How to start a local Server on Windows Platform?

Windows Update Trouble

I am not able to download critical updates, I receive error code 0x80242FFF . What's more, I am unable to click on any links for Microsoft Support (just get "page cannot be displayed". I tried to scan with Windows malicious Software Remover Tool but could not get it to start either. My computer will not display Ebay, Yahoo, and certain other pages properly (without pictures and extremely slow page loads). I have run Registry Mechanic, Spybot, Spyware Doctor and Adaware but the problems are unsolved. The software location errors I fixed with Registry Mechanic keep reappearing every time I scan.. Here is the logfile from Hijack This: Logfile of HijackThis v1.99.1 Scan saved at 1:09:45 AM, on 10/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\ibmpmsvc.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\QCONSVC.EXE C:\WINDOWS\System32\RegSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\tp4serv.exe C:\WINDOWS\system32\Sktempdm.exe C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe C:\Program Files\IBM\Messages By IBM\ibmmessages.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe C:\WINDOWS\system32\RunDll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\PROGRA~1\ThinkPad\CONNEC~1\QCWLIcon.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\IBMTOOLS\UTILS\ibmprc.exe C:\Program Files\Visualware Security Suite\tscore.exe C:\Program Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Spyware Doctor\swdoctor.exe C:\WINDOWS\system32\jview.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\IBM\LOCALS~1\Temp\Rar$EX00.774\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:1088 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: VIPTToolbarManager Class - {1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D} - C:\Program Files\Visualware Security Suite\VisualIPTraceIE.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O3 - Toolbar: Visual IP Trace - {E70C26AE-DFF1-40A8-8D37-19180F56F0AA} - C:\Program Files\Visualware Security Suite\VisualIPTraceIE.dll O4 - HKLM\..\Run: [Detect Kbd Daemon] SK2000DM.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [UC_Start] C:\IBMTools\Updater\ucstartup.exe O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [QCWLIcon] C:\PROGRA~1\ThinkPad\CONNEC~1\QCWLIcon.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe O4 - HKLM\..\Run: [Visualware Security Suite] "C:\Program Files\Visualware Security Suite\tscore.exe" -autostartup O4 - HKLM\..\Run: [ActiveTracker for Outlook Express] C:\Program Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe O4 - HKLM\..\Run: [firewall_anti] C:\WINDOWS\firewall_anti.exe O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /S O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe" O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\\PkgMgr.exe O9 - Extra button: FindNot PopNot - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\FindNot PopNot Full\FindNotPopNotFull.exe O9 - Extra 'Tools' menuitem: &FindNot PopNot - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\FindNot PopNot Full\FindNotPopNotFull.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Program Files\VCOM\Final Bid\finalbid.exe (HKCU) O9 - Extra 'Tools' menuitem: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Program Files\VCOM\Final Bid\finalbid.exe (HKCU) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cabO16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.com/58/EN/html/gtdownlr.cabO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/download/cult.cabO16 - DPF: {3F0EECCE-E138-11D1-8712-0060083D83F5} (LPViewer Class) - http://www.iseemedia.com/activex/LPControl.cabO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/10a0f60407356b5c9f02/netzip/RdxIE601.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123617428315O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123617915125O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-3.ibm.com/pc/support/access/aslibmain/content/IbmEgath.cabO16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cabO16 - DPF: {92D0D610-A6FA-48D8-94CB-BD47FDF68655} (Launcher Class) - http://app.ipop.co.kr/ipop/ipopx.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cabO16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cabO16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) - https://www-3.ibm.com/pc/support/access/aslibmain/content/AcpControl.cabO16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cabO20 - Winlogon Notify: QConGina - C:\WINDOWS\SYSTEM32\QConGina.dll O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe Would appreciate any help!!
Answer:

Hi again elena... There are two entries which reference files which are identified as definite viruses: O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe Troj/Netdeny-A trojan NOTE that there are TWO entries in your log. Both need removal. O4 - HKLM\..\Run: [firewall_anti] C:\WINDOWS\firewall_anti.exe TROJ_SUA.A Trojan There are other questionable entries, but they're not readily identifiable as threats. You'll need to go through those and see if you recognize the programs as belonging on your machine. Some, such as: - C:\WINDOWS\system32\PsaSrv.exe (file missing) ...show that the file required by the entry, to run the program, is missing, so removing this entry can't hurt. Others, such as: O4 - HKLM\..\Run: [ActiveTracker for Outlook Express] C:\Program Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe ...and... O4 - HKLM\..\Run: [Detect Kbd Daemon] SK2000DM.EXE ...seem like software you might have installed. They also stand up to a Google search as legitimate programs. If they're not familiar, feel free to check them for removal. Still others are ActiveX installations which can always be downloaded automatically by the programs which use them, so they're safe to delete: O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.com/58/EN/html/gtdownlr.cab O16 - DPF: {3F0EECCE-E138-11D1-8712-0060083D83F5} (LPViewer Class) - http://www.iseemedia.com/activex/LPControl.cab O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab O16 - DPF: {92D0D610-A6FA-48D8-94CB-BD47FDF68655} (Launcher Class) - http://app.ipop.co.kr/ipop/ipopx.cab O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) - https://www-3.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab Notice that some of the above come from reputable URLs, such as IBM.com and iseemedia.com, while others are less readily recognized, such as app.ipop.co.kr (sounds like a pop-up generator). I'd remove that last one, but you may choose to keep the others if you know the sites. There's also no indication that you are running any kind of antivirus software, hence the problem to begin with. Let me recommend AntiVir: http://www.free-av.com/ It's free, and not only scans your system or individual files as you decide, but also runs in the background and prevents hidden "drive-by" downloads which can occur simply by landing on a malicious webpage. You might also benefit by this previous answer of mine, on how to configure a "bulletproof" home system: http://answers.google.com/answers/threadview?id=568868 After you've used HijackThis (HJT) to remove the 2 viruses above, run another scan to see if they're gone for good, test out Windows Update, and post another log here if you have any remaining doubts. Please do not rate this answer until you are satisfied that the answer cannot be improved upon by way of a dialog established through the "Request for Clarification" process. sublime1-ga

elenafox-ga at Google Answers Visit the source

Was this solution helpful to you?

Related Q & A:

Why can't I update Windows or antivirus?Best solution by answers.microsoft.com
Can I update Windows XP from disk?Best solution by support.microsoft.com
Display Drivers...Windows Update?Best solution by Yahoo! Answers
What is the Command to Minimize Windows Maximize Windows switch Windows close Windows without using the mouse?Best solution by Yahoo! Answers
How to update windows messenger?Best solution by Answerbag.com

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.