It's looking better and better everyday!
I greatly appreciate your help!
This is my DSS Main.txt logDeckard's System Scanner v20071014.68
Run by Jim on 2008-06-25 11:26:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Jim.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:30 AM, on 6/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jim.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - D:\WinApps\Science\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\WinApps\Science\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1167620242325O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 4678 bytes
-- Files created between 2008-05-25 and 2008-06-25 -----------------------------
2008-06-25 11:20:03 791393 --a------ C:\Program Files\erunt-setup.exe <ERUNT-~1.EXE> <Not Verified; Lars Hederer; >
2008-06-23 20:45:54 0 d-------- C:\Program Files\Sun
2008-06-23 20:17:09 291328 --a------ C:\Program Files\OTMoveIt2.exe <OTMOVE~1.EXE> <Not Verified; OldTimer Tools; OTMoveIt>
2008-06-23 13:21:39 686630 --a------ C:\Program Files\dss.exe
2008-06-23 13:21:25 486449 --a------ C:\Program Files\Fixwareout.exe <FIXWAR~1.EXE>
2008-06-20 16:48:01 0 d-------- C:\Program Files\Halo_20CE_20Setup_20By_20Am3n[1] <HALO_2~1>
2008-06-19 22:39:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-06-19 22:39:00 0 d-------- C:\Documents and Settings\Jim\Application Data\Azureus
2008-06-19 20:52:29 0 d-------- C:\Program Files\Panda Security <PANDAS~1>
2008-06-19 19:05:55 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-06-19 18:52:05 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-19 18:48:10 0 d-------- C:\Program Files\SUPERAntiSpyware <SUPERA~1>
2008-06-19 18:48:09 0 d-------- C:\Documents and Settings\Jim\Application Data\SUPERAntiSpyware.com
2008-06-19 18:12:42 0 d-------- C:\Documents and Settings\Jim\Application Data\Malwarebytes
2008-06-19 18:12:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-19 18:12:37 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware <MALWAR~1>
2008-06-19 18:11:12 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-19 18:11:01 1677198 --a------ C:\Program Files\mbam-setup.exe <MBAM-S~1.EXE> <Not Verified; Malwarebytes; Malwarebytes' Anti-Malware>
2008-06-19 17:33:51 0 d-------- C:\Program Files\Trend Micro <TRENDM~1>
2008-06-11 00:25:37 0 d-------- C:\Documents and Settings\Jim\Application Data\Nexon
2008-06-11 00:00:36 0 d-------- C:\Nexon
2008-06-10 23:42:34 0 d-------- C:\MS
2008-06-10 16:10:29 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-10 15:52:52 0 d-------- C:\Documents and Settings\Jim\Application Data\Ahead
-- Find3M Report ---------------------------------------------------------------
2008-06-23 20:45:20 0 d-------- C:\Program Files\Java
2008-06-22 22:43:50 49168 --a------ C:\Documents and Settings\Jim\Application Data\GDIPFONTCACHEV1.DAT
2008-06-19 22:36:54 0 d-------- C:\Program Files\QuickTime <QUICKT~1>
2008-06-19 22:36:54 0 d-------- C:\Program Files\Movie Maker <MOVIEM~1>
2008-06-19 19:06:02 0 d-------- C:\Program Files\Messenger <MESSEN~1>
2008-06-19 18:11:12 0 d-------- C:\Program Files\Common Files <COMMON~1>
2008-06-10 23:56:06 0 d-------- C:\Program Files\Guitar Pro 5 <GUITAR~1>
2008-06-10 15:57:28 0 d-------- C:\Program Files\iTunes
2008-06-10 15:51:59 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-10 15:51:42 0 d--h----- C:\Program Files\InstallShield Installation Information <INSTAL~1>
2008-06-10 15:51:42 0 d-------- C:\Program Files\CyberLink <CYBERL~1>
2008-06-10 15:27:05 0 d-------- C:\Documents and Settings\Jim\Application Data\LimeWire
2008-06-01 15:29:39 0 d-------- C:\Documents and Settings\Jim\Application Data\U3
2008-05-18 21:00:35 0 d-------- C:\Program Files\epson
2008-05-15 22:40:54 0 d--h----- C:\Documents and Settings\Jim\Application Data\ijjigame
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/03/2004 11:32 PM]
"MSPY2002"="C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe" [08/03/2004 11:31 PM]
"PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [08/03/2004 11:32 PM]
"PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [08/03/2004 11:32 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"EPSON Stylus CX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.exe" [02/07/2005 08:00 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 01:54 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/28/2007 09:37 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/20/2008 11:30 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06/20/2008 11:30 AM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 06/20/2008 11:30 AM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c2aa702-7b18-11db-904d-00055de1bbc6}]
AutoRun\command- G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c50b43a0-cacb-11db-90d1-00055de1bbc6}]
AutoRun\command- G:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2008-06-25 11:27:05 ------------
Deckard's System Scanner v20071014.68
Run by Jim on 2008-06-25 11:26:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Jim.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:30 AM, on 6/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jim.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - D:\WinApps\Science\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\WinApps\Science\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1167620242325O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 4678 bytes
-- Files created between 2008-05-25 and 2008-06-25 -----------------------------
2008-06-25 11:20:03 791393 --a------ C:\Program Files\erunt-setup.exe <ERUNT-~1.EXE> <Not Verified; Lars Hederer; >
2008-06-23 20:45:54 0 d-------- C:\Program Files\Sun
2008-06-23 20:17:09 291328 --a------ C:\Program Files\OTMoveIt2.exe <OTMOVE~1.EXE> <Not Verified; OldTimer Tools; OTMoveIt>
2008-06-23 13:21:39 686630 --a------ C:\Program Files\dss.exe
2008-06-23 13:21:25 486449 --a------ C:\Program Files\Fixwareout.exe <FIXWAR~1.EXE>
2008-06-20 16:48:01 0 d-------- C:\Program Files\Halo_20CE_20Setup_20By_20Am3n[1] <HALO_2~1>
2008-06-19 22:39:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-06-19 22:39:00 0 d-------- C:\Documents and Settings\Jim\Application Data\Azureus
2008-06-19 20:52:29 0 d-------- C:\Program Files\Panda Security <PANDAS~1>
2008-06-19 19:05:55 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-06-19 18:52:05 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-19 18:48:10 0 d-------- C:\Program Files\SUPERAntiSpyware <SUPERA~1>
2008-06-19 18:48:09 0 d-------- C:\Documents and Settings\Jim\Application Data\SUPERAntiSpyware.com
2008-06-19 18:12:42 0 d-------- C:\Documents and Settings\Jim\Application Data\Malwarebytes
2008-06-19 18:12:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-19 18:12:37 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware <MALWAR~1>
2008-06-19 18:11:12 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-19 18:11:01 1677198 --a------ C:\Program Files\mbam-setup.exe <MBAM-S~1.EXE> <Not Verified; Malwarebytes; Malwarebytes' Anti-Malware>
2008-06-19 17:33:51 0 d-------- C:\Program Files\Trend Micro <TRENDM~1>
2008-06-11 00:25:37 0 d-------- C:\Documents and Settings\Jim\Application Data\Nexon
2008-06-11 00:00:36 0 d-------- C:\Nexon
2008-06-10 23:42:34 0 d-------- C:\MS
2008-06-10 16:10:29 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-10 15:52:52 0 d-------- C:\Documents and Settings\Jim\Application Data\Ahead
-- Find3M Report ---------------------------------------------------------------
2008-06-23 20:45:20 0 d-------- C:\Program Files\Java
2008-06-22 22:43:50 49168 --a------ C:\Documents and Settings\Jim\Application Data\GDIPFONTCACHEV1.DAT
2008-06-19 22:36:54 0 d-------- C:\Program Files\QuickTime <QUICKT~1>
2008-06-19 22:36:54 0 d-------- C:\Program Files\Movie Maker <MOVIEM~1>
2008-06-19 19:06:02 0 d-------- C:\Program Files\Messenger <MESSEN~1>
2008-06-19 18:11:12 0 d-------- C:\Program Files\Common Files <COMMON~1>
2008-06-10 23:56:06 0 d-------- C:\Program Files\Guitar Pro 5 <GUITAR~1>
2008-06-10 15:57:28 0 d-------- C:\Program Files\iTunes
2008-06-10 15:51:59 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-10 15:51:42 0 d--h----- C:\Program Files\InstallShield Installation Information <INSTAL~1>
2008-06-10 15:51:42 0 d-------- C:\Program Files\CyberLink <CYBERL~1>
2008-06-10 15:27:05 0 d-------- C:\Documents and Settings\Jim\Application Data\LimeWire
2008-06-01 15:29:39 0 d-------- C:\Documents and Settings\Jim\Application Data\U3
2008-05-18 21:00:35 0 d-------- C:\Program Files\epson
2008-05-15 22:40:54 0 d--h----- C:\Documents and Settings\Jim\Application Data\ijjigame
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/03/2004 11:32 PM]
"MSPY2002"="C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe" [08/03/2004 11:31 PM]
"PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [08/03/2004 11:32 PM]
"PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [08/03/2004 11:32 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"EPSON Stylus CX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.exe" [02/07/2005 08:00 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 01:54 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/28/2007 09:37 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/20/2008 11:30 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06/20/2008 11:30 AM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 06/20/2008 11:30 AM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c2aa702-7b18-11db-904d-00055de1bbc6}]
AutoRun\command- G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c50b43a0-cacb-11db-90d1-00055de1bbc6}]
AutoRun\command- G:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2008-06-25 11:27:05 ------------