Forum Home
Press F1
Thread ID: 95048	2008-11-22 09:58:00	VISTA Error Help Wanted	blanco (11336)	Press F1

Post ID	Timestamp	Content	User
722033	2008-11-22 09:58:00	Can anybody suggest a remedy for this problem ? I am using VISTA Home Premium and and have it configured to search daily for Windows Updates. For the past few weeks this has failed to contact the Server for updates and a manual search results in an error code : 80244019. One update from the most previous server contact, 6th,November is waiting for instal but if I try to instal I get another error code : 8024402C. Another problem which appeared at the same time and may be related to the above is a failure in the Backup / Restore feature which is throwing up an error code : 0x8007002 (missing file). My LAN settings in Internet Explorer have always been and remain set to "Automatically Detect Settings". I am the sole USER on this PC. Everything seems to be operating O.K. apart from the problems mentioned. The only recent change I have made was the install of a 2nd Browser (Firefox 3). I am running this along with Internet Explorer (default browser). Any suggestions would be most welcome. blanco.	blanco (11336)
722034	2008-11-22 10:26:00	have a read through This Vista Forum (www.vistax64.com) esp page 2 - it mentions the cause could be a virus or spyware, esp Zlob. What AV do you currently use ?? Download from my sig both Malwarebytes and Spybot S&D install and update then in Malwarebytes run a FULL scan, and a scan with Spybot - these two combined will remove Zlob and most other spyware, may as well get spyware terminator as well , install and run a full scan, remove any thing they find. If after running those programs,you still have problems download Hijackthis (www.spychecker.com) do a scan, and save a log - copy/paste the complete log back here, someone will advice any further actions.	wainuitech (129)
722035	2008-11-22 11:49:00	Wainiutech, Thanks for qick response. My active protector is currently AVG but I also have run scans using A Squared, Avira, Malwarebytes, Norton, Spybot, Spyware Doctor, Spyware Terminator, Spyware Blaster,Trojan Remover, Rogue Remover, and Threat Expert. All of these Progs are kept updated but only used for scans when needed. Non of these have picked up malware. Microsoft help sugests checking any Proxy Server settings which I am not using. Another forum Sugests a problem with User Profiles ? I have completely cleaned up using Ccleaner, Regcure, Registry Mechanic and Ashampoo Optimizer. The problem remains Blanco	blanco (11336)
722036	2008-11-22 21:01:00	Try this - go into the control panel, turn off the firewall if using the windows inbuilt. What is the Norton you have installed ?? you cant have two AV's on the same PC they will conflict, remove all norton products, seen it happen lots that Norton blocks certain functions. You may need the Norton Removal tool (service1.symantec.com) to remove all traces. Also do you have SP1 installed ?? Post back a hijack log as well. Also check you internet setting, make sure proxy settings have not been enabled someplace. Theres a bug going around at the moment that does exactly that, and it blocks the internet / updates, also remove FF3 if the problems stated after that was installed.	wainuitech (129)
722037	2008-11-22 22:34:00	Thanks, Wainuitech. I appear to have 2 threads running on this subject, Sorry for any confusion-I posted the HJT log in the wrong place. I only ever have one AV guard running and only use the scan tool of the others if needed. AVG is ON currently. Yes, Vista SP1 was installed when released by MS - No problems. I have checked the Proxy Setting which has always been and remains on Auto Detect. Here is the HJT log :- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:39:46, on 22/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SYSTEM32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\CyberLink\Shared files\brs.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Webshots\Webshots.scr C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\ Yahoo! \Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: & Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\ Yahoo! \Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\ExPLabs.com\LinkScanner\LinkScannerIE.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\ Yahoo! \Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file) O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCRtim e.dll,_RunDLLEntry@16 O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (User 'Default user') O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: %BRAND Smileys - {16FE352D-F643-4A81-BC61-2C051F3A757D} - (no file) O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: %BRAND eCards - {82E2B317-7C9C-4F12-B920-AC37D928CD43} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\program files\explabs.com\linkscanner\wrnetdrv.dll O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - apps.corel.com O17 - HKLM\System\CCS\Services\Tcpip\..\{8B3EF68D-9358-4930-B5B3-1097CAD71E64}: NameServer = 85.255.112.145;85.255.112.150 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.e xe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 12543 bytes	blanco (11336)
722038	2008-11-22 22:46:00	No Worries about the two threads, I was just inspecting the Log files ( Ta!) and noticed Pancake put the answer in The other thread (pressf1.pcworld.co.nz). It appears You do have a Trojan that changes the DNS. Follow pancakes suggestion in that other thread and you should be fixed.	wainuitech (129)
1