Thread: Ried #3
View Single Post
Old 11-10-2008, 06:51 PM   #1 (permalink)
red_machine
Registered User
 
Join Date: Oct 2008
Location: Minneapolis
Posts: 52
OS: Vista


Ried #3
Ried,
This is my desktop that I don't use much anymore but for processing photos. It's also infected with the same ads and blocked sites. Never experienced a re-direct or anything crazy.

Here is the DDS log:

DDS (Version 1.0) - NTFSx86
Run by Administrator at 19:00:53.56 on Mon 11/10/2008
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1663 [GMT -6:00]

=============== Created Last 30 ================

2008-11-10 18:57 <DIR> --d----- e:\windows\system32\appmgmt
2008-11-07 06:42 3,560 a------- e:\windows\system32\tmp.reg
2008-11-06 22:18 <DIR> --d----- e:\docume~1\admini~1\applic~1\Malwarebytes
2008-11-06 22:18 <DIR> --d----- e:\docume~1\alluse~1\applic~1\Malwarebytes
2008-11-06 22:16 <DIR> --d----- e:\program files\Trojan Remover
2008-11-04 22:09 <DIR> --d----- e:\docume~1\alluse~1\applic~1\Lavasoft
2008-10-18 15:16 333,824 -c------ e:\windows\system32\dllcache\srv.sys
2008-10-18 15:16 1,846,400 -c------ e:\windows\system32\dllcache\win32k.sys
2008-10-18 15:16 2,189,184 -c------ e:\windows\system32\dllcache\ntoskrnl.exe
2008-10-18 15:16 2,145,280 -c------ e:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-18 15:16 2,066,048 -c------ e:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-18 15:16 2,023,936 -c------ e:\windows\system32\dllcache\ntkrpamp.exe

================== Find3M ==================

2008-11-10 18:56 <DIR> --d----- e:\docume~1\admini~1\applic~1\WTablet
2008-09-28 15:25 <DIR> --d----- e:\docume~1\admini~1\applic~1\Imagenomic
2008-09-28 15:23 <DIR> --d----- e:\program files\Instant JPEG From RAW
2008-09-15 06:12 1,846,400 a------- e:\windows\system32\win32k.sys
2008-08-26 01:24 826,368 a------- e:\windows\system32\wininet.dll
2008-08-14 04:09 2,145,280 a------- e:\windows\system32\ntoskrnl.exe
2008-08-14 03:33 2,023,936 a------- e:\windows\system32\ntkrnlpa.exe
2008-01-27 10:49 <DIR> --d----- e:\docume~1\admini~1\applic~1\TomTom
2008-01-27 10:49 <DIR> --d----- e:\docume~1\alluse~1\applic~1\TomTom
2008-01-20 18:24 <DIR> --d----- e:\docume~1\admini~1\applic~1\GretagMacbeth
2008-01-20 15:10 <DIR> --d----- e:\docume~1\admini~1\applic~1\PCF-VLC
2008-01-20 15:05 <DIR> --d----- e:\docume~1\admini~1\applic~1\Participatory Culture Foundation
2008-01-20 15:05 <DIR> --d----- e:\docume~1\alluse~1\applic~1\Participatory Culture Foundation
2008-01-20 09:40 <DIR> --d----- e:\docume~1\admini~1\applic~1\OfficeUpdate12
2008-01-15 20:54 <DIR> --d----- e:\docume~1\alluse~1\applic~1\nView_Profiles
2008-01-13 16:00 <DIR> --d----- e:\docume~1\alluse~1\applic~1\Windows Genuine Advantage
2008-07-27 18:38 32,768 a--sh--- e:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072720080728\index.dat

============== Psuedo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - e:\program files\java\jre1.6.0_05\bin\ssv.dll
uRun: [ctfmon.exe] e:\windows\system32\ctfmon.exe
mRun: [NVRaidService] e:\windows\system32\nvraidservice.exe
mRun: [HPDJ Taskbar Utility] e:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] e:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "e:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "e:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] e:\windows\system32\hphmon06.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE e:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE e:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "e:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [Adobe Photo Downloader] "e:\program files\adobe\adobe photoshop lightroom 1.3\apdproxy.exe"
mRun: [TomTomHOME.exe] "e:\program files\tomtom home 2\HOMERunner.exe" -s
mRun: [Adobe Reader Speed Launcher] "e:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\logo calibration loader.lnk - e:\program files\gretagmacbeth\i1\eye-one match 3\calibrationloader\CalibrationLoader.exe
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\profilereminder.lnk - e:\program files\gretagmacbeth\i1\eye-one match 3\ProfileReminder.exe
IE: E&xport to Microsoft Excel - e:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - e:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - e:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - e:\program files\common files\microsoft shared\office11\MSOXMLMF.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - e:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - e:\windows\system32\msvidctl.dll
Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - e:\progra~1\common~1\micros~1\webcom~1\11\OWC11.DLL
SSODL: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - e:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ==============

S3 i1display;i1 Display;e:\windows\system32\drivers\i1display.sys
R2 PDIHWCTL;PDIHWCTL;e:\windows\system32\drivers\pdihwctl.sys
R0 Si3132r5;SiI-3132 SoftRaid 5 Controller;e:\windows\system32\drivers\Si3132r5.sys
R3 wacommousefilter;Wacom Mouse Filter Driver;e:\windows\system32\drivers\wacommousefilter.sys
R3 wacomvhid;Wacom Virtual Hid Driver;e:\windows\system32\drivers\wacomvhid.sys
R3 WacomVKHid;Virtual Keyboard Driver;e:\windows\system32\drivers\WacomVKHid.sys
R2 TabletServiceWacom;TabletServiceWacom;e:\windows\system32\Wacom_Tablet.exe

============= FINISH: 19:01:11.91 ===============
Attached Files
File Type: txt gmer.txt (388 Bytes, 0 views)
File Type: txt Attach.txt (42.7 KB, 0 views)
red_machine is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here