startup: Scheduler.lnk = C:\RECYCLER\NPROTECT\00055239.EXE
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = mskcc.root.mskcc.org,mskcc.org
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = mskcc.root.mskcc.org,mskcc.org
O20 - Winlogon Notify: ddaby - C:\WINDOWS\system32\ddaby.dll
...................................................................................................

Howard (Thanks!) suggested to try this if the above does not work:
There is an excellent removal tool for this (Vundo) infection available from http://www.atribune.org/content/view/24/2/