Gasanova

Hi,
A few weeks ago I noticed when I put my system on stand-by the monitor turns off but the fan on the mother board keeps running ,it never used too, also if I try to turn off or restart an error message appears connections tray (not responding) when I click end now it will eventually go to the blue logging off screen and that's it, it will stay like that until I hold the on/off button for four seconds. During normal use services.exe is using 30% of my CPU in task Manager I think this is my problem, can anyone help?
My mouse is a little erratic on occasions and click sometimes doesn't work, I read this is due to nwiz.exe in my registry????? anyone help? please...

Deckard's System Scanner v20071014.68
Run by Owner on 2008-01-06 20:03:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
75: 2008-01-06 20:04:06 UTC - RP989 - Deckard's System Scanner Restore Point
74: 2008-01-05 17:35:56 UTC - RP988 - System Checkpoint
73: 2008-01-04 17:24:34 UTC - RP987 - System Checkpoint
72: 2008-01-03 16:01:35 UTC - RP986 - System Checkpoint
71: 2008-01-02 15:40:22 UTC - RP985 - System Checkpoint


-- First Restore Point --
1: 2007-10-20 11:01:38 UTC - RP915 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-06 2036
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\WINDOWS\SYSTEM32\netdde.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\PCSecurityShield\The Shield Firewall\FireWall.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\SYSTEM32\msdtc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SavingsKeyUk\savingskeyuk.exe
C:\Program Files\Mouse Driver\MouseDrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Metacafe\MetacafeAgent.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
C:\WINDOWS\SYSTEM32\clipsrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\Program Files\SavingsKeyUk\svuk.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\lxbucoms.exe
C:\WINDOWS\SYSTEM32\alg.exe
C:\WINDOWS\SYSTEM32\wuauclt.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\igfxsrvc.exe
C:\WINDOWS\SYSTEM32\taskmgr.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\Documents and Settings\Owner.TYGWYN\Local Settings\Temporary Internet Files\Content.IE5\YKIH71KW\dss[1].exe
C:\WINDOWS\explorer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Farstone Url Blocker - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\Program Files\PCSecurityShield\The Shield Firewall\IrlOnIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [dwStart] C:\Program Files\PCSecurityShield\The Shield Firewall\FireWall.exe
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [svkyukm] "C:\Program Files\SavingsKeyUk\savingskeyuk.exe"
O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Mouse Driver\MouseDrv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MetaCafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Savings Key UK - file://C:\Documents and Settings\Owner.TYGWYN\Application Data\SavingsKeyUk\svkyukt\svkyC5uk.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\nwprovau.dll
O15 - Trusted Zone: https://signin.ebay.co.uk (HKCU)
O15 - Trusted Zone: https://www.paypal.com (HKCU)
O15 - Trusted Zone: http://www.viswiss.com (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} () - http://download.microsoft.com/download/0/f/b/0fb0fab9-7f09-4bb6-86d8-8e791ba99ac5/VirtualEarth3D.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MSN Music Mediabar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\SYSTEM32\lxbucoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O24 - Desktop Component 0: - http://www.techsupportforum.com/cwd/images/topleft.jpg

--
End of file - 10825 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 FarStoneFireWallDrive - c:\windows\system32\drivers\fardrive.sys

S0 szkg - c:\windows\system32\drivers\szkg.sys (file missing)
S3 jatmlano - c:\docume~1\owner~1.tyg\locals~1\temp\jatmlano.sys (file missing)
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
S3 VRcore - c:\windows\system32\drivers\vrcore.sys (file missing)
S3 VRFIL - c:\windows\system32\drivers\vrfil.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (AntiVir Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; Scheduler>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) 82865G Graphics Controller
Device ID: PCI\VEN_8086&DEV_2572&SUBSYS_019D1028&REV_02\3&172E68DD&0&10
Manufacturer: Intel Corporation
Name: Intel(R) 82865G Graphics Controller
PNP Device ID: PCI\VEN_8086&DEV_2572&SUBSYS_019D1028&REV_02\3&172E68DD&0&10
Service: ialm

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: USB Cable Modem 351000
Device ID: USB\VID_0BB2&PID_6098\00028A689711
Manufacturer: brand
Name: USB Cable Modem 351000
PNP Device ID: USB\VID_0BB2&PID_6098\00028A689711
Service: usbcm

Class GUID: {4D36E969-E325-11CE-BFC1-08002BE10318}
Description: Standard floppy disk controller
Device ID: ACPI\PNP0700\4&1506BB2E&0
Manufacturer: (Standard floppy disk controllers)
Name: Standard floppy disk controller
PNP Device ID: ACPI\PNP0700\4&1506BB2E&0
Service: fdc


-- Scheduled Tasks -------------------------------------------------------------

2008-01-06 14:53:17 492 ---h----- C:\WINDOWS\Tasks\{73F5879D-FF7B-4991-ADF7-46EEA3D9E9C3}_RUSSELL_Owner.job
2007-01-03 14:03:42 344 --ah----- C:\WINDOWS\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_RUSSELL_Owner.job


-- Files created between 2007-12-06 and 2008-01-06 -----------------------------

2008-01-06 15:39:38 149504 --a------ C:\WINDOWS\system32\CETNUASM.DLL
2008-01-06 15:39:38 47616 --a------ C:\WINDOWS\system32\CETNTL22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:38 35840 --a------ C:\WINDOWS\system32\CETNOL22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:37 579584 --a------ C:\WINDOWS\system32\CETNRN22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:37 121344 --a------ C:\WINDOWS\system32\CETNPB22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:36 431616 --a------ C:\WINDOWS\system32\CETNDG22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:36 37888 --a------ C:\WINDOWS\system32\CETNDD22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:36 250880 --a------ C:\WINDOWS\system32\CETNDC22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:36 82944 --a------ C:\WINDOWS\system32\CETNCX22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:35 91136 --a------ C:\WINDOWS\system32\Lvkrn11n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:35 59904 --a------ C:\WINDOWS\system32\Lvdx11n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:35 378368 --a------ C:\WINDOWS\system32\CETNCM22.DLL <Not Verified; Summit Software Company; BasicScript>
2008-01-06 15:39:35 766026 --a------ C:\WINDOWS\system32\ActiveTerra2.dll <Not Verified; ; ActiveTerra Module>
2008-01-06 15:39:34 66048 --a------ C:\WINDOWS\system32\LVDLG11N.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:34 36864 --a------ C:\WINDOWS\system32\LTWND11n.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:34 599040 --a------ C:\WINDOWS\system32\ltwen11n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:34 142848 --a------ C:\WINDOWS\system32\LTSCR11n.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:33 226816 --a------ C:\WINDOWS\system32\ltefx11n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:33 300544 --a------ C:\WINDOWS\system32\ltdlg11N.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:32 121856 --a------ C:\WINDOWS\system32\lfmpg11n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:39:32 34816 --a------ C:\WINDOWS\system32\lfcal11n.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Win32>
2008-01-06 15:38:46 16896 --a------ C:\WINDOWS\system32\flcfile32.dll <Not Verified; Autodesk, Inc.; Animator Studio>
2008-01-06 15:38:46 40960 --a------ C:\WINDOWS\system32\flccodec32.dll <Not Verified; Autodesk, Inc.; Autodesk Animation Studio>
2008-01-06 15:38:46 1423 --a------ C:\WINDOWS\FLCNT.REG
2008-01-06 15:38:44 24064 --a------ C:\WINDOWS\system32\aasc32.dll <Not Verified; Autodesk, Inc.; Autodesk Animation Studio>
2008-01-06 15:34:55 0 d-------- C:\ENC
2008-01-05 16:07:03 0 d-------- C:\Program Files\SystemRequirementsLab
2008-01-05 11:49:06 0 d-------- C:\Documents and Settings\Owner.TYGWYN\Application Data\Grisoft
2008-01-05 11:48:46 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-01-02 14:28:28 0 d-------- C:\Program Files\AdVantage
2008-01-02 14:27:02 0 d-------- C:\Program Files\MyPlayCity.com
2007-12-27 13:32:43 0 d-------- C:\Program Files\Codemasters
2007-12-25 20:14:57 0 d-------- C:\Program Files\Common Files\3DO Shared
2007-12-25 20:14:57 0 d-------- C:\Program Files\3DO
2007-12-25 19:36:14 0 d-------- C:\Program Files\Mouse Driver
2007-12-24 12:48:29 0 d-------- C:\Program Files\Youdagames
2007-12-24 12:47:34 0 d-------- C:\Documents and Settings\Owner.TYGWYN\Application Data\Youdagames
2007-12-24 12:39:40 0 d-------- C:\Documents and Settings\Owner.TYGWYN\Application Data\SavingsKeyUk
2007-12-24 12:39:40 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SavingsKeyUk
2007-12-24 12:39:38 0 d-------- C:\Program Files\SavingsKeyUk
2007-12-19 09:41:14 0 d-------- C:\Program Files\Oberon Media
2007-12-10 22:45:57 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sandlot Games


-- Find3M Report ---------------------------------------------------------------

2008-01-06 14:25:46 0 d-------- C:\Documents and Settings\Owner.TYGWYN\Application Data\MetaCafe
2008-01-03 10:31:31 0 d-------- C:\Program Files\Spyware Doctor
2008-01-02 00:00:39 0 d-------- C:\Program Files\IncrediMail
2007-12-31 16:56:36 0 d-------- C:\Program Files\Security Task Manager
2007-12-28 23:05:46 0 d-------- C:\Program Files\Eidos
2007-12-28 23:05:41 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-25 20:14:57 0 d-------- C:\Program Files\Common Files
2007-12-16 00:37:30 0 d-------- C:\Program Files\Lx_cats
2007-12-10 22:32:38 0 d-------- C:\Program Files\GamesBar
2007-12-08 15:37:51 0 d-------- C:\Documents and Settings\Owner.TYGWYN\Application Data\LimeWire
2007-12-07 20:53:31 0 d-------- C:\Program Files\Gunner 2
2007-12-05 01:41:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-12-05 01:41:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-12-05 01:41:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-12-05 01:41:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-12-05 01:41:00 1474560 --a------ C:\WINDOWS\system32\nview.dll
2007-12-05 01:41:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-12-05 01:41:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-12-05 01:41:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2007-12-04 21:46:35 0 d-------- C:\Program Files\ReflexiveArcade
2007-11-17 23:53:04 0 d-------- C:\Program Files\Startup Inspector for Windows
2007-11-17 13:32:16 0 d-------- C:\Documents and Settings\Owner.TYGWYN\Application Data\VersionTracker Pro
2007-10-31 09:31:58 675579 --a------ C:\WINDOWS\PROGRAM.exe
2007-10-31 09:25:44 102400 --a------ C:\WINDOWS\MBDownloader_876932.exe <Not Verified; M i r a r; M i r a r Downloader AFF ATD>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 00:11]
"dwStart"="C:\Program Files\PCSecurityShield\The Shield Firewall\FireWall.exe" [08/06/2004 00:40]
"lxbumon.exe"="C:\Program Files\Lexmark 6200 Series\lxbumon.exe" [01/18/2005 14:35]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [10/20/2007 13:00]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [01/11/2007 23:54]
"nwiz"="nwiz.exe" [12/05/2007 01:41 C:\WINDOWS\SYSTEM32\nwiz.exe]
"LXBUCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [11/02/2004 20:03]
"MDNS"="C:\WINDOWS\system32\service.exe" []
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 22:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/17/2004 22:03]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"svkyukm"="C:\Program Files\SavingsKeyUk\savingskeyuk.exe" [10/09/2007 19:30]
"CreativeMouse "="C:\Program Files\Mouse Driver\MouseDrv.exe" [06/27/2004 15:38]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 09:25]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12/04/2007 18:01]
"ebljhxvmda"="c:\documents and settings\owner.tygwyn\local settings\application data\ebljhxvmda.exe" [01/02/2008 14:25]

C:\Documents and Settings\Owner.TYGWYN\Start Menu\Programs\Startup\
MetaCafe.lnk - C:\Program Files\Metacafe\MetacafeAgent.exe [09/04/2007 15:04:34]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"




-- Hosts -----------------------------------------------------------------------

127.0.0.1 localhost #***Inserted By STOPzilla***
127.0.0.1 0websearch.com # ***Inserted By STOPzilla***
127.0.0.1 2005-search.com # ***Inserted By STOPzilla***
127.0.0.1 600pics.com # ***Inserted By STOPzilla***
127.0.0.1 a1.interclick.com # ***Inserted By STOPzilla***
127.0.0.1 absolutepics.net # ***Inserted By STOPzilla***
127.0.0.1 ad.yieldmanager.com # ***Inserted By STOPzilla***
127.0.0.1 alex.fileburst.com # ***Inserted By STOPzilla***
127.0.0.1 all-tgp.org # ***Inserted By STOPzilla***
127.0.0.1 all-websearch.com # ***Inserted By STOPzilla***

150 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-01-06 20:09:01 ------------



extra.txt