I have been trying to get winfixer out of my computer and it has been a frustrating experience. I have seen many threads regarding this and tried what they asked to do and could not get it out. Here is my Hijack this log.
****************************
Logfile of HijackThis v1.99.1
Scan saved at 8:52:12 PM, on 10/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\AccessManager\PMAC\sp_SWIns.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AccessManager\Client\sygman.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\0FCD0G.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSEvents Object - {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - C:\WINDOWS\system32\vtspo.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2005\spy.htm
O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2005\spy.htm
O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2005\spy.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://isgtrend.ing...ll/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} - https://isgtrend.ing...ll/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} - https://isgtrend.ing...stall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1AC69C66-9DED-46DD-A476-3C626DD5FEB5} (SideMapPlugIn) - http://alpha.skyline...deMapPlugIn.cab
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://isgtrend.ing...html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} - https://isgtrend.ing.../RemoveCtrl.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://imgsts.ingr-imgs.com/msrdp.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://imgs-meeting...bex/ieatgpc.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - file://C:\Program Files\InterCAP\ActiveCGM\ActiveX\Acgm.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ingr-imgs.com
O17 - HKLM\Software\..\Telephony: DomainName = ingr-imgs.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ingr-imgs.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ingr-imgs.com
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: vtspo - C:\WINDOWS\system32\vtspo.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Access Manager Configuration Service (AMBroker) - MCI, Inc. - C:\Program Files\AccessManager\Client\AMBroker.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Visual Insight DA Plugin (DAPlugin) - MCI, Inc. - C:\Program Files\AccessManager\Client\DAPlugin.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: I/CAD DBServer (ICADDBServer) - Intergraph Public Safety - C:\Program Files\Intergraph\IEXEC\bin\dbserver.exe
O23 - Service: I/CAD Listener (ICADListener) - IPS - C:\Program Files\Common Files\Intergraph\listen.exe
O23 - Service: I/CAD Scheduler (ICADScheduler) - Intergraph Public Safety - C:\Program Files\Intergraph\IEXEC\bin\isched.exe
O23 - Service: I/INTERFACE Service Manager (Intergraph Public Safety ISM) - ips - C:\Program Files\Intergraph\ISM\ism.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: GeoMedia WebMap (mapsvrmngr) - Unknown owner - c:\progra~1\geomed~2\Program\MapSvrMngr.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: OracleOracleFormsClientCache - Unknown owner - C:\oracle\OracleForms\BIN\ONRSD.EXE
O23 - Service: OracleOraclePrakashAgent - Oracle Corporation - C:\oracle\OraclePrakash\bin\agntsrvc.exe
O23 - Service: OracleOraclePrakashClientCache - Unknown owner - C:\oracle\OraclePrakash\BIN\ONRSD.EXE
O23 - Service: OracleOraclePrakashHTTPServer - Unknown owner - C:\oracle\OraclePrakash\Apache\Apache\apache.exe" --ntservice (file missing)
O23 - Service: OracleOraclePrakashSNMPPeerEncapsulator - Unknown owner - C:\oracle\OraclePrakash\BIN\ENCSVC.EXE
O23 - Service: OracleOraclePrakashSNMPPeerMasterAgent - Unknown owner - C:\oracle\OraclePrakash\BIN\AGNTSVC.EXE
O23 - Service: OracleOraclePrakashTNSListener - Unknown owner - C:\oracle\OraclePrakash\BIN\TNSLSNR.exe
O23 - Service: OracleServiceORACLEDB - Oracle Corporation - c:\oracle\oracleprakash\bin\ORACLE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SP Software Installer - Smartpipes, Inc. - C:\Program Files\AccessManager\PMAC\sp_SWIns.exe
O23 - Service: Visual Insight Dial Analysis (sp_spi_da) - Smartpipes, Inc. - C:\Program Files\AccessManager\SMOC\spi_da.exe
O23 - Service: SSA Integration Manager (Sygman) - MCI, Inc. - C:\Program Files\AccessManager\Client\sygman.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
********************
Please help me out figure this problem.
Thanks for your time guys
Prakash