mediagateway
winfixer2005
bargain buddy
common components of windupdates
perfect keylogger
vx2.look2me
THEY ARE DRIVING ME NUTS!
and the only program that discovered these threats is spyware doctor!But it says I need to pay for it.is there any way of manualy deleting these threats?
P.S.: i have a spyware doctor log:
Spyware Doctor Activity Report
Generated on 12/29/2005 2:54:49 PM
Spyware Doctor Homepage PC Tools Homepage Technical Support
Scans (basic information only):
Scan Results:
scan start: 12/29/2005 2:55:14 PM
scan stop: 12/29/2005 3:05:22 PM
scanned items: 83844
found items: 64
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner
Infection Name Location Risk
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll## Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll##.Owner Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll##{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs##C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB} Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid32 Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid32## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib##Version Elevated
WinFixer 2005 HKCR\PCheck.PCheck Elevated
WinFixer 2005 HKCR\PCheck.PCheck## Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CLSID Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CLSID## Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CurVer Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CurVer## Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1 Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1## Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1\CLSID Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1\CLSID## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B} Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0 Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0 Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0\win32 Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0\win32## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\FLAGS Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\FLAGS## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\HELPDIR Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\HELPDIR## Elevated
Bargain Buddy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0878B424-1F95-4E26-B5AB-F0D349D89650} High
Bargain Buddy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0878B424-1F95-4E26-B5AB-F0D349D89650}\iexplore High
Common Components for WindUpdates HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} Medium
Common Components for WindUpdates HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}\iexplore Medium
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore Elevated
Perfect Keylogger HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A} High
Perfect Keylogger HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\iexplore High
VX2.Look2Me HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} High
VX2.Look2Me HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4208FB4D-4E53-4F5A-BF7A-3E047DDB5281}\iexplore High
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E} Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\InprocServer32 Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\ProgID Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Programmable Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\TypeLib Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\VersionIndependentProgID Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E} Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\InprocServer32 Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\ProgID Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Programmable Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\TypeLib Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\VersionIndependentProgID Elevated
Scan Results:
scan start: 12/29/2005 3:09:38 PM
scan stop: 12/29/2005 3:18:36 PM
scanned items: 83855
found items: 64
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner
Infection Name Location Risk
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll## Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll##.Owner Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll##{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} Elevated
MediaGateway HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs##C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB} Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid32 Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid32## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib## Elevated
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib##Version Elevated
WinFixer 2005 HKCR\PCheck.PCheck Elevated
WinFixer 2005 HKCR\PCheck.PCheck## Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CLSID Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CLSID## Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CurVer Elevated
WinFixer 2005 HKCR\PCheck.PCheck\CurVer## Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1 Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1## Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1\CLSID Elevated
WinFixer 2005 HKCR\PCheck.PCheck.1\CLSID## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B} Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0 Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0 Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0\win32 Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0\win32## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\FLAGS Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\FLAGS## Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\HELPDIR Elevated
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\HELPDIR## Elevated
Bargain Buddy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0878B424-1F95-4E26-B5AB-F0D349D89650} High
Bargain Buddy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0878B424-1F95-4E26-B5AB-F0D349D89650}\iexplore High
Common Components for WindUpdates HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} Medium
Common Components for WindUpdates HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}\iexplore Medium
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore Elevated
Perfect Keylogger HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A} High
Perfect Keylogger HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\iexplore High
VX2.Look2Me HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} High
VX2.Look2Me HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4208FB4D-4E53-4F5A-BF7A-3E047DDB5281}\iexplore High
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E} Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\InprocServer32 Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\ProgID Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Programmable Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\TypeLib Elevated
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\VersionIndependentProgID Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E} Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\InprocServer32 Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\ProgID Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Programmable Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\TypeLib Elevated
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\VersionIndependentProgID Elevated
Other Sections:
Copyright © 2003 PC Tools Research Pty Ltd. All rights reserved. Legal Notice
and a hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 3:47:56 PM, on 12/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by The White Man From Town...
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Handy Backup 4.0] "C:\PROGRA~1\Novosoft\HANDYB~1\hbagent.exe" -logon
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1121040663090
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://webcam.saxond...activex/AMC.cab
O16 - DPF: {FC686D83-E465-46AE-A315-7D1BD14F8163} (Cgroupconf_control Object) - http://www.groupboar...f/groupconf.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = desert.middleofnowhere.local
O17 - HKLM\Software\..\Telephony: DomainName = desert.middleofnowhere.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C262130-5CB4-435D-8AD1-73DF4C7703A8}: NameServer = 192.168.0.3,192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = desert.middleofnowhere.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = desert.middleofnowhere.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = desert.middleofnowhere.local
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
if ANYONE can take the time to look at this,I would consider them gods. THANK YOU!
Edited by Cheat_DEcoder, 29 December 2005 - 02:56 PM.