JP6641 Posted June 13, 2007 Share Posted June 13, 2007 everything in the security center is turned-off. I can't seem to enable anything. what should I do? Link to comment Share on other sites More sharing options...
Moderators TwistedMetal Posted June 13, 2007 Moderators Share Posted June 13, 2007 My Computer, Control Panel, Administrative Tools, and Services. Make sure Security Center is Enabled. Right click on Security Center, Properties, Startup type: Automatic Also click on Dependencies and make sure them services are turned on too. Your Friendly Neighborhood Piriform Forum Moderator Quick Links: CCleaner Products | CCleaner Documentation | Knowledge Center | Downloads | Lost License Key Link to comment Share on other sites More sharing options...
JP6641 Posted June 13, 2007 Author Share Posted June 13, 2007 My Computer, Control Panel, Administrative Tools, and Services. Make sure Security Center is Enabled. Right click on Security Center, Properties, Startup type: Automatic Also click on Dependencies and make sure them services are turned on too. The Firewall turned on temporarly and then off. How do I do all that stuff you said? Link to comment Share on other sites More sharing options...
Moderators rridgely Posted June 13, 2007 Moderators Share Posted June 13, 2007 Either something is corrupted in the security center or there is a virus interfering. Please post a hijackthis log. Directions if needed: http://forum.piriform.com/index.php?showtopic=1720 Link to comment Share on other sites More sharing options...
JP6641 Posted June 13, 2007 Author Share Posted June 13, 2007 Either something is corrupted in the security center or there is a virus interfering. Please post a hijackthis log. Directions if needed: http://forum.piriform.com/index.php?showtopic=1720 Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 9:31:02 PM, on 6/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\VJ\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F3 - REG:win.ini: load= O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O20 - Winlogon Notify: rqrronl - rqrronl.dll (file missing) O20 - Winlogon Notify: ssqro - C:\WINDOWS\ O20 - Winlogon Notify: vturp - C:\WINDOWS\ O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 3975 bytes Link to comment Share on other sites More sharing options...
Moderators rridgely Posted June 13, 2007 Moderators Share Posted June 13, 2007 Run BitDefender Online Scanner Using internet Explorer please go HERE to run BitDefender's Online scan. Read the terms and then click I Agree You may receive a Security Warning about the BitDefender ActiveX control, If you do, please allow it to install. On the scanning Options screen, Press Click Here To Scan and then follow the on screen prompts. Once bit defender is finished scanning your computer it will automatically remove the infections. Once the removal process is finished press the close button and a dialog box will appear asking if you want to send your scan log back to the makers of bitdefender. You do not have to do this but what you do want to do is press the button that says "view log" and then copy and paste that log into notepad and save it to your desktop as bitdefender.txt. Reboot your computer Post the bitdefender log and a new hijackthis log. Link to comment Share on other sites More sharing options...
JP6641 Posted June 13, 2007 Author Share Posted June 13, 2007 Run BitDefender Online ScannerUsing internet Explorer please go HERE to run BitDefender's Online scan. Read the terms and then click I Agree You may receive a Security Warning about the BitDefender ActiveX control, If you do, please allow it to install. On the scanning Options screen, Press Click Here To Scan and then follow the on screen prompts. Once bit defender is finished scanning your computer it will automatically remove the infections. Once the removal process is finished press the close button and a dialog box will appear asking if you want to send your scan log back to the makers of bitdefender. You do not have to do this but what you do want to do is press the button that says "view log" and then copy and paste that log into notepad and save it to your desktop as bitdefender.txt. Reboot your computer Post the bitdefender log and a new hijackthis log. Currently scanning with BitDefender. Link to comment Share on other sites More sharing options...
JP6641 Posted June 13, 2007 Author Share Posted June 13, 2007 Currently scanning with BitDefender. *BitDefender Online Scanner - Real Time Virus Report* Generated at: Wed, Jun 13, 2007 - 06:44:03 ------------------------------------------------------------------------ *Scan Info* Scanned Files 267926 Infected Files 0 * * *Virus Detected* No virus found. ------------------------------------------------------------------------ This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world. ============================================================================================= Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 6:47:44 AM, on 6/13/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe F:\YVD\YGO Virtual Desktop V086.exe F:\Program Files\ronin.exe C:\Documents and Settings\VJ\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F3 - REG:win.ini: load= O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O20 - Winlogon Notify: rqrronl - rqrronl.dll (file missing) O20 - Winlogon Notify: ssqro - C:\WINDOWS\ O20 - Winlogon Notify: vturp - C:\WINDOWS\ O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 4455 bytes Link to comment Share on other sites More sharing options...
Moderators rridgely Posted June 13, 2007 Moderators Share Posted June 13, 2007 Download this file - combofix.exe and save it to your desktop. Double click combofix.exe & follow the prompts. When it's finished, it will produce a log of what it found. Please post the contents of that log in your next reply Note: Do not mouseclick combofix's window whilst it's running as it may cause it to stall Link to comment Share on other sites More sharing options...
JP6641 Posted June 14, 2007 Author Share Posted June 14, 2007 Download this file - combofix.exe and save it to your desktop.Double click combofix.exe & follow the prompts. When it's finished, it will produce a log of what it found. Please post the contents of that log in your next reply Note: Do not mouseclick combofix's window whilst it's running as it may cause it to stall ComboFix 07-06-13.3 - C:\Documents and Settings\VJ\Desktop\ComboFix.exe "VJ" - 2007-06-13 17:58:45 - Service Pack 1 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\regedit.com C:\WINDOWS\system32\taskmgr.com ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 17:48 <DIR> d-------- C:\WINDOWS\Prefetch 2007-06-13 17:39 <DIR> d-------- C:\WINDOWS\LastGood 2007-06-13 17:36 113,944 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-06-13 17:36 1,081,112 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-06-13 17:31 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-06-13 17:31 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-06-13 17:07 <DIR> d-------- C:\WINDOWS\setup.pss 2007-06-13 17:06 <DIR> d-------- C:\WINDOWS\setupupd 2007-06-13 13:15 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-13 09:32 <DIR> d-------- C:\WINDOWS\LastGood.Tmp 2007-06-13 09:10 77,824 --a------ C:\WINDOWS\system32\isign32.dll 2007-06-13 09:10 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-06-13 09:10 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-06-13 09:10 47,616 --a------ C:\WINDOWS\system32\inetres.dll 2007-06-13 09:10 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-06-13 09:10 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-06-13 09:10 33,280 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-06-13 09:10 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-06-13 09:10 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-06-13 09:10 266,240 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-06-13 09:10 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-06-13 09:09 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-06-13 09:09 81,408 --a------ C:\WINDOWS\system32\msoert2.dll 2007-06-13 09:09 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-06-13 09:09 69,248 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-06-13 09:09 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-06-13 09:09 63,488 --a------ C:\WINDOWS\system32\srclient.dll 2007-06-13 09:09 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-06-13 09:09 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-06-13 09:09 250,368 --a------ C:\WINDOWS\system32\mstask.dll 2007-06-13 09:09 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-06-13 09:09 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-06-13 09:09 226,304 --a------ C:\WINDOWS\system32\srrstr.dll 2007-06-13 09:09 221,696 --a------ C:\WINDOWS\system32\qmgr.dll 2007-06-13 09:09 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-06-13 09:09 159,232 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-06-13 09:09 158,720 --a------ C:\WINDOWS\system32\srsvc.dll 2007-06-13 09:08 98,816 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-06-13 09:08 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-06-13 09:08 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-06-13 09:08 9,216 --a------ C:\WINDOWS\system32\icaapi.dll 2007-06-13 09:08 88,064 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-06-13 09:08 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-06-13 09:08 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-06-13 09:08 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-06-13 09:08 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-06-13 09:08 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-06-13 09:08 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-06-13 09:08 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-06-13 09:08 598,016 --a------ C:\WINDOWS\system32\mstscax.dll 2007-06-13 09:08 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-06-13 09:08 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-06-13 09:08 56,320 --a------ C:\WINDOWS\system32\remotepg.dll 2007-06-13 09:08 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-06-13 09:08 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-06-13 09:08 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-06-13 09:08 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-06-13 09:08 489,984 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-06-13 09:08 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-06-13 09:08 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-06-13 09:08 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-06-13 09:08 388,608 --a------ C:\WINDOWS\system32\mstsc.exe 2007-06-13 09:08 359,936 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-06-13 09:08 339,968 --a------ C:\WINDOWS\system32\mspaint.exe 2007-06-13 09:08 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-06-13 09:08 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-06-13 09:08 200,192 --a------ C:\WINDOWS\system32\termsrv.dll 2007-06-13 09:08 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-06-13 09:08 18,432 --a------ C:\WINDOWS\system32\qprocess.exe 2007-06-13 09:08 179,200 --a------ C:\WINDOWS\system32\accwiz.exe 2007-06-13 09:08 174,592 --a------ C:\WINDOWS\system32\cmprops.dll 2007-06-13 09:08 16,384 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-06-13 09:08 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-06-13 09:08 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-06-13 09:08 135,680 --a------ C:\WINDOWS\system32\rdchost.dll 2007-06-13 09:08 129,024 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-06-13 09:08 124,416 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-06-13 09:08 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-06-13 09:08 116,736 --a------ C:\WINDOWS\system32\mplay32.exe 2007-06-13 09:08 115,976 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-06-13 09:08 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-06-13 09:08 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-06-13 09:08 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-06-13 09:07 57,856 --a------ C:\WINDOWS\system32\licwmi.dll 2007-06-13 09:07 182,400 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-06-13 09:04 56,576 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-06-13 09:04 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-06-13 09:04 5,888 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-06-13 09:02 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-06-13 09:01 38,024 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-06-13 09:00 71,168 --a------ C:\WINDOWS\system32\storprop.dll 2007-06-13 09:00 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-06-12 21:36 <DIR> d-------- C:\WINDOWS\BDOSCAN8 2007-06-12 21:17 <DIR> d-------- C:\WINDOWS\SoftwareDistribution 2007-06-12 21:12 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2007-06-12 20:07 <DIR> d-------- C:\Program Files\Sonic 2007-06-12 20:07 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared 2007-06-12 11:52 <DIR> d-------- C:\Program Files\Dell 2007-06-12 11:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell 2007-06-12 10:18 6,553,600 --a------ C:\DOCUME~1\VJ\ntuser.dat (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 23:55:16 -------- d--h--w C:\Program Files\WindowsUpdate 2007-06-13 23:37:18 23,388 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-06-13 15:09:57 -------- d-----w C:\Program Files\Movie Maker 2007-06-13 15:08:18 -------- d-----w C:\Program Files\Windows NT 2007-06-13 11:26:48 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-06-12 15:46:10 6,468 ----a-w C:\WINDOWS\mozver.dat 2007-06-07 13:39:00 -------- d-----w C:\Program Files\Foxit Software 2007-05-25 01:23:00 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2007-05-08 23:52:57 -------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-05-08 22:00:38 -------- d-----w C:\DOCUME~1\VJ\APPLIC~1\LimeWire 2007-05-01 18:52:14 -------- d--h--w C:\DOCUME~1\VJ\APPLIC~1\yahoo! 2007-04-28 15:45:49 -------- d-----w C:\Program Files\NVIDIA Corporation 2007-04-23 16:15:05 135,936 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2007-04-22 19:17:21 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-04-21 12:46:54 249,856 ------w C:\WINDOWS\Setup1.exe 2007-04-21 12:46:41 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2007-04-20 12:12:28 -------- d-----w C:\Program Files\Yahoo! 2007-04-19 07:35:40 240,368 ----a-w C:\WINDOWS\UNBOC.EXE 2007-04-17 18:17:53 -------- d-----w C:\Program Files\Auto Cleaner 2007-04-10 15:26:12 335 ----a-w C:\WINDOWS\mozregistry.dat 2007-04-09 20:46:05 14 ----a-w C:\WINDOWS\system32\getfile.dat 2007-04-09 20:15:53 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2007-04-08 13:14:43 0 ----a-w C:\WINDOWS\system32\SBRC.dat 2007-04-08 13:14:43 0 ----a-w C:\WINDOWS\system32\SBFC.dat 2007-04-06 23:31:26 1,266,814 --sh--w C:\WINDOWS\system32\prutv.ini2 2007-04-06 22:25:28 1,247,754 --sh--w C:\WINDOWS\system32\prutv.bak2 2007-04-05 00:53:42 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll 2007-03-30 21:30:15 1,100 ----a-w C:\WINDOWS\system32\d3d8caps.dat 2007-03-30 21:04:00 1,246,685 --sh--w C:\WINDOWS\system32\prutv.bak1 2007-03-23 21:06:41 1,241,108 --sha-w C:\WINDOWS\system32\acbeg.ini2 2007-03-23 20:33:04 229,376 ----a-w C:\WINDOWS\CMDLIC.DLL 2007-03-23 12:07:56 1,683,280 ----a-w C:\WINDOWS\system32\XpsSvcs.dll 2007-03-23 12:07:54 583,504 ----a-w C:\WINDOWS\system32\XPSSHHDR.dll 2007-03-23 02:25:02 124,928 ----a-w C:\WINDOWS\system32\prntvpt.dll 2007-03-19 02:22:43 6,637,696 ----a-w C:\WINDOWS\system32\exec1.exe 2007-03-14 08:52:10 1,073,152 ----a-w C:\WINDOWS\system32\nvCplUIR.dll 2007-03-14 08:52:08 745,472 ----a-w C:\WINDOWS\system32\nvCplUI.exe 2007-03-14 08:51:52 307,200 ----a-w C:\WINDOWS\system32\nvExpBar.dll 2007-03-13 22:05:04 1,158,883 --sha-w C:\WINDOWS\system32\gjllm.bak2 ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {089FD14D-132B-48FC-8861-0048AE113215}=C:\Program Files\SiteAdvisor\6066\SiteAdv.dll [2007-03-30 09:41] {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}=C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 15:29] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 05:59 C:\WINDOWS\BCMSMMSG.exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-16 14:26] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "NoVisualStyleChoice"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqrronl] rqrronl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqro] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturp] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages scecli scecli scecli scecli scecli scecli [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Dell AIO Printer A940"="C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" *Newly Created Service* - WUAUSERV Contents of the 'Scheduled Tasks' folder 2007-06-08 23:15:42 C:\WINDOWS\tasks\1-Click Maintenance.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-13 17:59:57 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-13 18:00:26 C:\ComboFix-quarantined-files.txt ... 2007-06-13 18:00 --- E O F --- Link to comment Share on other sites More sharing options...
JP6641 Posted June 14, 2007 Author Share Posted June 14, 2007 GMER 1.0.12.12244 - http://www.gmer.net Rootkit scan 2007-06-13 19:50:29 Windows 5.1.2600 Service Pack 1 ---- Registry - GMER 1.0.12 ---- Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmecdilfodoemhedfml 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidaphlnoepjfadpcnom 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@iaaiigcjghfmpobdij 0x61 0x61 0x00 0x00 Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@hakhcpojpoeklkgi 0x61 0x61 0x00 0x00 Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@iaeginchkembmhapoa 0x61 0x61 0x00 0x00 Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmecdilfododmegciah 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidaphlnoepjcagadihj 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmeankmpgellnjngfie 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidafhjmgkgckggjpjpd 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmeankmdmanppceodoi 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidafhjmkkcopmdndcca 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C118E24-2457-15AC-C01D-93999FC44876}@dbamoegnamgaahaapoamgapojjbhdhmjmenbjlei 0x6A 0x61 0x64 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C118E24-2457-15AC-C01D-93999FC44876}@cbgmaglheiednljeihfegldbdggnbgaldpancc 0x6A 0x61 0x64 0x65 ... ---- Files - GMER 1.0.12 ---- ADS C:\Documents and Settings\Neno\Start Menu\Programs\Startup\Registration Tom Clancy's Rainbow Six: Vegas.LNK ---- EOF - GMER 1.0.12 ---- Link to comment Share on other sites More sharing options...
Moderators rridgely Posted June 14, 2007 Moderators Share Posted June 14, 2007 Download SDFix and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt(Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum with a new HijackThis log Link to comment Share on other sites More sharing options...
JP6641 Posted June 14, 2007 Author Share Posted June 14, 2007 SDFix: Version 1.87 Run by VJ on Thu 06/14/2007 at 05:31 AM Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: Checking C:\WINDOWS\ C:\WINDOWS No streams found. Checking C:\WINDOWS\system32 C:\WINDOWS\system32 No streams found. Checking C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking C:\WINDOWS\system32\ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files: --------------- Listing Files with Hidden Attributes: C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Joel\NTUSER.DAT.COPY.TMP.LOG C:\Documents and Settings\VJ\NTUSER.DAT.COPY.TMP.LOG C:\WINDOWS\system32\acbeg.tmp C:\WINDOWS\system32\prutv.tmp C:\WINDOWS\system32\config\default.tmp.LOG C:\WINDOWS\system32\config\software.tmp.LOG C:\WINDOWS\system32\config\system.tmp.LOG Listing User Accounts: User accounts for \\JESUS-O7G2CSL5J Administrator ASPNET Guest HelpAssistant Joel Neno SUPPORT_388945a0 VJ Finished ============================================================================================= Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 5:40:44 AM, on 6/14/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\notepad.exe C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\WgaTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\VJ\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O20 - Winlogon Notify: rqrronl - rqrronl.dll (file missing) O20 - Winlogon Notify: ssqro - C:\WINDOWS\ O20 - Winlogon Notify: vturp - C:\WINDOWS\ O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 4669 bytes Link to comment Share on other sites More sharing options...
Moderators rridgely Posted June 14, 2007 Moderators Share Posted June 14, 2007 Can you turn on your firewall and stuff now? Link to comment Share on other sites More sharing options...
JP6641 Posted June 14, 2007 Author Share Posted June 14, 2007 Can you turn on your firewall and stuff now? Due to an unidentifeid problem, Windwos cannot display Firewall settings. Link to comment Share on other sites More sharing options...
Moderators rridgely Posted June 14, 2007 Moderators Share Posted June 14, 2007 Download this and unzip it: http://djlizard.net.nyud.net:8080/software...-v0.60.0.24.zip Click to open up dial a fix and then once its open press the green checkmarks and then press go. Let it run through everything and when its done let me know if you can use the windows firewall. (try a reboot if not working) Link to comment Share on other sites More sharing options...
JP6641 Posted June 14, 2007 Author Share Posted June 14, 2007 During Dial-a-Fix I get this message 2x: "Error 127: C:\WINDOWSsystem32\qmgr.dll is not unregisterable or the file is corrupted.Your version of qmgr.dll is: 6.2.2600.1106.Please contact dial-a-fix@DjLizard.net so that an exception can be made for your version of this fiel." And no I still cannot turn my firewall on. Link to comment Share on other sites More sharing options...
JP6641 Posted June 15, 2007 Author Share Posted June 15, 2007 During Dial-a-Fix I get this message 2x: "Error 127: C:\WINDOWSsystem32\qmgr.dll is not unregisterable or the file is corrupted.Your version of qmgr.dll is: 6.2.2600.1106.Please contact dial-a-fix@DjLizard.net so that an exception can be made for your version of this fiel." And no I still cannot turn my firewall on. I got my update service going by downloading: WindowsUpdateAgent20-x86. Yeah it works way better than going into the registry or starting and restarting the service. I just reinstalled it and its working so far. I'm on trying to reinstall SP2, but its taking way too long update wise. Im gonna try the CD again and see what happens. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now