Knowledgebase

Portal Home > Knowledgebase > Articles Database > win2k3 server cannot view microsoft.com


win2k3 server cannot view microsoft.com




Posted by igrowyourbiz, 09-02-2009, 10:36 PM
for some reason, all of a sudden my new server will not view any microsoft.com site so now no updates work, and i can not download any software from ms (msn works fine, as well as every other website in the world...just nothing on microsoft.com) the only thing in my hosts file is 127.0.0.1 localhost and this is the report from windows update log: 2009-08-31 10:11:14-0700 320 37c CreateService for wuauserv succeeded 2009-08-31 10:16:17-0700 868 528 Service Main starts 2009-08-31 10:16:17-0700 868 528 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 10:16:17-0700 868 528 Service status is now SERVICE_RUNNING 2009-08-31 10:18:02-0700 812 4a0 Service Main starts 2009-08-31 10:18:02-0700 812 4a0 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 10:18:02-0700 812 4a0 Service status is now SERVICE_RUNNING 2009-08-31 10:18:13-0700 812 330 Service received connect notification 2009-08-31 10:18:14-0700 812 330 Service received logon notification 2009-08-31 10:18:47-0700 812 4a0 start delayed initialization of WU client 2009-08-31 10:18:47-0700 812 4a0 BatchFlushAge = 32389. 2009-08-31 10:18:47-0700 812 4a0 SamplingValue = 125, sampling required = Yes 2009-08-31 10:18:49-0700 812 4a0 Service 3DA21691-E39D-4DA6-8A4B-B43877BCB1B7 added 2009-08-31 10:18:50-0700 812 4a0 Service 9482F4B4-E343-43B6-B170-9A65BC822C77 added 2009-08-31 10:18:50-0700 812 4a0 Data store successfully created 2009-08-31 10:18:50-0700 812 4a0 Client Call Recorder finished delayed initialization 2009-08-31 10:18:50-0700 812 4a0 AU is not configured yet, generating timeout to launch setup wizard 2009-08-31 10:18:50-0700 812 4a0 AU finished delayed initialization 2009-08-31 10:20:03-0700 816 4a0 Service Main starts 2009-08-31 10:20:03-0700 816 4a0 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 10:20:03-0700 816 4a0 Service status is now SERVICE_RUNNING 2009-08-31 10:20:23-0700 816 334 Service received connect notification 2009-08-31 10:20:23-0700 816 334 Service received logon notification 2009-08-31 10:20:48-0700 816 4a0 start delayed initialization of WU client 2009-08-31 10:20:48-0700 816 4a0 BatchFlushAge = 32389. 2009-08-31 10:20:48-0700 816 4a0 SamplingValue = 125, sampling required = Yes 2009-08-31 10:20:49-0700 816 4a0 Client Call Recorder finished delayed initialization 2009-08-31 10:20:49-0700 816 4a0 AU is not configured yet, generating timeout to launch setup wizard 2009-08-31 10:20:49-0700 816 4a0 AU finished delayed initialization 2009-08-31 10:27:31-0700 816 4c4 Service Main starts 2009-08-31 10:27:31-0700 816 4c4 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 10:27:31-0700 816 4c4 Service status is now SERVICE_RUNNING 2009-08-31 10:28:16-0700 816 4c4 start delayed initialization of WU client 2009-08-31 10:28:16-0700 816 4c4 BatchFlushAge = 32389. 2009-08-31 10:28:16-0700 816 4c4 SamplingValue = 125, sampling required = Yes 2009-08-31 10:28:16-0700 816 4c4 Client Call Recorder finished delayed initialization 2009-08-31 10:28:16-0700 816 4c4 AU is not configured yet, generating timeout to launch setup wizard 2009-08-31 10:28:16-0700 816 4c4 AU finished delayed initialization 2009-08-31 11:02:53-0700 832 4e8 Service Main starts 2009-08-31 11:02:53-0700 832 4e8 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 11:02:53-0700 832 4e8 Service status is now SERVICE_RUNNING 2009-08-31 11:03:38-0700 832 4e8 start delayed initialization of WU client 2009-08-31 11:03:38-0700 832 4e8 BatchFlushAge = 32389. 2009-08-31 11:03:38-0700 832 4e8 SamplingValue = 125, sampling required = Yes 2009-08-31 11:03:39-0700 832 4e8 Client Call Recorder finished delayed initialization 2009-08-31 11:03:39-0700 832 4e8 AU is not configured yet, generating timeout to launch setup wizard 2009-08-31 11:03:39-0700 832 4e8 AU finished delayed initialization 2009-08-31 11:09:55-0700 824 4dc Service Main starts 2009-08-31 11:09:55-0700 824 4dc WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 11:09:55-0700 824 4dc Service status is now SERVICE_RUNNING 2009-08-31 11:10:39-0700 824 33c Service received connect notification 2009-08-31 11:10:40-0700 824 33c Service received logon notification 2009-08-31 11:10:40-0700 824 4dc start delayed initialization of WU client 2009-08-31 11:10:40-0700 824 4dc BatchFlushAge = 32389. 2009-08-31 11:10:40-0700 824 4dc SamplingValue = 125, sampling required = Yes 2009-08-31 11:10:41-0700 824 4dc Client Call Recorder finished delayed initialization 2009-08-31 11:10:41-0700 824 4dc AU is not configured yet, generating timeout to launch setup wizard 2009-08-31 11:10:41-0700 824 4dc AU finished delayed initialization 2009-08-31 11:18:37-0700 824 4dc Cleared the proxy cache. 2009-08-31 11:20:38-0700 1656 694 WUCheckForUpdatesAtShutdown failed, hr=8024A000 2009-08-31 11:20:42-0700 824 33c Service received logoff notification 2009-08-31 11:20:42-0700 824 4dc AU received event of type: 3 2009-08-31 11:20:42-0700 824 36c AU Restart required.... 2009-08-31 11:20:42-0700 824 4dc AU received event of type: 1 2009-08-31 11:20:42-0700 824 4dc AU is paused, not initializing any handlers 2009-08-31 11:20:42-0700 384 c8 WUAutoUpdateAtShutdown failed, hr=8024A000 2009-08-31 11:20:44-0700 824 33c Service received SERVICE_CONTROL_SHUTDOWN control 2009-08-31 11:20:44-0700 824 4dc Exiting Service Main 2009-08-31 11:20:44-0700 824 4dc WUAUENG ServiceMain exits. Exit code is 0x240001 2009-08-31 11:22:51-0700 792 4d4 Service Main starts 2009-08-31 11:22:51-0700 792 4d4 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 11:22:51-0700 792 4d4 Service status is now SERVICE_RUNNING 2009-08-31 11:23:12-0700 792 31c Service received SERVICE_CONTROL_STOP control 2009-08-31 11:23:12-0700 792 4d4 Exiting Service Main 2009-08-31 11:23:12-0700 792 4d4 WUAUENG ServiceMain exits. Exit code is 0x240001 2009-08-31 11:57:37-0700 792 1624 Service Main starts 2009-08-31 11:57:37-0700 792 1624 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 11:57:37-0700 792 1624 Service status is now SERVICE_RUNNING 2009-08-31 11:57:38-0700 792 500 BatchFlushAge = 32389. 2009-08-31 11:57:38-0700 792 500 SamplingValue = 125, sampling required = Yes 2009-08-31 11:57:38-0700 792 500 Client Call Recorder finished delayed initialization 2009-08-31 11:57:38-0700 792 500 AU is not configured yet, generating timeout to launch setup wizard 2009-08-31 11:57:38-0700 792 500 AU finished delayed initialization 2009-08-31 11:57:38-0700 792 500 Setting AU Approval Type to 4 2009-08-31 11:57:38-0700 792 500 Setting Install Schedule Day to 0 2009-08-31 11:57:38-0700 792 500 Setting Install Schedule Time to 3 2009-08-31 11:57:38-0700 792 500 AU Options changed through user preference. 2009-08-31 11:57:38-0700 792 500 AU Restart required.... 2009-08-31 11:57:38-0700 792 1624 AU received event of type: 1 2009-08-31 11:57:38-0700 792 1624 Setting next AU detection timeout to 2009-08-31 18:57:38 2009-08-31 11:57:38-0700 792 1624 Setting AU scheduled install time to 2009-09-01 10:00:00 2009-08-31 11:57:38-0700 792 1624 AU received event of type: 1 2009-08-31 11:57:38-0700 792 1624 WU client succeeds CClientCallRecorder::BeginFindUpdatesEx from AutomaticUpdates with call id {B31C770A-025C-40BF-B2D1-DB622238F749} 2009-08-31 11:57:38-0700 792 33c WU client executing call {B31C770A-025C-40BF-B2D1-DB622238F749} of type Search Call 2009-08-31 11:57:38-0700 792 33c Checking for different Redirector at: http://download.windowsupdate.com/ws...ir/wuredir.cab 2009-08-31 11:57:40-0700 792 33c WinHttpGetProxyForUrl failed with 0x80072f94. Continuing with NULL autoproxy list 2009-08-31 11:57:40-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:40-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:40-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:40-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:40-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:40-0700 792 33c DownloadFileInternal failed for http://download.windowsupdate.com/ws...r/wuredir.cab: error 0x80072ee7 2009-08-31 11:57:40-0700 792 33c Failed to download the Redirector cab on try 1: 0x80072ee7 2009-08-31 11:57:40-0700 792 33c Checking for different Redirector at: http://download.microsoft.com/ws03sp...ir/wuredir.cab 2009-08-31 11:57:43-0700 792 33c WinHttpGetProxyForUrl failed with 0x80072f94. Continuing with NULL autoproxy list 2009-08-31 11:57:43-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:43-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:43-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:43-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:43-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:43-0700 792 33c DownloadFileInternal failed for http://download.microsoft.com/ws03sp...r/wuredir.cab: error 0x80072ee7 2009-08-31 11:57:43-0700 792 33c Failed to download the Redirector cab on try 2: 0x80072ee7 2009-08-31 11:57:43-0700 792 33c Checking for different Redirector at: http://update.microsoft.com/ws03sp1/...ir/wuredir.cab 2009-08-31 11:57:45-0700 792 33c WinHttpGetProxyForUrl failed with 0x80072f94. Continuing with NULL autoproxy list 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c DownloadFileInternal failed for http://update.microsoft.com/ws03sp1/...r/wuredir.cab: error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Failed to download the Redirector cab on try 3: 0x80072ee7 2009-08-31 11:57:45-0700 792 33c GetWuidentUrlFromRedirector failed due to error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c IsUpdateRequired failed with error 0x8024402c 2009-08-31 11:57:45-0700 792 33c PT: Using serverID {9482F4B4-E343-43B6-B170-9A65BC822C77} 2009-08-31 11:57:45-0700 792 33c Checking for different Redirector at: http://download.windowsupdate.com/ws...ir/wuredir.cab 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c DownloadFileInternal failed for http://download.windowsupdate.com/ws...r/wuredir.cab: error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Failed to download the Redirector cab on try 1: 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Checking for different Redirector at: http://download.microsoft.com/ws03sp...ir/wuredir.cab 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c DownloadFileInternal failed for http://download.microsoft.com/ws03sp...r/wuredir.cab: error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Failed to download the Redirector cab on try 2: 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Checking for different Redirector at: http://update.microsoft.com/ws03sp1/...ir/wuredir.cab 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Send failed with hr = 80072ee7. 2009-08-31 11:57:45-0700 792 33c SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestUsingProxy failed for . error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: SendRequestToServerForFileInformation failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WinHttp: ShouldFileBeDownloaded failed with 0x80072ee7 2009-08-31 11:57:45-0700 792 33c DownloadFileInternal failed for http://update.microsoft.com/ws03sp1/...r/wuredir.cab: error 0x80072ee7 2009-08-31 11:57:45-0700 792 33c Failed to download the Redirector cab on try 3: 0x80072ee7 2009-08-31 11:57:45-0700 792 33c WU client failed Searching for update with error 0x8024402c 2009-08-31 11:57:45-0700 792 33c Search Callback Failed, hr is 0x8024402c 2009-08-31 11:57:45-0700 792 33c Setting next AU detection timeout to 2009-08-31 23:57:45 2009-08-31 11:57:45-0700 792 33c Setting AU scheduled install time to 2009-09-01 10:00:00 2009-08-31 11:57:45-0700 792 33c WU client calls back to search call AutomaticUpdates with code Call failed and error 0x8024402c 2009-08-31 11:57:45-0700 792 33c WU client completed and deleted call {B31C770A-025C-40BF-B2D1-DB622238F749} 2009-08-31 11:58:22-0700 792 1624 start delayed initialization of WU client 2009-08-31 12:08:40-0700 792 31c Service received connect notification 2009-08-31 12:08:40-0700 792 1624 AU received event of type: 3 2009-08-31 12:08:52-0700 792 31c Service received logon notification 2009-08-31 12:08:52-0700 792 1624 AU received event of type: 3 2009-08-31 12:58:51-0700 792 1624 Cleared the proxy cache. 2009-08-31 13:04:12-0700 3976 fc0 0 updates are ready to be installed at shutdown. 2009-08-31 13:04:16-0700 792 1180 AU Restart required.... 2009-08-31 13:04:16-0700 792 1624 AU received event of type: 1 2009-08-31 13:04:16-0700 792 1624 AU is paused, not initializing any handlers 2009-08-31 13:04:18-0700 792 31c Service received logoff notification 2009-08-31 13:04:20-0700 792 31c Service received SERVICE_CONTROL_SHUTDOWN control 2009-08-31 13:04:20-0700 792 1624 Exiting Service Main 2009-08-31 13:04:20-0700 792 1624 WUAUENG ServiceMain exits. Exit code is 0x240001 2009-08-31 13:05:15-0700 792 554 Service Main starts 2009-08-31 13:05:18-0700 792 554 WU client with version 5.7.3790.3959 successfully initialized 2009-08-31 13:05:18-0700 792 554 Service status is now SERVICE_RUNNING 2009-08-31 13:05:21-0700 792 31c Service received SERVICE_CONTROL_STOP control 2009-08-31 13:05:21-0700 792 554 Exiting Service Main 2009-08-31 13:05:21-0700 792 554 WUAUENG ServiceMain exits. Exit code is 0x240001 2009-09-02 15:34:38-0700 816 258 WUCheckForUpdatesAtShutdown failed, hr=8024000C 2009-09-02 15:34:53-0700 3984 1324 WUAutoUpdateAtShutdown failed, hr=8024000C 2009-09-02 15:34:55-0700 368 ef4 WUAutoUpdateAtShutdown failed, hr=8024000C
Posted by Softsys Hosting, 09-02-2009, 11:17 PM
Have you tried to run virus scan on your VPS? I have seen this happening on one of my friend's server earlier and it turned out to be a virus that was preventing from hitting MSFT website.
Posted by igrowyourbiz, 09-02-2009, 11:24 PM
no its a brand new 2 day old dedicated - i will try
Posted by vbgamer45, 09-02-2009, 11:30 PM
Probably got infected with something. Try to do windows updates. Next step try Windows Malicious Software Removal Tool do start run mrt.exe and hopefully that is installed. After that is run. Check under services and make sure windows updates is running.
Posted by igrowyourbiz, 09-02-2009, 11:57 PM
well i tried loading avg -- but that is blocked too what can i do to override this?
Posted by igrowyourbiz, 09-02-2009, 11:58 PM
windows update wont work because it cant see ms site i will try mrt
Posted by igrowyourbiz, 09-02-2009, 11:59 PM
mrt.exe not there, how can i install d/l it?
Posted by igrowyourbiz, 09-03-2009, 12:09 AM
so far following domains will not show microsoft.com avg.com antivirus.com
Posted by Softsys Hosting, 09-03-2009, 12:50 AM
Try 'Trojan Remover' from http://www.simplysup.com/ and see if it is able to detect any issues.
Posted by igrowyourbiz, 09-03-2009, 01:11 AM
C:\WINDOWS\system32\svchost.exe HKLM\SYSTEM\CurrentControlSet\Services\begzazm ImagePath loading entry is stealth, i told it to stop it ***** THE SYSTEM HAS BEEN RESTARTED ***** 9/3/2009 1:09:45 AM: Trojan Remover has been restarted %SystemRoot%\system32\svchost.exe -k netsvcs has been deleted (if it existed) ======================================================= Removing the following registry keys: HKLM\SYSTEM\CurrentControlSet\Services\begzazm - Ownership checked HKLM\SYSTEM\CurrentControlSet\Services\begzazm - already removed (or did not exist) ======================================================= Unable to rename %SystemRoot%\system32\svchost.exe to %SystemRoot%\system32\svchost.exe.vir (%SystemRoot%\system32\svchost.exe does not appear to exist) 9/3/2009 1:09:45 AM: Trojan Remover closed ************************************************************ ***** NORMAL SCAN FOR ACTIVE MALWARE ***** Trojan Remover Ver 6.8.1.2588. For information, email support@simplysup.com [Unregistered version] Scan started at: 1:05:25 AM 03 Sep 2009 Using Database v7385 Operating System: Windows Server 2003 Microsoft Windows Server 2003 (SP2) [Build: 5.2.3790] File System: NTFS UserData directory: C:\Documents and Settings\Administrator\Application Data\Simply Super Software\Trojan Remover\ Database directory: C:\Documents and Settings\All Users\Application Data\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Documents and Settings\Administrator\My Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files\Trojan Remover\ Running with Administrator privileges ************************************************************ ************************************************************ 1:05:25 AM: ----- SCANNING FOR ROOTKIT SERVICES ----- No hidden Services were detected. ************************************************************ 1:05:25 AM: Scanning -----WINDOWS REGISTRY----- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon This key's "Shell" value calls the following program(s): Key value: [Explorer.exe] File: Explorer.exe C:\WINDOWS\Explorer.exe 1053184 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation ---------- This key's "Userinit" value calls the following program(s): Key value: [C:\WINDOWS\system32\userinit.exe,] File: C:\WINDOWS\system32\userinit.exe C:\WINDOWS\system32\userinit.exe 26112 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation ---------- This key's "System" value appears to be blank ---------- This key's "UIHost" value calls the following program: Key value: [%SystemRoot%\system32\logonui.exe] File: C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\logonui.exe 516096 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation ---------- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Value Name: load -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: TrojanScanner Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot C:\Program Files\Trojan Remover\Trjscan.exe 1069448 bytes Created: 9/3/2009 1:04 AM Modified: 8/31/2009 5:27 PM Company: Simply Super Software -------------------- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry Key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run This Registry Key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce This Registry Key appears to be empty ************************************************************ 1:05:25 AM: Scanning -----SHELLEXECUTEHOOKS----- ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972} File: shell32.dll - this file is expected and has been left in place ---------- ************************************************************ 1:05:25 AM: Scanning -----HIDDEN REGISTRY ENTRIES----- Taskdir check completed ---------- No Hidden File-loading Registry Entries found ---------- ************************************************************ 1:05:26 AM: Scanning -----ACTIVE SCREENSAVER----- ScreenSaver: C:\WINDOWS\System32\logon.scr C:\WINDOWS\System32\logon.scr 509952 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- ************************************************************ 1:05:26 AM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----- ************************************************************ 1:05:26 AM: Scanning ----- SERVICEDLL REGISTRY KEYS ----- Key: HidServ %SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found) -------------------- Key: W3SVC Path: C:\WINDOWS\system32\inetsrv\iisw3adm.dll C:\WINDOWS\system32\inetsrv\iisw3adm.dll 216576 bytes Created: 8/31/2009 11:48 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- Key: WinHttpAutoProxySvc Path: winhttp.dll winhttp.dll - [file not found to scan] -------------------- ************************************************************ 1:05:27 AM: Scanning ----- SERVICES REGISTRY KEYS ----- Key: FETNDISB ImagePath: system32\DRIVERS\fetnd5b.sys C:\WINDOWS\system32\DRIVERS\fetnd5b.sys 42496 bytes Created: 4/15/2004 10:57 AM Modified: 4/15/2004 10:57 AM Company: VIA Technologies, Inc. ---------- Key: HTTPFilter ImagePath: C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\lsass.exe 13312 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation ---------- Key: IISADMIN ImagePath: C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe 14336 bytes Created: 8/31/2009 11:48 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation ---------- Key: IpInIp ImagePath: system32\DRIVERS\ipinip.sys - file is missing - alert is globally excluded ---------- Key: MailService ImagePath: "C:\Program Files\SmarterTools\SmarterMail\Service\MailService.exe" C:\Program Files\SmarterTools\SmarterMail\Service\MailService.exe 49152 bytes Created: 8/25/2008 3:47 PM Modified: 8/25/2008 3:47 PM Company: ---------- Key: MSFtpsvc ImagePath: %SystemRoot%\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe 14336 bytes Created: 8/31/2009 11:48 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation ---------- Key: MSSEARCH ImagePath: "C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe" C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe 73728 bytes Created: 9/2/2009 4:01 PM Modified: 7/12/2000 9:44 PM Company: Microsoft Corporation ---------- Key: MSSQL$SQL2008 ImagePath: "c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe" -sSQL2008 c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe 40999448 bytes Created: 8/11/2008 2:31 PM Modified: 8/11/2008 2:31 PM Company: Microsoft Corporation ---------- Key: MSSQLFDLauncher$SQL2008 ImagePath: "c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\fdlauncher.exe" -s MSSQL10.SQL2008 c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\fdlauncher.exe 31256 bytes Created: 7/10/2008 1:15 AM Modified: 7/10/2008 1:15 AM Company: Microsoft Corporation ---------- Key: MSSQLSERVER ImagePath: C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe 7442493 bytes Created: 9/2/2009 4:02 PM Modified: 8/6/2000 1:50 AM Company: Microsoft Corporation ---------- Key: MSSQLServerADHelper ImagePath: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe 73728 bytes Created: 9/2/2009 4:02 PM Modified: 5/3/2005 10:50 PM Company: Microsoft Corporation ---------- Key: MSSQLServerADHelper100 ImagePath: "c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 47128 bytes Created: 8/11/2008 2:31 PM Modified: 8/11/2008 2:31 PM Company: Microsoft Corporation ---------- Key: MSSQLServerOLAPService ImagePath: C:\Program Files\Microsoft Analysis Services\Bin\msmdsrv.exe C:\Program Files\Microsoft Analysis Services\Bin\msmdsrv.exe 1966080 bytes Created: 9/2/2009 4:05 PM Modified: 5/3/2005 11:47 PM Company: Microsoft Corporation ---------- Key: ReportServer$SQL2008 ImagePath: "c:\Program Files\Microsoft SQL Server2k8\MSRS10.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe" c:\Program Files\Microsoft SQL Server2k8\MSRS10.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe 1106968 bytes Created: 7/10/2008 2:22 AM Modified: 7/10/2008 2:22 AM Company: Microsoft Corporation ---------- Key: RsFx0102 ImagePath: system32\DRIVERS\RsFx0102.sys C:\WINDOWS\system32\DRIVERS\RsFx0102.sys 242712 bytes Created: 7/10/2008 2:49 AM Modified: 7/10/2008 2:49 AM Company: Microsoft Corporation ---------- Key: SMWebSvr ImagePath: "C:\Program Files\SmarterTools\SmarterMail\Web Server\SMWebSvr.exe" C:\Program Files\SmarterTools\SmarterMail\Web Server\SMWebSvr.exe 73728 bytes Created: 5/16/2007 10:12 AM Modified: 5/16/2007 10:12 AM Company: SmarterTools Inc ---------- Key: spupdsvc ImagePath: C:\WINDOWS\system32\spupdsvc.exe C:\WINDOWS\system32\spupdsvc.exe 26488 bytes Created: 9/3/2009 12:02 AM Modified: 11/30/2007 4:18 AM Company: Microsoft Corporation ---------- Key: SQLAgent$SQL2008 ImagePath: "c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\SQLAGENT.EXE" -i SQL2008 c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\SQLAGENT.EXE 369688 bytes Created: 8/11/2008 2:31 PM Modified: 8/11/2008 2:31 PM Company: Microsoft Corporation ---------- Key: SQLSERVERAGENT ImagePath: C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe 303170 bytes Created: 9/2/2009 4:02 PM Modified: 8/6/2000 1:50 AM Company: Microsoft Corporation ---------- ************************************************************ 1:05:33 AM: Scanning -----VXD ENTRIES----- ************************************************************ 1:05:33 AM: Scanning ----- WINLOGON\NOTIFY DLLS ----- ************************************************************ 1:05:33 AM: Scanning ----- CONTEXTMENUHANDLERS ----- ************************************************************ 1:05:33 AM: Scanning ----- FOLDER\COLUMNHANDLERS ----- ************************************************************ 1:05:33 AM: Scanning ----- BROWSER HELPER OBJECTS ----- No Browser Helper Objects found to scan ************************************************************ 1:05:33 AM: Scanning ----- SHELLSERVICEOBJECTS ----- ************************************************************ 1:05:33 AM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----- ************************************************************ 1:05:33 AM: Scanning ----- IMAGEFILE DEBUGGERS ----- No "Debugger" entries found. ************************************************************ 1:05:33 AM: Scanning ----- APPINIT_DLLS ----- The AppInit_DLLs value is blank or does not exist ************************************************************ 1:05:33 AM: Scanning ----- SECURITY PROVIDER DLLS ----- ************************************************************ 1:05:33 AM: Scanning ------ COMMON STARTUP GROUP ------ [C:\Documents and Settings\All Users\Start Menu\Programs\Startup] The Common Startup Group attempts to load the following file(s) at boot time: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini -HS- 84 bytes Created: 8/31/2009 1:09 AM Modified: 8/31/2009 10:12 AM Company: [no info] -------------------- Service Manager.lnk - links to C:\PROGRA~1\MICROS~1\80\Tools\Binn\sqlmangr.exe C:\PROGRA~1\MICROS~1\80\Tools\Binn\sqlmangr.exe 69632 bytes Created: 9/2/2009 4:02 PM Modified: 8/6/2000 1:03 AM Company: Microsoft Corporation -------------------- ************************************************************ 1:05:34 AM: Scanning ------ USER STARTUP GROUPS ------ -------------------- Checking Startup Group for: Administrator [C:\Documents and Settings\Administrator\START MENU\PROGRAMS\STARTUP] The Startup Group for Administrator attempts to load the following file(s): C:\Documents and Settings\Administrator\START MENU\PROGRAMS\STARTUP\desktop.ini -HS- 84 bytes Created: 8/31/2009 10:18 AM Modified: 8/31/2009 10:12 AM Company: [no info] ---------- -------------------- Checking Startup Group for: igyb [C:\Documents and Settings\igyb\START MENU\PROGRAMS\STARTUP] The Startup Group for igyb attempts to load the following file(s): C:\Documents and Settings\igyb\START MENU\PROGRAMS\STARTUP\desktop.ini -HS- 84 bytes Created: 9/3/2009 12:59 AM Modified: 8/31/2009 10:12 AM Company: [no info] ---------- -------------------- Checking Startup Group for: will [C:\Documents and Settings\will\START MENU\PROGRAMS\STARTUP] The Startup Group for will attempts to load the following file(s): C:\Documents and Settings\will\START MENU\PROGRAMS\STARTUP\desktop.ini -HS- 84 bytes Created: 8/31/2009 12:08 PM Modified: 8/31/2009 10:12 AM Company: [no info] ---------- ************************************************************ 1:05:34 AM: Scanning ----- SCHEDULED TASKS ----- No Scheduled Tasks found to scan ************************************************************ 1:05:34 AM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----- ************************************************************ 1:05:34 AM: Scanning ----- DEVICE DRIVER ENTRIES ----- ************************************************************ 1:05:34 AM: ----- ADDITIONAL CHECKS ----- PE386 rootkit checks completed ---------- Hidden or inaccessible Services entry: [begzazm] ImagePath: %SystemRoot%\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe 14848 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation Entry has been scheduled for deletion when the PC is restarted [delete file error: %SystemRoot%\system32\svchost.exe -k netsvcs, The system cannot find the path specified. ] %SystemRoot%\system32\svchost.exe -k netsvcs - file could not be erased using RAW erasure %SystemRoot%\system32\svchost.exe - process is either not running or could not be terminated %SystemRoot%\system32\svchost.exe -k netsvcs - marked for renaming when the PC is restarted ---------- Winlogon registry rootkit checks completed ---------- Heuristic checks for hidden files/drivers completed ---------- Layered Service Provider entries checks completed ---------- Windows Explorer Policies checks completed ---------- Desktop Wallpaper entry is blank ---------- Web Desktop Wallpaper entry is blank ---------- DNS Server information: Interface: VIA Rhine II Fast Ethernet Adapter NameServers: 4.2.2.1,4.2.2.2 Checks for rogue DNS NameServers completed ---------- The Windows Update service is disabled [Service set to DISABLED] Additional checks completed ************************************************************ 1:07:08 AM: Scanning ----- RUNNING PROCESSES ----- C:\WINDOWS\System32\smss.exe 53760 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\csrss.exe 4096 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\winlogon.exe 528384 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\services.exe 111104 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\lsass.exe - file already scanned -------------------- C:\WINDOWS\system32\svchost.exe 14848 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\svchost.exe - file already scanned -------------------- C:\WINDOWS\system32\svchost.exe - file already scanned -------------------- C:\WINDOWS\system32\svchost.exe - file already scanned -------------------- C:\WINDOWS\System32\svchost.exe - file already scanned -------------------- C:\WINDOWS\system32\spoolsv.exe 57856 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\msdtc.exe 6144 bytes Created: 8/31/2009 10:08 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\cisvc.exe 6656 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 69632 bytes Created: 7/25/2008 11:17 AM Modified: 7/25/2008 11:17 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\System32\dns.exe 443392 bytes Created: 8/31/2009 11:53 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\inetsrv\inetinfo.exe - file already scanned -------------------- C:\Program Files\SmarterTools\SmarterMail\Service\MailService.exe - file already scanned -------------------- C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe - file already scanned -------------------- C:\Program Files\Microsoft Analysis Services\Bin\msmdsrv.exe - file already scanned -------------------- C:\WINDOWS\system32\svchost.exe - file already scanned -------------------- C:\Program Files\SmarterTools\SmarterMail\Web Server\SMWebSvr.exe - file already scanned -------------------- C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe - file already scanned -------------------- C:\WINDOWS\System32\svchost.exe - file already scanned -------------------- C:\WINDOWS\System32\svchost.exe - file already scanned -------------------- C:\Program Files\SmarterTools\SmarterMail\Service\SpamAssassin\spamd.exe 5316670 bytes Created: 12/25/2006 3:39 PM Modified: 12/25/2006 3:39 PM Company: -------------------- C:\Program Files\SmarterTools\SmarterMail\Service\Clam\bin\clamd.exe 53248 bytes Created: 4/16/2008 9:21 PM Modified: 4/16/2008 9:21 PM Company: [no info] -------------------- C:\WINDOWS\System32\svchost.exe - file already scanned -------------------- C:\WINDOWS\system32\wbem\wmiprvse.exe 207872 bytes Created: 8/31/2009 10:08 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\csrss.exe - file already scanned -------------------- C:\WINDOWS\system32\winlogon.exe - file already scanned -------------------- C:\WINDOWS\system32\rdpclip.exe 69632 bytes Created: 8/31/2009 10:08 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\Explorer.EXE - file already scanned -------------------- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe 69632 bytes Created: 9/2/2009 4:02 PM Modified: 8/6/2000 1:03 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\oobechk.exe 10240 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\mshta.exe 30720 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- c:\windows\system32\inetsrv\w3wp.exe 7168 bytes Created: 8/31/2009 11:48 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\Documents and Settings\Administrator\Desktop\proggies and patches\SQLEXPRADV_x86_ENU.exe 527112528 bytes Created: 9/2/2009 11:29 PM Modified: 9/2/2009 11:29 PM Company: Microsoft Corporation -------------------- c:\87f259130cc277fce731af53f19fd6e2\setup.exe 106512 bytes Created: 8/11/2008 2:28 PM Modified: 8/11/2008 2:28 PM Company: Microsoft Corporation -------------------- c:\87f259130cc277fce731af53f19fd6e2\x86\setup100.exe 66584 bytes Created: 8/11/2008 2:31 PM Modified: 8/11/2008 2:31 PM Company: Microsoft Corporation -------------------- c:\87f259130cc277fce731af53f19fd6e2\x86\LandingPage.exe 427032 bytes Created: 8/11/2008 2:31 PM Modified: 8/11/2008 2:31 PM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\cidaemon.exe 9728 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\cidaemon.exe - file already scanned -------------------- C:\WINDOWS\system32\cidaemon.exe - file already scanned -------------------- C:\WINDOWS\system32\logon.scr 509952 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\WINDOWS\system32\NOTEPAD.EXE 68608 bytes Created: 2/18/2007 5:00 AM Modified: 2/18/2007 5:00 AM Company: Microsoft Corporation -------------------- C:\Program Files\Mozilla Firefox\firefox.exe 908280 bytes Created: 9/2/2009 6:22 PM Modified: 7/30/2009 4:26 AM Company: Mozilla Corporation -------------------- C:\WINDOWS\system32\wbem\wmiprvse.exe - file already scanned -------------------- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 46104 bytes Created: 7/29/2008 9:10 PM Modified: 7/29/2008 9:10 PM Company: Microsoft Corporation -------------------- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 258072 bytes Created: 7/10/2008 2:49 AM Modified: 7/10/2008 2:49 AM Company: Microsoft Corporation -------------------- c:\Program Files\Microsoft SQL Server2k8\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe - file already scanned -------------------- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 98840 bytes Created: 7/10/2008 2:49 AM Modified: 7/10/2008 2:49 AM Company: Microsoft Corporation -------------------- C:\Documents and Settings\Administrator\Application Data\Simply Super Software\Trojan Remover\vnn2E3.exe FileSize: 3093368 [This is a Trojan Remover component] -------------------- ************************************************************ 1:07:30 AM: Checking HOSTS file No malicious entries were found in the HOSTS file ************************************************************ ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------ HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page": http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page": %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page": http://www.microsoft.com/isapi/redir...ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": http://www.microsoft.com/isapi/redir...r=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL": http://www.microsoft.com/isapi/redir...ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch": http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant": http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page": res://shdoclc.dll/hardAdmin.htm HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\WINDOWS\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page": http://www.microsoft.com/isapi/redir...ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": res://shdoclc.dll/hardAdmin.htm ************************************************************ === CHANGES WERE MADE TO THE WINDOWS REGISTRY === Scan completed at: 1:07:30 AM 03 Sep 2009 Total Scan time: 00:02:04 ------------------------------------------------------------------------- One or more files could not be moved or renamed as requested. They may be in use by Windows, so Trojan Remover needs to restart the system in order to deal with these files. 9/3/2009 1:07:44 AM: restart commenced ************************************************************
Posted by igrowyourbiz, 09-03-2009, 01:16 AM
didnt fix problem though


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
exit signal Bus error (7) (Views: 695)
Database Server - SCSI/Raptor Question (Views: 692)
Integration with vBulletin ??? (Views: 692)
Cobaltrack.com (Views: 671)
Problem with E6700, 2gb of ram server (Views: 669)

Language: