Dreamtimer
2011-01-08, 17:10
I mistakenly posted my hijacklog first, but here is my DDS log:
DDS (Ver_10-12-12.02) - NTFSx86
Run by julia at 8:00:48.56 on Sat 01/08/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
============== Running Processes ===============
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
============== Pseudo HJT Report ===============
uStart Page = hxxp://gmail.com/
uDefault_Page_URL = hxxp://www.msn.com
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
uRun: [Google Update] "c:\documents and settings\julia\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.com/s/v/68.15/uploader2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R? 5c8a25a4269eae5a6b788d2731fdaaa8;5c8a25a4269eae5a6b788d2731fdaaa8
R? Lbd;Lbd
S? HSFHWATI;HSFHWATI
=============== Created Last 30 ================
2011-01-08 14:32:16 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Temp
2011-01-08 14:31:48 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Google
2011-01-01 06:06:15 -------- dc----w- c:\docume~1\julia\applic~1\IObit
2010-12-21 00:47:40 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Roblox
2010-12-21 00:46:31 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\RobloxVersions
2010-12-21 00:46:31 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\RobloxDownloads
2010-12-18 23:13:10 -------- dc----w- c:\docume~1\alluse~1.win\applic~1\IObit
2010-12-16 00:24:57 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Adobe
2010-12-15 15:57:57 -------- dcsh--w- c:\documents and settings\julia\IECompatCache
2010-12-15 14:39:22 -------- dcsh--w- c:\documents and settings\julia\PrivacIE
==================== Find3M ====================
DDS (Ver_10-12-12.02) - NTFSx86
Run by julia at 8:00:48.56 on Sat 01/08/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
============== Running Processes ===============
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\julia\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
============== Pseudo HJT Report ===============
uStart Page = hxxp://gmail.com/
uDefault_Page_URL = hxxp://www.msn.com
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
uRun: [Google Update] "c:\documents and settings\julia\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.com/s/v/68.15/uploader2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R? 5c8a25a4269eae5a6b788d2731fdaaa8;5c8a25a4269eae5a6b788d2731fdaaa8
R? Lbd;Lbd
S? HSFHWATI;HSFHWATI
=============== Created Last 30 ================
2011-01-08 14:32:16 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Temp
2011-01-08 14:31:48 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Google
2011-01-01 06:06:15 -------- dc----w- c:\docume~1\julia\applic~1\IObit
2010-12-21 00:47:40 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Roblox
2010-12-21 00:46:31 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\RobloxVersions
2010-12-21 00:46:31 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\RobloxDownloads
2010-12-18 23:13:10 -------- dc----w- c:\docume~1\alluse~1.win\applic~1\IObit
2010-12-16 00:24:57 -------- dc----w- c:\docume~1\julia\locals~1\applic~1\Adobe
2010-12-15 15:57:57 -------- dcsh--w- c:\documents and settings\julia\IECompatCache
2010-12-15 14:39:22 -------- dcsh--w- c:\documents and settings\julia\PrivacIE
==================== Find3M ====================