Thread: Another Redirect
View Single Post
Old 12-06-2008, 07:53 AM   #4 (permalink)
facial26
Registered User
 
Join Date: Dec 2008
Posts: 10
OS: Vista Home Premium


Re: Another Redirect
i can still not get gmer to run all the way through. here are the dds.


DDS (Version 1.0) - NTFSx86
Run by Sam Harris at 14:44:36.14 on 06/12/2008
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.44.1033.18.3071.989 [GMT 0:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Bonjour\mDNSResponder.exe
c:\hp\HPEZBTN\HPBtnSrv.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Kontiki\KService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\jureg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehRecvr.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
C:\Program Files\iTunes\iTunes.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Sam Harris\Downloads\dds(3).com
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=81&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=81&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = <local>;*.local
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.0\coIEPlg.dll
BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll
TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [Windows*Updates] c:\windows\system\Update.exe
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [<NO NAME>]
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [4oD] "c:\program files\kontiki\KHost.exe" -all
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [Windows*Updates] c:\windows\system\Update.exe
mRun: [9F.tmp] c:\windows\temp\9F.tmp
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bizche~1.lnk - c:\program files\samsung\samsung biz reader\BizChecker.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fortem~1.lnk - c:\program files\lg soft india\fortemanager\bin\Monitor.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-gb\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
TCP: {A1C5FADE-65A5-4C2F-9024-8E545C5B9CD9} = 85.255.112.126;85.255.112.131
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-11-26 28544]
R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20080926.005\IDSvix86.sys [2008-9-29 270384]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\hpezbtn\HPBtnSrv.exe [2008-4-14 198240]
R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-11-6 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-9-14 99376]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2008-4-14 1176064]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2008-4-14 464384]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\SYMNDISV.SYS [2008-6-13 41008]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-12-3 51280]
S2 Windows Tribute Service;Windows Tribute Service;c:\windows\system32\kdyqh.exe -srv []
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]
S3 LGDDCDevice;LGDDCDevice;\??\c:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2008-7-30 14336]
S3 LGII2CDevice;LGII2CDevice;\??\c:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2008-7-30 13312]
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys [2008-11-20 29192]

=============== Created Last 30 ================

2008-12-03 12:13 51,280 a------- c:\windows\system32\drivers\aswMonFlt.sys
2008-12-03 12:08 <DIR> --d----- c:\program files\Sophos
2008-12-02 01:09 250 a------- c:\windows\gmer.ini
2008-12-02 00:32 <DIR> --d----- c:\program files\iPod
2008-12-02 00:32 <DIR> --d----- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-02 00:32 <DIR> --d----- c:\program files\iTunes
2008-12-02 00:32 <DIR> --d----- c:\progra~2\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-01 21:17 <DIR> --d----- c:\programdata\WEBREG
2008-12-01 21:17 <DIR> --d----- c:\progra~2\WEBREG
2008-12-01 21:04 <DIR> --d----- c:\programdata\HPSSUPPLY
2008-12-01 19:27 127,930 a------- c:\windows\hppins22.dat
2008-12-01 19:26 258,048 a------- c:\windows\system32\hpzids01.dll
2008-12-01 19:26 1,504 a------- c:\windows\hppmdl22.dat
2008-11-28 17:25 1,228,579 a------- c:\windows\LightWave 3D 9 Uninstaller.exe
2008-11-28 17:25 <DIR> --d----- c:\program files\NewTek
2008-11-26 16:57 <DIR> --d----- c:\users\samhar~1\appdata\roaming\PeerNetworking
2008-11-26 13:22 16,952 -------- c:\windows\system32\drivers\RkPavproc1.sys
2008-11-26 13:20 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2008-11-26 13:19 <DIR> --d----- c:\program files\Panda Security
2008-11-21 16:31 356,352 a------- c:\windows\system32\RealMediaSplitter.ax
2008-11-21 16:31 <DIR> --d----- c:\program files\Free iPod Video Converter
2008-11-20 14:22 <DIR> --d----- c:\users\samhar~1\appdata\roaming\Red Alert 3
2008-11-20 13:22 29,192 a------- c:\windows\system32\drivers\ndisprot.sys
2008-11-20 13:22 <DIR> --dshr-- C:\resycled
2008-11-20 13:22 103 ---shr-- C:\autorun.inf
2008-11-20 13:22 <DIR> --d----- c:\program files\homeview
2008-11-16 14:14 <DIR> --d----- c:\users\samhar~1\appdata\roaming\Sports Interactive
2008-11-16 14:14 <DIR> --d----- c:\programdata\Sports Interactive
2008-11-16 14:14 <DIR> --d----- c:\progra~2\Sports Interactive
2008-11-16 14:11 15,128 a------- c:\windows\system32\x3daudio1_1.dll
2008-11-16 14:07 <DIR> --d-h--- c:\program files\Zero G Registry
2008-11-16 14:07 <DIR> --d----- c:\program files\Sports Interactive
2008-11-16 13:55 <DIR> --d-h--- c:\users\sam harris\InstallAnywhere
2008-11-15 14:29 19,588,096 a------- c:\windows\system32\imageres.dll
2008-11-15 14:28 <DIR> --d----- c:\programdata\Stardock
2008-11-15 14:28 <DIR> --d----- c:\progra~2\Stardock
2008-11-15 14:28 567,040 a------- c:\windows\system32\wbocx.ocx
2008-11-15 14:28 56,496 a------- c:\windows\system32\wbhelp2.dll
2008-11-15 14:28 <DIR> --d----- c:\program files\Stardock
2008-11-14 19:21 118,832 a------- c:\windows\system32\SHW32.DLL
2008-11-14 19:21 327,680 a------- c:\windows\system32\vp6dec.ax
2008-11-14 19:09 2,297,552 a------- c:\windows\system32\d3dx9_26.dll
2008-11-14 14:32 <DIR> --d----- c:\programdata\Codemasters
2008-11-14 14:32 <DIR> --d----- c:\progra~2\Codemasters
2008-11-14 14:32 444,952 a------- c:\windows\system32\wrap_oal.dll
2008-11-14 14:32 109,080 a------- c:\windows\system32\OpenAL32.dll
2008-11-14 14:32 <DIR> --d----- c:\program files\OpenAL
2008-11-14 14:32 805,400 a----r-- c:\windows\system32\tmpF598.tmp
2008-11-14 14:32 805,400 a----r-- c:\windows\system32\tmpF402.tmp
2008-11-14 14:30 <DIR> --d-h--- c:\windows\msdownld.tmp
2008-11-14 14:28 <DIR> --d----- c:\windows\system32\directx
2008-11-14 02:54 <DIR> --d----- C:\logs3
2008-11-14 02:54 <DIR> --d----- c:\windows\Downloaded Installations

==================== Find3M ====================

2008-12-01 20:42 143,360 a------- c:\windows\inf\infstrng.dat
2008-12-01 20:42 51,200 a------- c:\windows\inf\infpub.dat
2008-12-01 20:42 86,016 a------- c:\windows\inf\infstor.dat
2008-10-27 10:04 514,384 a------- c:\windows\system32\XAudio2_3.dll
2008-10-27 10:04 235,856 a------- c:\windows\system32\xactengine3_3.dll
2008-10-27 10:04 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
2008-10-27 10:04 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
2008-10-20 14:41 107,888 a------- c:\windows\system32\CmdLineExt.dll
2008-10-10 04:52 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2008-10-10 04:52 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2008-10-10 04:52 452,440 a------- c:\windows\system32\d3dx10_40.dll
2008-08-02 03:00 174 a--sh--- c:\program files\desktop.ini
2008-08-02 02:57 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-04-14 20:08 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 14:47:18.36 ===============
Attached Files
File Type: txt Attach.txt (9.7 KB, 0 views)
facial26 is offline