DEP - yahoo messenger problem.

View previous topic View next topic Go down

Solved DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 7:08 am

When I'm trying to open YM, this message came up.


And this is the image of my DEP.


Image of my boot.ini.


What should I do? I want to open Yahoo Messenger, I already log in as an administrator.

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by Digitalocksmith on Fri Jan 09, 2009 8:02 am

Send me a HiJackThis log to analyze!

If i think its necessary, i will send it of to our Malware guru for a service!

Regards



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 8:44 am

This is my HiJack This log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:42:59 PM, on 1/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\WINDOWS\System32\SnoopFreeSvc.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\WINDOWS\system32\igfxtray.exe
E:\WINDOWS\system32\hkcmd.exe
E:\WINDOWS\system32\igfxpers.exe
E:\WINDOWS\SnoopFreeUI.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\Program Files\COMODO\COMODO Internet Security\cfp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\igfxsrvc.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\DAP\DAP.EXE
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - E:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - E:\Program Files\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - E:\Program Files\WOT\WOT.dll
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] E:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "E:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - E:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - E:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - E:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - E:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - E:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://Download.Windowsupdate.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230977596359
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230984652828
O17 - HKLM\System\CCS\Services\Tcpip\..\{57D7B392-85F6-45EF-9115-8D027ECDE234}: NameServer = 210.4.2.61 202.78.97.41
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - E:\Program Files\WOT\WOT.dll
O20 - AppInit_DLLs: E:\WINDOWS\system32\guard32.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - E:\WINDOWS\System32\SnoopFreeSvc.exe

--
End of file - 6306 bytes

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by Digitalocksmith on Fri Jan 09, 2009 9:10 am

Log is clean.....time to grab at straws!

Uninstall yahoo messanger from add/remove programs, open program file directory on C:/ and delete any remaining folders entitiled yahoo / yahoo messenger etc.

Run registry editor from command prompt (regedit.exe) and locate software keys under HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER and delete any strings labelled yahoo or messenger etc.

Shutdown and Reboot

Install latest version of yahoo messenger!

See if this helps

Regards



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 9:38 am

But if I delete the yahoo messenger in C:/, my YM in Vista will gone. Cause I dual boot Vista(C:) and XP(E:). Is it ok? Thanks

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by Digitalocksmith on Fri Jan 09, 2009 10:06 am

Sorry....should have seen that you posted HJT from your XP install.

Do the above for E: only.......

That is unless the issue also occurs within your vista install on C:?



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 10:36 am

It doesn't work. :oops:

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by Digitalocksmith on Fri Jan 09, 2009 10:46 am

Will the program run normally after disabling DEP for Yahoo?

1. Click Start
2. Select Control Panel
3. Select System
4. Click the Advanced tab
5. In the Performance region select Settings
6. Click the Data Execute tab in the dialog box that opens
7. Select Turn on DEP for all programs and services except for those I select
8. Click Add.
9. The open dialog box will open. Browse and select your application.
10. Click Open
11. Click Apply
12. Click Ok
13. Reboot



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 11:04 am

I can't click anything in DEP. This is the image:

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by Digitalocksmith on Fri Jan 09, 2009 11:40 am

You are logged on with an administrator account aren't you?

http://www.maxi-pedia.com/noexecute+DEP+parameter+optin+optout



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 11:49 am

Yes, I log in as administrator. I even log in as hidden administrator.

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by Digitalocksmith on Fri Jan 09, 2009 12:40 pm

You will have to set the DEP through controlling the switches in the boot.ini file then!

Use the link i provided.

The Boot.ini file settings are:
/noexecute=policy_level

Regards



Digitalocksmith
Leader
Leader

Posts Posts : 625
Joined Joined : 2007-12-22
Gender Gender : Male
OS OS : Windows 7 Ultimate x64 beta 1 (build 7048) - Testing Bluewhite64 Linux 12.2
Points Points : 48921
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: DEP - yahoo messenger problem.

Post by jairus on Fri Jan 09, 2009 1:55 pm

I don't know why, but when I reboot after i try to edit the boot.ini using the Windows CD, YM is now working. Shocking Whoa

jairus
Intermediate
Intermediate

Posts Posts : 184
Joined Joined : 2008-10-22
Gender Gender : Male
OS OS : Windows 7
Points Points : 30194
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum