Jump to content

gmer won't run


mxxx

Recommended Posts

i downloaded the gmer utility. but it runs for a few seconds then i get an 'encountered error' message and it stops.

DDS (Ver_09-11-24.02) - NTFSx86

Run by rmac at 12:20:34.04 on Sat 11/28/2009

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.98 [GMT -8:00]

AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe

C:\WINDOWS\system32\hphmon03.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

C:\Program Files\McAfee\Common Framework\UdaterUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\rmac\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://news.myway.com/index/id/top%7Cap.html

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [AdaptecDirectCD] c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe

mRun: [Apoint] c:\program files\apoint\Apoint.exe

mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe

mRun: [HPHmon03] c:\windows\system32\hphmon03.exe

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [P17Helper] Rundll32 P17.dll,P17Helper

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\hold\malwarebytes' anti-malware2\mbam.exe" /runcleanupscript

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ciscos~1.lnk - c:\program files\cisco systems\vpn client\vpngui.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_10\bin\ssv.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146160059187

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146176746377

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\program files\qualcomm\eudora\EuShlExt.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rmac\applic~1\mozilla\firefox\profiles\h8u0shrj.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://news.myway.com/index.html

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava11.dll

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava12.dll

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava13.dll

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava14.dll

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJava32.dll

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPJPI150_10.dll

FF - plugin: c:\program files\java\jre1.5.0_10\bin\NPOJI610.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npitunes.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----

FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.14); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.00.14);user_pref(general.useragent.extra.zencast, c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.sys [2006-4-27 10880]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-7-2 19160]

R3 vmmemctl;VMware server memory controller;c:\windows\system32\drivers\vmmemctl.sys [2006-3-28 5500]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-7-2 195856]

S3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [2003-1-30 18864]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]

S3 vmmouse;VMware Pointing Device;c:\windows\system32\drivers\vmmouse.sys [2006-4-27 4608]

S3 vmx_svga;vmx_svga;c:\windows\system32\drivers\vmx_svga.sys [2006-4-27 15744]

S3 vmxnet;VMware Ethernet Adapter Driver;c:\windows\system32\drivers\vmxnet.sys [2006-4-27 22528]

=============== Created Last 30 ================

2009-11-22 15:57:41 54156 ---ha-w- c:\windows\QTFont.qfn

2009-11-22 15:57:41 1409 ----a-w- c:\windows\QTFont.for

2009-11-20 23:36:34 0 d-----w- c:\program files\SPSSIncOEM

2009-11-20 23:26:09 0 ----a-w- c:\windows\system32\nsprs.dll

2009-11-20 23:25:25 0 d-----w- c:\program files\common files\Data Dynamics

2009-11-20 23:23:24 0 ----a-w- C:\law.sp

2009-11-20 21:49:25 0 d-----w- c:\docume~1\alluse~1\applic~1\SPSS

2009-11-20 21:49:24 0 d-----w- c:\program files\common files\SPSS

2009-11-20 21:27:56 0 d-----w- c:\documents and settings\rmac\.spss

2009-11-20 19:42:43 114 ----a-w- c:\windows\system32\prsgrc.tgz

2009-11-20 19:42:43 1024 ----a-w- c:\windows\system32\grcauth2.dll

2009-11-20 19:42:43 1024 ----a-w- c:\windows\system32\grcauth1.dll

2009-11-20 19:42:43 100 ----a-w- c:\windows\system32\prsgrc.dll

2009-11-20 19:42:10 0 d-----w- c:\docume~1\alluse~1\applic~1\SafeNet Sentinel

2009-11-20 19:36:55 0 d-----w- c:\program files\SPSSInc

2009-10-30 16:08:00 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat

==================== Find3M ====================

2009-11-22 02:04:38 152363 ----a-w- c:\windows\fonts\AdobeFnt07.lst

2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll

2001-05-24 20:59:30 162304 ----a-w- c:\program files\UNWISE.EXE

2008-04-01 03:31:09 80 --sh--r- c:\windows\system32\64B6FEA206.dll

2005-07-14 19:31:20 27648 --sha-w- c:\windows\system32\AVSredirect.dll

2009-07-05 03:56:57 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009070420090705\index.dat

============= FINISH: 12:23:25.96 ===============

Attach1.zip

Link to post
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.