I am not able to download critical updates, I receive error code
0x80242FFF .  What's more, I am unable to click on any links for
Microsoft Support (just get "page cannot be displayed". I tried to
scan with Windows malicious Software Remover Tool but could not get it
to start either. My computer will not display Ebay, Yahoo, and certain
other pages properly (without pictures and extremely slow page loads).
 I have run Registry Mechanic, Spybot, Spyware Doctor and Adaware but
the problems are unsolved. The software location errors I fixed with
Registry Mechanic keep reappearing every time I scan.. Here is the
logfile from Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 1:09:45 AM, on 10/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\tp4serv.exe
C:\WINDOWS\system32\Sktempdm.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ThinkPad\CONNEC~1\QCWLIcon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\Program Files\Visualware Security Suite\tscore.exe
C:\Program Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\jview.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\IBM\LOCALS~1\Temp\Rar$EX00.774\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = socks=127.0.0.1:1088
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VIPTToolbarManager Class -
{1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D} - C:\Program Files\Visualware
Security Suite\VisualIPTraceIE.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
- C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor -
{B56A7D7D-6927-48C8-A975-17DF180C71AC} -
C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: Visual IP Trace - {E70C26AE-DFF1-40A8-8D37-19180F56F0AA}
- C:\Program Files\Visualware Security Suite\VisualIPTraceIE.dll
O4 - HKLM\..\Run: [Detect Kbd Daemon] SK2000DM.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI
Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [UC_Start] C:\IBMTools\Updater\ucstartup.exe
O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By
IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32
C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program
Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog
Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QCWLIcon] C:\PROGRA~1\ThinkPad\CONNEC~1\QCWLIcon.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program
Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [Visualware Security Suite] "C:\Program
Files\Visualware Security Suite\tscore.exe" -autostartup
O4 - HKLM\..\Run: [ActiveTracker for Outlook Express] C:\Program
Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe
O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKLM\..\Run: [firewall_anti] C:\WINDOWS\firewall_anti.exe
O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry
Mechanic\RegMech.exe /S
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By
IBM\ibmmessages.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware
Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe"
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Spyware Doctor -
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Software Installer -
{D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program
Files\ThinkPad\PkgMgr\\PkgMgr.exe
O9 - Extra button: FindNot PopNot -
{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\FindNot
PopNot Full\FindNotPopNotFull.exe
O9 - Extra 'Tools' menuitem: &FindNot PopNot -
{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\FindNot
PopNot Full\FindNotPopNotFull.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: Add bid - {866875B8-9855-48f8-BAAB-8002C325BE69} -
C:\Program Files\VCOM\Final Bid\finalbid.exe (HKCU)
O9 - Extra 'Tools' menuitem: Add bid -
{866875B8-9855-48f8-BAAB-8002C325BE69} - C:\Program Files\VCOM\Final
Bid\finalbid.exe (HKCU)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} -
http://inst.c-wss.com/58/EN/html/gtdownlr.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX
Player) - https://www.cult3d.com/download/cult.cab
O16 - DPF: {3F0EECCE-E138-11D1-8712-0060083D83F5} (LPViewer Class) -
http://www.iseemedia.com/activex/LPControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/10a0f60407356b5c9f02/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
- http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123617428315
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI
Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
- http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123617915125
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support)
- https://www-3.ibm.com/pc/support/access/aslibmain/content/IbmEgath.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) -
https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {92D0D610-A6FA-48D8-94CB-BD47FDF68655} (Launcher Class) -
http://app.ipop.co.kr/ipop/ipopx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm
Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) -
https://www-3.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O20 - Winlogon Notify: QConGina - C:\WINDOWS\SYSTEM32\QConGina.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O23 - Service: ACU Configuration Service (ACS) - Unknown owner -
C:\WINDOWS\System32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner -
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner -
C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner
- C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel
Corporation  - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service
(default)) - Analog Devices, Inc. - C:\Program Files\Analog
Devices\SoundMAX\SMAgent.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner -
C:\WINDOWS\system32\TpKmpSVC.exe

Would appreciate any help!!

Hi again elena...

There are two entries which reference files which are identified
as definite viruses:

O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\system32\winshost.exe
Troj/Netdeny-A trojan

NOTE that there are TWO entries in your log. Both need removal.

O4 - HKLM\..\Run: [firewall_anti] C:\WINDOWS\firewall_anti.exe
TROJ_SUA.A Trojan


There are other questionable entries, but they're not readily
identifiable as threats.

You'll need to go through those and see if you recognize the 
programs as belonging on your machine. 

Some, such as:
- C:\WINDOWS\system32\PsaSrv.exe (file missing)
...show that the file required by the entry, to run the program,
is missing, so removing this entry can't hurt.

Others, such as:
O4 - HKLM\..\Run: [ActiveTracker for Outlook Express] C:\Program 
Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe

...and...

O4 - HKLM\..\Run: [Detect Kbd Daemon] SK2000DM.EXE
...seem like software you might have installed. They also 
stand up to a Google search as legitimate programs. If they're
not familiar, feel free to check them for removal.

Still others are ActiveX installations which can always be
downloaded automatically by the programs which use them, so
they're safe to delete:

O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} -
http://inst.c-wss.com/58/EN/html/gtdownlr.cab

O16 - DPF: {3F0EECCE-E138-11D1-8712-0060083D83F5} (LPViewer Class) -
http://www.iseemedia.com/activex/LPControl.cab

O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) -
https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab

O16 - DPF: {92D0D610-A6FA-48D8-94CB-BD47FDF68655} (Launcher Class) -
http://app.ipop.co.kr/ipop/ipopx.cab

O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) -
https://www-3.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab


Notice that some of the above come from reputable URLs, such as
IBM.com and iseemedia.com, while others are less readily recognized,
such as app.ipop.co.kr (sounds like a pop-up generator). I'd remove
that last one, but you may choose to keep the others if you know the
sites.

There's also no indication that you are running any kind of antivirus
software, hence the problem to begin with. Let me recommend AntiVir:
http://www.free-av.com/

It's free, and not only scans your system or individual files as
you decide, but also runs in the background and prevents hidden
"drive-by" downloads which can occur simply by landing on a 
malicious webpage.


You might also benefit by this previous answer of mine, on how
to configure a "bulletproof" home system:
http://answers.google.com/answers/threadview?id=568868


After you've used HijackThis (HJT) to remove the 2 viruses
above, run another scan to see if they're gone for good,
test out Windows Update, and post another log here if you
have any remaining doubts.


Please do not rate this answer until you are satisfied that  
the answer cannot be improved upon by way of a dialog  
established through the "Request for Clarification" process. 

sublime1-ga

Another relevant and speedy answer from Sublime! 
My Windows Update is now working along with Yahoo and Ebay.

elena...

YaY! I'm very pleased that your system is responding as it should.
Thanks very much for the rating and the tip.

sublime1-ga