Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cfgmgr52.dll [CLOSED]


  • This topic is locked This topic is locked

#1
Bobz

Bobz

    New Member

  • Member
  • Pip
  • 3 posts
Well I found this forum and found that u guys ahve helped a lot of peopel but i couldn't find an answer to my probelm so i decided to make a new acc and Post here.

I Have Ad-Adware Pro 1.06r and the Free Spybot and have run the scans but this has not solved my problem.

I get pop up very often.. about every 10 webpage clicks.

My mian problem is no the pop-ups tho.

I am having trouble starting my computer. When i start my computer(XP) and click on the Username my icons apear. But after about 10 second they dissapear, i can see the background and nothgin else. I hit Crtl + Alt+ Dlt but nothing ever happens. Some Times though i get an error as the icons disappear. It says:
"An Exception occurred while trying to run "C:\windows\cfgmgr52.dll,DllRun"

I have though somehow got my comp to stay on, this has happend before, but if i turn it off then i get the error again. I usuaylcan get my comp to stay on after about 3 hrs of trying.

Here is my HijakThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 1:30:29 PM, on 10/20/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\system\mmbvqd.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\Program Files\WebWeaver\WebWeaver.exe
C:\Program Files\cvsnt\cvsservice.exe
C:\Program Files\cvsnt\cvslock.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\nicki\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://yahoo.sbc.com/dsl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr52.dll
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll (file missing)
O2 - BHO: (no name) - {B47AB0D0-2599-7A22-1204-DBCC6417B5AB} - C:\WINDOWS\jxarasbn.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search - {458419B6-9BB6-89DE-42CE-733B2156790F} - C:\WINDOWS\jxarasbn.dll
O3 - Toolbar: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [oijjzd] C:\WINDOWS\System32\bdtqiv.exe
O4 - HKLM\..\Run: [CSV10P70] C:\Program Files\CSBB\CSv10P070.exe
O4 - HKLM\..\Run: [vltvic] C:\WINDOWS\System32\vltvic.exe
O4 - HKLM\..\Run: [dlsmgr] C:\Program Files\dlsmgr\dlsmgr.exe
O4 - HKLM\..\Run: [HPNT] C:\Program Files\hpdll\hpdll.exe
O4 - HKLM\..\Run: [DI2] "C:\DOCUME~1\nicki\LOCALS~1\Temp\27.exe\27.exe"
O4 - HKLM\..\Run: [BPT] "C:\Program Files\Bpt\bpt.exe"
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msmc.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Mywft] C:\Program Files\Mutb\Lncwus.exe
O4 - HKLM\..\Run: [077j3mj] clinw.exe
O4 - HKLM\..\Run: [PS1] C:\WINDOWS\System32\ps1.exe
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\System32\wintask.exe
O4 - HKLM\..\Run: [C:\WINDOWS\VCMnet11.exe] C:\WINDOWS\VCMnet11.exe
O4 - HKLM\..\Run: [i1djo] C:\WINDOWS\System32\i1djo.exe
O4 - HKLM\..\Run: [regsync] C:\WINDOWS\System32\regsync.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [sac] c:\program files\180searchassistant\sac.exe
O4 - HKLM\..\Run: [exp] C:\WINDOWS\System32\exp
O4 - HKLM\..\Run: [PSof1] C:\WINDOWS\System32\PSof1.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\npzpaz.exe reg_run
O4 - HKLM\..\Run: [mam] C:\WINDOWS\System32\mam.exe
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [tempx] C:\WINDOWS\System32\tempx.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [cbllo] C:\WINDOWS\System32\cbllo.exe
O4 - HKLM\..\Run: [hqqoukd] C:\WINDOWS\System32\hqqoukd.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [zchyum] C:\WINDOWS\System32\zchyum.exe
O4 - HKLM\..\Run: [vkvpf] C:\WINDOWS\System32\vkvpf.exe
O4 - HKLM\..\Run: [nduq] C:\WINDOWS\System32\nduq.exe
O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\Run: [SYSfit] C:\WINDOWS\SYSfit.exe
O4 - HKCU\..\Run: [Wggb] C:\WINDOWS\System32\?ti2evxx.exe
O4 - HKCU\..\Run: [HwotRgHqg] catctrac.exe
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Owao] C:\Program Files\tobo\cucw.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [PrivacyScanner] C:\Program Files\Privacy Champion\pscan.exe
O4 - HKCU\..\Run: [qurw] C:\PROGRA~1\COMMON~1\qurw\qurwm.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: http://www.neededware.com
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: NDWCab - http://www.neededware.com/ndw4.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup.../bridge-c18.cab
O16 - DPF: {4B084DC4-6A64-11D9-AAC8-91EC5E497716} - http://www.ouchvideo...iewer_htm10.cab
O16 - DPF: {972BB342-14A7-4660-83C1-51DDBEE171DB} - http://www.pacimedia...ll/pcs_0029.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {B9A296D4-38AC-4566-8168-F7ACAF7D35E6} (Eyeball Video Session Control) - http://imlive.com/Ch...VideoContol.cab
O16 - DPF: {BAB3E70B-A847-4A88-ACFC-778FCCC00287} (CActSetupObj Object) - http://www.odysseusm...om/actsetup.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {EC51659D-721F-4CBF-9CEA-5E776D89CEA9} - http://www.pacimedia...ll/pcs_0006.exe
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rCabInstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDBB1D59-D3AC-4F52-8B7A-DD2C89E0E723}: NameServer = 68.94.156.1 68.94.157.1
O20 - AppInit_DLLs: repairs.dll
O23 - Service: 3D · Dynamic DNS Client & Dial Up Network Dialer (3DWatch) - Unknown owner - C:\Program Files\3D\3D.exe (file missing)
O23 - Service: BRS WebWeaver (BRS_WebWeaver) - Maestro Computing - C:\Program Files\WebWeaver\WebWeaver.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: CVSNT (CVS) - GNU - C:\Program Files\cvsnt\cvsservice.exe
O23 - Service: CVSNT Locking Service (CVSLock) - Unknown owner - C:\Program Files\cvsnt\cvslock.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE



I know i have many problems and many files that need to be delted. I am usua;y good with comps but somehow i cann't seem to figure this one out.

Need comp for School so cann't have this problem restricking me from useing the Comp.


PS> Almost forgot to say this, I can start my comp in Safe Mode at any time and it works fine in there since the DLL doesn't run. So if i have to restart i can go to that.

Thxs for your help in Advance
~Ryan
  • 0

Advertisements


#2
Bobz

Bobz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
BUMP.

Wow... bsy forum. page 1 to page 7 in about 3 hours =/

You guys must rlly knowo what you are talkign about to be this bsy :tazz:.
  • 0

#3
miekiemoes

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Hello, Nice collection you have here.

First of all, I think you are still using an older version of Adaware.
Please make sure you have the latest version, because this is really important!
I see you have the Pro version installed, with adwatch running in the background.
I suggest you disable it because it can interfere with the fixes.

To disable AdWatch:

Open AdAware SE.
Go to AdWatch User Interface.
Go to Tools and Preferences.
At the bottom of the screen you will see 2 options Active and Automatic.
Active: This will turn Ad-Watch On\Off without closing it
Automatic: Suspicious activity will be blocked automatically
Uncheck both options. You can enable these after resolving your problem.

Then uninstall next programs if still present:

PrivacyScanner
Surfside Kick
The Best Offers
Windows AFA Internet Enhancement
CSBB
180searchassistant (or anythig else with 180 search in it)


REBOOT afterwards!! Important!!

BEFORE BEGINNING, Please read completely through the instructions below and download the files from the links provided. You may want to save or print out these instructions for easier reference.

First, download Ewido Security Suite.

Next, download Lavasoft's Ad-Aware and the VX2 Cleaner Plug-in. Install Ad-Aware using the default options, then install vx2cleaner_inst.exe, taking all the defaults there as well.

Run Ad-Aware, update to the latest definitions, then click on Add-ons in the lefthand column.
Select VX2 Cleaner V2.0 and click Run Tool.
Click "OK", then, if something is found, click "Clean" as in the directions given.
Click "Close", and exit Ad-Aware.

Reboot your PC and run Ad-Aware again.
This time, click on the Start button in Ad-Aware, select "Perform smart system scan" and click Next.
Once the scan finishes, click "Next" again.
Select all objects found (right click anywhere in the list of found objects and click "Select All Objects").
Click "Next" one more time, then "OK" to confirm the removal.

You will be prompted to set Ad-Aware to run on reboot, click "OK". Exit Ad-Aware and restart your PC once again.

When Ad-Aware starts up, click on "Start", then "Next".
Follow the steps above if anything is found, or click "Finish", then exit Ad-Aware.

For a final cleanup, please install and run Ewido.
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • From the main ewido screen, click on update in the left menu, then click the Start update button.
  • After the update finishes (the status bar at the bottom will display "Update successful"
  • Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
  • During the scan it will prompt you to clean files, click OK
  • When the scan is finished, look at the bottom of the screen and click the Save report button.
  • Save the report to your desktop.
  • Close Ewido.
Please finish up by rebooting your system once more, and posting a new HijackThis log and the log from the Ewido scan.
  • 0

#4
Bobz

Bobz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
I am Pretty Sure i Have Ad-Aware S&E version 1.06r Pro (friend installed on my comp for me)

Should i still install the free one that u posted??

Also.. Is there anyway to get the cfgmgr52.dll error to stop since i have problems restarting with this problem... makes it almost inpossible. =/

So if there is any fast way to stop this problem i would love to know since it woudl make fixing all the rest of the problems a lot easier since i would be able to restart my comp freely in safe mod and normal.


Edit: Could i maybe install the probgrams now that i am on my comp then restart in SAFE mode and run then?? Or would they not work as well. But dunno once i shut it down if i could get ti back up.. took me 5 days to get it to stay on like it is now in normal mode :'(


Thxs,
~Ryan

Edited by Bobz, 20 October 2005 - 08:23 PM.

  • 0

#5
miekiemoes

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Hi, don't perform this in safe mode, because it creates a runonce-key also and this won't run in safe mode.
So please follow my steps in exactly the same order as I asked you. If you have Adaware Se installed (latest version), no need to install the free version then. Just make sure you disable your adwatch.
Adaware and/or Ewido will fix that error also. If not, then just be patient.. we'll fix it manually afterwards.
So the main important thing is to follow the instructions. If I ask you to reboot there, reboot.

Also, please make sure your Internet Explorer is closed while performing above steps!!!
  • 0

#6
miekiemoes

miekiemoes

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 5,503 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP