1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

[Resolved] Live update

Discussion in 'Virus & Other Malware Removal' started by steamwiz, Oct 5, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. steamwiz

    steamwiz Thread Starter

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Tried to download the latest definitions - got this :-

    [​IMG]

    It hasn't lost it's internet connection and neither the ISP or network is down.

    It's on-line and everything else works

    Anyone any idea what could be causing it ?

    Tried exiting live update a dozen times, also tried rebooting

    steam
     

    Attached Files:

  2. BillC

    BillC

    Joined:
    May 28, 2003
    Messages:
    2,366
    I've never seen that popup before and I've used Norton for a long time. But if everything else is working as you say, then perhaps Norton got corrupt somehow? As you probably know, there are a bevy of viruses going around that attack security systems...you did't accidently step into one did you?
     
  3. steamwiz

    steamwiz Thread Starter

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Just tried it again - it connects to the site - 2 seconds later up pops the message.

    BillC

    On my way to Housecall - see what that says

    steam
     
  4. dai

    dai

    Joined:
    Mar 6, 2003
    Messages:
    11,198
    if you are using xp do a search for
    S32LUHL 1.dll and delete it
     
  5. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,196
    First Name:
    Derek
    post a hjt log I have a feeling you have a dns hijacker diverting norton update
     
  6. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
  7. steamwiz

    steamwiz Thread Starter

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Thanks for the replys guys

    dai

    win98 - 1st edition

    dvk01

    hijack log attached - but it looks clean to me

    Rollin' Rog

    I'll check out those links - haven't had time yet

    Housecall says I'm clean

    Before someone asks - Zonealarm is set to allow

    ---------
    Logfile of HijackThis v1.97.2
    Scan saved at 21:54:14, on 05/10/03
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
    C:\WINDOWS\SYSTEM\TABLET.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    C:\REGPROT\REGPROT.EXE
    C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\NOTEPAD.EXE
    C:\WINDOWS\NOTEPAD.EXE
    D:\NEW DOWNLOADS\HIJACKTHIS NEW\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Steam's Web Browser
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8088
    O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\NEWDOW~1\SPYBOT\SPYBOT~1\SPYBOT~1.1\SDHELPER.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [RegProt] c:\regprot\regprot.exe /start
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
    O4 - HKLM\..\RunServices: [Tablet] C:\WINDOWS\SYSTEM\Tablet.exe
    O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
    O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
    O8 - Extra context menu item: &Check Spelling - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLCHECK.HTM
    O8 - Extra context menu item: &ieSpell Options - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLOPTION.HTM
    O9 - Extra button: FlashGet (HKLM)
    O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
    O9 - Extra button: ICQ (HKLM)
    O9 - Extra 'Tools' menuitem: ICQ (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: ieSpell (HKLM)
    O9 - Extra 'Tools' menuitem: ieSpell (HKLM)
    O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM)
    O9 - Extra button: Wallpaper (HKLM)
    O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper (HKLM)
    O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://apple.speedera.net/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37898.4233912037
    O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab
    O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
    O16 - DPF: Yahoo! Sheepshead - http://download.games.yahoo.com/games/clients/y/dt0_x.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
    O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/games/clients/y/et0_x.cab
    O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/games/clients/y/yt1_x.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/games/clients/y/dtt1_x.cab
    O16 - DPF: Yahoo! Spelldown - http://download.games.yahoo.com/games/clients/y/sdt1_x.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/76808a0e7ae82f/housecall.antivirus.com/housecall/xscan53.cab
     
  8. steamwiz

    steamwiz Thread Starter

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Rog

    Followed your link - got this far :-

    [​IMG]

    next is

    5. Once you are connected to the server, log in by typing "anonymous" as the user name, and your email address as the password.

    so I type anonymous space email address and press enter

    and get this :-

    501 Syntax incorrect
    Login failed
    ftp>

    Am I doing something wrong or does this mean anything to you ?

    thanks

    steam
     

    Attached Files:

    • ftp.jpg
      ftp.jpg
      File size:
      54.5 KB
      Views:
      141
  9. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    That's as far as I could get too. I kept trying an email address and getting a password failed. At least it verifies you can establish a connection that far.

    Since you do have ZoneAlarm, have you tried disabling it completely to test?

    Has this always been present?

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8088

    Are you using any kind of proxy configuration? What exactly does that line accomplish since it appears to point to your local address?
     
  10. VirtualMe

    VirtualMe

    Joined:
    Sep 27, 2002
    Messages:
    867
  11. steamwiz

    steamwiz Thread Starter

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Rog

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8088

    This is set up because I have Mutiproxy installed on my computer

    I hardly ever use mutiproxy and these settings only come into effect when "use a proxy server for this connection" is ticked - which it isn't.

    This has been set up for years, as has live update, 4 years in fact, and it is only now that it has decided to be stubborn.

    So i guess we're at a dead-end unless some one can think of something.

    VirtualMe

    Everythings set up as per the link you posted - thanks
     
  12. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
  13. steamwiz

    steamwiz Thread Starter

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Success

    Rollin' Rog does it again :D

    I went to your link above Rog, downloaded the latest live update version, and wham bam .... definitions came rolling down the line.

    So I now have a working Liveupdate and the latest definitions

    Thanks to all who posted..... especially Rog, who's link had the answer :D

    steam

    Now if it had popped up the message "you need to update live update" instead of "your computer has lost it's internet connection" ?
     
  14. Alfie_UK

    Alfie_UK

    Joined:
    Mar 28, 2003
    Messages:
    1,182
    Hi Steam,
    I had the same problem a few weeks ago,and I had to download,Lusetup.exe file,I just wish Nortons would say it's time to update your AV.and not keep showing that bloody pop-up display box.Anyway glad,RR sorted it out for you (y)
     
  15. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Hey that's great. I just had to modify the search string a little to get that one to come up. You'd think they'd they'd point you to it as a possible solution in the error message all right.

    Still I give Symantec credit for having the best support site on the web. The answers are almost always there if you look hard enough.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/169651

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice