Tech Support Forum - View Single Post - DSS wont complete-viruses,trojan downloaders and popups

hybritical · 10-04-2007, 09:00 PM

Thanks nice to meet you

Deckard's System Scanner v20070905.67
Run by Owner on 2007-10-04 22:51:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

-- Last 5 Restore Point(s) --
33: 2007-10-04 20:50:46 UTC - RP129 - Deckard's System Scanner Restore Point
32: 2007-10-03 21:18:35 UTC - RP128 - System Checkpoint
31: 2007-10-02 19:36:43 UTC - RP127 - Last known good configuration
30: 2007-10-02 19:36:32 UTC - RP126 - System Checkpoint
29: 2007-10-02 19:36:31 UTC - RP125 - System Checkpoint

-- First Restore Point --
1: 2007-10-02 19:36:11 UTC - RP97 - System Checkpoint

Backed up registry hives.

Total Physical Memory: 255 MiB (512 MiB recommended).

-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:53:08 PM, on 10/4/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Documents and Settings\Owner\desktop\dss.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: (no name) - {53B5F2B1-94DD-43E5-8187-EB4E31F00701} - C:\WINDOWS\system32\l3acdb.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\WebAssist.dll (file missing)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\System32\ovsuitxh.dll
O2 - BHO: BndDrive BHO Class - {9815DA81-2E0C-478c-90E4-06E474E704D0} - C:\Program Files\ISM\BndDrive.dll (file missing)
O2 - BHO: HttpGuard - {98B822AD-6BE7-49BC-B773-97240B774080} - C:\WINDOWS\system32\AClient.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B7423D6D-7DC7-4B8A-B1BD-D2452B5DAD7A} - C:\WINDOWS\System32\ssqpp.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1176427498\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [RealTray] "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [IESet] IExplorer.dll .dbt
O4 - HKLM\..\Run: [{AB-B7-74-48-ZN}] C:\DOCUME~1\Owner\LOCALS~1\Temp\thinksnet.exe CHD003
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\gctwjchs.dll",sitypnow
O4 - HKLM\..\RunServices: [IESet] IExplorer.dll .dbt
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Owner\Local Settings\Temp\thinksnet.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/gam...s/y/poti_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: awtqrpn - C:\WINDOWS\SYSTEM32\awtqrpn.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\System32\yulnoxlv.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 8430 bytes

-- File Associations -----------------------------------------------------------

.bat - batfile - shell\edit\command - NOTEDAD.EXE %1
.ini - inifile - shell\open\command - NOTEDAD.EXE %1
.reg - regfile - shell\edit\command - NOTEDAD.EXE %1
.txt - txtfile - shell\open\command - %windir%\NOTEPAD.EXE %1

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 DomainService - c:\windows\system32\yulnoxlv.exe /service (file missing)

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2007-10-04 22:52:02 492 --a------ C:\WINDOWS\Tasks\McAfee.com Update Check (NEW-HARVEST-Owner).job
2007-10-04 22:00:00 350 --a------ C:\WINDOWS\Tasks\At23.job
2007-10-04 21:00:00 350 --a------ C:\WINDOWS\Tasks\At22.job
2007-10-04 20:00:00 350 --a------ C:\WINDOWS\Tasks\At21.job
2007-10-04 19:00:00 350 --a------ C:\WINDOWS\Tasks\At20.job
2007-10-04 18:00:00 350 --a------ C:\WINDOWS\Tasks\At19.job
2007-10-04 17:00:00 350 --a------ C:\WINDOWS\Tasks\At18.job
2007-10-04 16:00:00 350 --a------ C:\WINDOWS\Tasks\At17.job
2007-10-04 03:00:00 350 --a------ C:\WINDOWS\Tasks\At4.job
2007-10-04 02:00:00 350 --a------ C:\WINDOWS\Tasks\At3.job
2007-10-04 01:00:00 350 --a------ C:\WINDOWS\Tasks\At2.job
2007-10-04 00:00:00 350 --a------ C:\WINDOWS\Tasks\At1.job
2007-10-03 23:00:00 350 --a------ C:\WINDOWS\Tasks\At24.job
2007-10-03 15:00:00 350 --a------ C:\WINDOWS\Tasks\At16.job
2007-10-01 14:00:00 350 --a------ C:\WINDOWS\Tasks\At15.job
2007-10-01 13:00:00 350 --a------ C:\WINDOWS\Tasks\At14.job
2007-10-01 12:00:00 350 --a------ C:\WINDOWS\Tasks\At13.job
2007-10-01 11:00:00 350 --a------ C:\WINDOWS\Tasks\At12.job
2007-09-15 04:00:00 350 --a------ C:\WINDOWS\Tasks\At5.job
2007-09-06 05:00:00 350 --a------ C:\WINDOWS\Tasks\At6.job
2007-09-03 08:00:00 350 --a------ C:\WINDOWS\Tasks\At9.job
2007-09-03 07:00:00 350 --a------ C:\WINDOWS\Tasks\At8.job
2007-09-03 06:00:00 350 --a------ C:\WINDOWS\Tasks\At7.job
2007-08-26 10:00:00 350 --a------ C:\WINDOWS\Tasks\At11.job
2007-08-26 09:00:00 350 --a------ C:\WINDOWS\Tasks\At10.job

-- Files created between 2007-09-04 and 2007-10-04 -----------------------------

2007-10-04 22:52:35 0 d-------- C:\Program Files\Trend Micro
2007-10-04 18:38:44 85056 --a------ C:\WINDOWS\System32\gctwjchs.dll
2007-10-04 18:28:21 75328 --a------ C:\WINDOWS\System32\xuqyvttu.exe <Not Verified; ; DDC>
2007-10-04 16:41:45 85056 -----n--- C:\WINDOWS\System32\yfgfqkwo.dll
2007-10-04 16:39:25 0 d-------- C:\ie-spyad_zo
2007-10-04 16:35:35 75328 --a------ C:\WINDOWS\System32\gomfiewh.exe <Not Verified; ; DDC>
2007-10-04 16:14:36 85056 -----n--- C:\WINDOWS\System32\qejbhaiq.dll
2007-10-04 16:14:06 0 d-------- C:\Program Files\SpywareBlaster
2007-10-04 16:11:19 75328 --a------ C:\WINDOWS\System32\ihrqoxkg.exe <Not Verified; ; DDC>
2007-10-04 15:55:18 1340706 ---hs---- C:\WINDOWS\System32\ppqss.ini2
2007-10-04 15:36:19 85056 --a------ C:\WINDOWS\System32\digqbhbj.dll
2007-10-04 15:31:25 75328 --a------ C:\WINDOWS\System32\fhktplvc.exe <Not Verified; ; DDC>
2007-10-04 00:50:45 0 d-------- C:\WINDOWS\System32\ActiveScan
2007-10-03 15:58:20 77376 --a------ C:\WINDOWS\System32\ovsuitxh.dll
2007-10-03 15:25:49 77376 --a------ C:\WINDOWS\System32\iyhwwqak.dll
2007-10-03 14:59:56 77376 --a------ C:\WINDOWS\System32\ghuwkrma.dll
2007-10-03 14:50:28 1338075 ---hs---- C:\WINDOWS\System32\ppqss.bak2
2007-10-02 15:37:00 6465 ---hs---- C:\WINDOWS\System32\ppqss.bak1
2007-10-02 15:35:33 310880 --a------ C:\WINDOWS\System32\ssqpp.dll
2007-10-02 15:30:22 36352 --a------ C:\WINDOWS\System32\awtqrpn.dll
2007-09-27 16:46:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-09-08 14:34:36 0 d-------- C:\Program Files\Common Files\ODBC

-- Find3M Report ---------------------------------------------------------------

2007-10-04 02:03:11 0 d-------- C:\Program Files\Google
2007-10-03 15:45:24 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2007-09-10 19:25:25 0 dr-h----- C:\Documents and Settings\Owner\Application Data\yahoo!
2007-09-08 14:34:36 0 d-------- C:\Program Files\Common Files
2007-09-05 21:40:10 0 d-------- C:\Program Files\Yahoo!
2007-08-29 17:10:53 0 d-------- C:\Program Files\Common Files\Adobe
2007-08-26 12:10:50 0 d-------- C:\Program Files\Dell
2007-08-18 18:41:28 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2007-08-18 18:41:08 0 d-------- C:\Program Files\Escape From Paradise
2007-08-14 12:33:24 0 d-------- C:\Program Files\America Online 9.0
2007-08-14 12:23:12 0 d-------- C:\Program Files\McAfee.com
2007-08-14 12:20:26 0 d-------- C:\Program Files\Common Files\aol
2007-08-14 03:14:04 0 d-------- C:\Program Files\Webroot
2007-08-14 03

18 0 d-------- C:\Documents and Settings\Owner\Application Data\Webroot
2007-08-14 01:49:59 0 d-------- C:\Documents and Settings\Owner\Application Data\GetRightToGo
2007-08-13 03:21:55 0 d-------- C:\Program Files\AVG2
2007-08-12 14:17:28 3638 --a------ C:\WINDOWS\5bydbzjy.exe
2007-08-12 13:42:37 0 d-------- C:\Program Files\Burger Island
2007-08-11 02:14:19 0 d--h----- C:\Program Files\WindowsUpdate
2007-08-10 14:37:43 0 d-------- C:\Program Files\DivX
2007-08-10 03:18:59 598 --a------ C:\Documents and Settings\Owner\Application Data\error.log
2007-08-10 03:15:20 15 --a------ C:\Documents and Settings\Owner\Application Data\config.tcf
2007-08-10 01:08:52 0 d-------- C:\Program Files\Cake Mania 2
2007-08-09 19:35:39 0 d-------- C:\Documents and Settings\Owner\Application Data\Sandlot Games
2007-08-09 17:47:06 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-08-04 16:08:08 0 d-------- C:\Program Files\Blaze Media Pro

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53B5F2B1-94DD-43E5-8187-EB4E31F00701}]
C:\WINDOWS\system32\l3acdb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3}]
C:\WINDOWS\WebAssist.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89AD4D75-2429-462e-BD4E-443F233F6033}]
10/03/2007 03:58 PM 77376 --a------ C:\WINDOWS\System32\ovsuitxh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9815DA81-2E0C-478c-90E4-06E474E704D0}]
C:\Program Files\ISM\BndDrive.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98B822AD-6BE7-49BC-B773-97240B774080}]
C:\WINDOWS\system32\AClient.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7423D6D-7DC7-4B8A-B1BD-D2452B5DAD7A}]
10/02/2007 03:35 PM 310880 --a------ C:\WINDOWS\System32\ssqpp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCAgentExe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" []
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" []
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" []
"HostManager"="C:\Program Files\Common Files\AOL\1176427498\ee\AOLSoftware.exe" []
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [10/23/2006 08:50 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/12/2007 09:27 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [08/13/2007 12:52 PM]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [05/08/2007 11:09 PM]
"IESet"="IExplorer.dll" []
"{AB-B7-74-48-ZN}"="C:\DOCUME~1\Owner\LOCALS~1\Temp\thinksnet.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [07/19/2007 10:54 PM]
"SearchIndexer"="C:\WINDOWS\System32\gctwjchs.dll" [10/04/2007 06:38 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/07/2007 02:51 PM]
"AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" [07/12/2005 06:17 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"IESet"=IExplorer.dll .dbt

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{178D4E6A-BA5A-4ECB-8521-F7B8393FDB97}"= C:\WINDOWS\System32\awtqrpn.dll [10/02/2007 03:30 PM 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtqrpn]
awtqrpn.dll 10/02/2007 03:30 PM 36352 C:\WINDOWS\system32\awtqrpn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\System32\ssqpp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

-- End of Deckard's System Scanner: finished at 2007-10-04 22:56:39 ------------