After Effects Of Nt_kernel Error 1256

farbar

Please do this also:

Run hijackthis.click "Do a system scan only", check the item close all windows including this one and click on fix checked.

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - {8F303C95-540F-4FEC-A4CB-00D497AAEEAC} - C:\WINDOWS\system32\pmnlj.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

Note: Take a look at my last three post (exclusive this one).

Darcy Chiasson

Thx, I've done some of those steps, but I'll do them all in order, and get back to you about them all once I'm done.

farbar

Sorry this one you can just copy and paste into the run box. I hope it is not too late.

cmd /c netsh winsock reset catalog

In the command window it is: netsh winsock reset catalog

Darcy Chiasson

1. There is a physical connection. I see the 2 little computer screens in the tray connecting, and blinking.

2. Did it. It had all 0 across board one the result box.

3. Disabled the weird connection.

4. All worked but the renew, still the same problem.

5. Couldn't get all the #. I type ipconfig /all in the run box, and comand prompt opened for like a quarter of a sec, and close, and nothing happened.

You got rid of the red X, awsome!

I scaned with hijackthis. And only the last item (o3) was actually there, I'll send the log now.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 6:51:06 PM, on 14/02/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Digital Media Reader\readericon45G.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe

C:\Program Files\Creative\Fatal1ty 1010 Mouse\CTPoint.exe

C:\Program Files\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Network Associates\VirusScan\Mcshield.exe

C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\Documents and Settings\Owner.CHIASSON\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...P&M=GT5082H

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1033

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll

O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe

O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AtariBanner] "c:\darcy and clayton zone\atari\Volume 2\Banner.exe" /0

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"

O4 - HKLM\..\Run: [Creative Fatal1ty 1010 Mouse] C:\Program Files\Creative\Fatal1ty 1010 Mouse\CTPoint.exe

O4 - HKLM\..\Run: [CreativeMS2020] C:\Program Files\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1172525521609

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

O23 - Service: P###ec (P###ESVC) - Sysinternals - C:\WINDOWS\P###ESVC.EXE

O23 - Service: Stedman Service - Unknown owner - C:\Program Files\Common Files\Primal Pictures Shared\Service\Stedman Service File.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--

End of file - 7845 bytes

ok, thx.

farbar

5. Couldn't get all the #. I type ipconfig /all in the run box, and comand prompt opened for like a quarter of a sec, and close, and nothing happened.

Ok then try this: start-run-type cmd-ok- in the command window type: ipconfig /all

farbar

Check this also to make sure:

Internet options-connections-LAN settings- all 3 options should be unchecked (specially "use a proxy server for your LAN").

I suppose you have done this, if not please do that.

Darcy Chiasson

Ok, I got the static on this laptop.

I set it to the other computer, and doubled check a few times. I included the IP the subnet masks, the gateway, and both DNS servers. I get this though: The combination of IP address and subnet mask is invalid. All of the bits in the host address portion of the IP address are set to one. Please enter a valid combination of IP address and subnet mask.

So I tried NOT adding one to the last digit, still didn't work. I noticed the default gateway and the IP address were the same, so I tryed adding one to the gateway too, (so they'd be the same #) but that didn't work.

So thats where I am right now.

I checked and the 3 checkboxes are unchecked.

Thx

farbar

I sent you a PM.

Darcy Chiasson

Hey, alright, so my problem now is: My internet connecting still says: device missing, and if I double click on it, and there's no way for me to connect to it. (if I double click it brings me to properties, and if I right click, there's no way I can enable) But if I open firefox, the connection screen pops up, and I connect.

I tryed deleting that connection, tryed the internet, didn't work. I made an other connection, worked again.

And when I'm connected, the "divice missing" goes away.

So I CAN connect, but it's still weird.

One more thing, my father can't send any e-mails with his Microsoft outlook.

So that's it. I did a bit defender scan, and found some Trojan vundo. I coudln't get rid of some of them, here I'll give you the log:

//-----------------------------------------------------------------

//

// Product BitDefender Free Edition v10

// Product 10.2

//

// Created on: 19/02/2008 16:58:47

//

//-----------------------------------------------------------------

Virus Statistics

Scan path : C:\

\

Folders : 11215

Files : 415983

Memory processes scanned : 56

Archives : 9863

Runtime packers : 23517

Identified viruses : 10

Infected files : 19

Memory processes infected : 0

Suspect files : 0

Warnings : 0

Disinfected files : 2

Deleted files : 4

Moved files : 1

I/O errors : 30

Scan time : 01:14:51

Scan speed (files/sec) : 92

Spyware Statistics

Registry keys scanned : 425

Registry keys infected : 0

Cookies scanned : 19

Cookies infected : 0

Spyware files infected : 0

Spyware threats detected : 0

Virus definitions : 982000

Scan plugins : 16

Archive plugins : 41

Unpack plugins : 7

Mail plugins : 6

System plugins : 5

Virus scan options

Detection

[X] Scan boot sectors

[X] Memory Processes

[X] Scan archives

[X] Scan runtime packers

[X] Scan email

File mask

[ ] Programs

[X] All files

[ ] User defined extensions:

[ ] Exclude extensions: ;

Action

Infected objects

[ ] Ignore

[X] Disinfect

[ ] Delete

[ ] Move to quarantine

[ ] Prompt user

Second action

[ ] Ignore

[ ] Delete

[X] Move to quarantine

[ ] Prompt user

Virus scan options

[X] Enable warnings

[X] Enable heuristics

[ ] Show all files in log

[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1203454727.log

Spyware scan options

[X] Scan for riskware

[ ] Skip dial and applications from scan

[X] Registry keys

[X] Cookies

Summary:

C:\QooBox\Quarantine\C\WINDOWS\system32\gkuxwomq.dll.vir Infected: Trojan.Vundo.Gen.2

C:\QooBox\Quarantine\C\WINDOWS\system32\gkuxwomq.dll.vir Disinfection failed

C:\QooBox\Quarantine\C\WINDOWS\system32\gkuxwomq.dll.vir Moved

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>keygen.exe Infected: Trojan.Downloader.Harnig.ZC

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>keygen.exe Disinfection failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>keygen.exe Move failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>crack.exe Infected: Trojan.Vundo.Gen.2

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>crack.exe Disinfection failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>crack.exe Move failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>serial.exe Infected: Trojan.Mezzia.CY

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>serial.exe Disinfection failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>serial.exe Move failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>install.exe Infected: Win32.Virtob.8.Gen

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>install.exe Disinfected

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>install.exe Infected: DeepScan:Generic.Virtob.1.D757B307

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>install.exe Disinfection failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o)=>install.exe Move failed

C:\QUARANTINE\A0024610.exe.Vir=>(RAR Sfx o) Archive repacking has failed (marked actions not taken)

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>keygen.exe Infected: Trojan.Downloader.Harnig.ZC

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>keygen.exe Disinfection failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>keygen.exe Move failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>crack.exe Infected: Trojan.Vundo.Gen.2

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>crack.exe Disinfection failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>crack.exe Move failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>serial.exe Infected: Trojan.Mezzia.CY

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>serial.exe Disinfection failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>serial.exe Move failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>install.exe Infected: Win32.Virtob.8.Gen

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>install.exe Disinfected

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>install.exe Infected: DeepScan:Generic.Virtob.1.D757B307

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>install.exe Disinfection failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o)=>install.exe Move failed

C:\QUARANTINE\acdsee.exe.Vir=>(RAR Sfx o) Archive repacking has failed (marked actions not taken)

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>axdlplug.dll Detected: Application.Adware.Bundler.NetPumper

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>axdlplug.dll Disinfection failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>axdlplug.dll Move failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>buddy.exe Infected: Trojan.FatObfus.Gen

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>buddy.exe Disinfection failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>buddy.exe Move failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>setup2.exe Detected: Adware.Plugindl.E

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o)=>setup2.exe Deleted

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup.exe.Vir=>(RAR Sfx o) Archive repacking has failed (marked actions not taken)

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>axdlplug.dll Detected: Application.Adware.Bundler.NetPumper

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>axdlplug.dll Disinfection failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>axdlplug.dll Move failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>buddy.exe Infected: Trojan.FatObfus.Gen

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>buddy.exe Disinfection failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>buddy.exe Move failed

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>setup2.exe Detected: Adware.Plugindl.E

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o)=>setup2.exe Deleted

C:\QUARANTINE\axdlplug-1.5.0.0-0281-setup[1].exe.Vir=>(RAR Sfx o) Archive repacking has failed (marked actions not taken)

C:\QUARANTINE\foto-049-JPEG.zip.Vir=>image-818.jpeg_darcychiasson@msn.com Infected: Trojan.Agent.AGCF

C:\QUARANTINE\foto-049-JPEG.zip.Vir=>image-818.jpeg_darcychiasson@msn.com Deleted

C:\QUARANTINE\foto-049-JPEG.zip.Vir Archive repacking successfully completed (actions successfully applied)

C:\QUARANTINE\picturea792.zip.Vir=>foto_860.JPEG_darcychiasson@msn.com Infected: Trojan.Agent.AGEA

C:\QUARANTINE\picturea792.zip.Vir=>foto_860.JPEG_darcychiasson@msn.com Deleted

C:\QUARANTINE\picturea792.zip.Vir Archive repacking successfully completed (actions successfully applied)

farbar

About the Vundo: They are the removed files in the combofix Backup and other backups and quarantine.

1.Go to Start-run-type combofix /u it uninstalls combofix and removes the backup. In case you face any problem remove combofix and C:\QooBox.

Remove All the used tools and the folder C:\QUARANTINE

2.Now that you have connection I recommend you a couple of security tools missing on your system:

• a firewall, there are good (free) firewalls, Sygate, Zonealarm and comodo
• antimalware and spyware:1- Spybot Search &Destroy, install it (you don't need immunization an tea timer) . just use it as a on demand scanner. Update it, run it and let remove what it finds.
• antispyware and malware:2-AVG antispyware free version. Install it, update it, run a complete system scan and remove what it finds.
• after doing all that make again a clean system restore.
• I recommend you upgrade to IE 7, it has a much better interface, functionality and security

And please explain the connection problem clearly as I could not understood it fully.

About the outlook: Does your father receives emails but can not sends emails?.

farbar

About the Vundo: They are the removed files in the combofix Backup and other backups and quarantine.

Remove All the used tools and the folder C:\QUARANTINE

edit:remove all the used tools and the inhoud of the folder C:\QUARANTINE

farbar

edit2:remove all the used tools and empty the folder C:\QUARANTINE

Darcy Chiasson

OK, What happends is if I go to see my connections, in control panel, there's an X on the connection I use, and it says deivce missing. Like it always did.

But when I open Fire Fox, the connection screen pops up and asks if I want to connect. That's the only way I can connect, I can't double click on my connection and connect that way.

As for the other steps you want me to do, I'm not on my computer now, so I'll get back to you.

And I already reinstalled Spy Bot since my internet is working again, I've alwaysed used it. ANd I found a pile of crap. I think I'm going to BUY a firewall, well my dad is, he makes more money that I do. And it's technicly his computer. I have McAfee virus scan, that I can update when I want, I just hadn't updated it in a week or more so when the virus hit. But should I still download AVG. I used to use it, until I got McAfee.

I have to go

farbar

I am going to think about the connection issue. Something is still wrong and should be fixed.

Please give me more feedback on the Outlook problem.

About AVG, I mean the antispyware and not the antivirus. So when you don't use the real time protection it gives you extra option to remove malware without changing your AV for the time being (even if that is not my choice). Spybot is a good thing for old infections but it is not enough these days. When you installed it and run a complete scan let it remove what it finds and give me feedback.

Darcy Chiasson

1. I got rid of the quarantine folders. haha... I can't believe I didn't notice the path was in the QUARANTINE folder.

2. Like I said, I think I'm getting a firewall, but I think I might download one until then.

I used spybot, I had 27 problems... I couldn't any log file. But I checked, and there was no virtumonde... which I hear was a name of the vundo I had. No sure how true that is. I sucessfully got rid of them all.

I used the AVG and here:

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

+ Created at: 10:07:12 PM 20/02/2008

+ Scan result:

C:\Program Files\installer-675-19-Ares-Lite-Edition-English.exe -> Backdoor.Agent.duj : Cleaned with backup (quarantined).

:mozilla.154:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.179:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.218:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.45:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.46:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.47:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.52:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.53:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.54:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.55:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.66:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.

:mozilla.234:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.

:mozilla.275:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Etracker : Cleaned.

:mozilla.277:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.278:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.279:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.7:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.

:mozilla.157:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.158:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.163:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.164:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.165:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.166:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.167:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.168:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.235:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.287:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Safer-networking : Cleaned.

:mozilla.173:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.174:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.175:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.176:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.177:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.178:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.68:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.37:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.38:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.39:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.40:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.41:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.215:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.248:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.

:mozilla.228:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.229:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.230:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.231:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.232:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.233:C:\Documents and Settings\Owner.CHIASSON\Application Data\Mozilla\Firefox\Profiles\ezzxc4al.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end

Should I change from FireFox to IE 7. Or should I stick with FireFox. (I'll still download IE7 cause I used it occasionally) I hear FireFox is the safest though.

Outlook: Ok... I just checked myself, and his outlook works. I don't know, maybe he was doing something wrong, or maybe the scans fixed it.

I can't believe I failed to bring up that my DVD/CD drive doesn't work. It's not in My computer. It's there in my device manager, and some techy friend tried his portable drive, and it didn't work either.

ok thats it I think

Darcy Chiasson

Oh, and I tried downloading my P2P again. I use ares lite. The download and install works, I can start it, but when it starts scanning my library, it freezes and doesn't respond. I tried a few different sites and mirrors. Do you think it's related to all the other problems, I never had this problems with it.

farbar

OK, What happends is if I go to see my connections, in control panel, there's an X on the connection I use, and it says deivce missing. Like it always did.

Virtumonde is indeed another name for Vundo.

1. About the firewall, an option is to use a lightweight free firewall for now and when your AV subscription expires buy one AV with firewall.

2. About installing any p2p program I would wait until the firewall is installed.

I'll give also tips how to download programs more securely.

3. About the connections in control panel I am not sure what do you exactly mean, do you mean Network Connections, Local Area connection, or any other connection. Why should you go to control panel to make (Internet ?) connection. What happened if you use the (IE or FF) shortcuts on your desktop, or on quick lunch ?

If the issues are still not solved you may do the following:

Step1.

• Please go to start- right click My computer and select manage.

  
  Then select Device Manager.

  
  In the right panel click + by DVD/CD-ROM to expand.

  
  Double click on your DVD/CD drive and read under General if it is enabled.

  
  Then select Disk Management.

  
  Click on the square up right the window to expand the Computer Management window.

  
  You see the list of all drives, and the assigned letters with their path.

  
  Do you see all your drives including DVD/CD-ROM listed there?

  
  If yes what are the letters assigned to them and what are the paths?

  
  Don't close the Computer Management window yet.

• Expand Services and Applications and highlight services

  
  On the same window menu bar under action select Export list...

  
  Select save in: Desktop name: services save as type: Text

• Please post the content of that file into your post.

Step 2.

Open notepad and copy and paste the text in bold in it:

regedit /e look.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DriveIcons"

start notepad look.txt

Save this as look.bat , choose to save as *all files and place it on your desktop.

Doubleclick look.bat

Notepad will open with some txt in it. Copy and paste the contents in your next reply.

Darcy Chiasson

1. I got Sygate, I have McAfee but it's free forever, my dad gets it for his work, and somehow, we never have to go get an other CD or something from work, we can just updated it continualy.... but I don't "trust" it. It seems like it's BY McAfee, but it's like a cheaper product. You see it's called: virus scan enterprise 8.0.0, and the only time I see the McAfee logo and name anywhere is when I start the computer, and when I click on About virus scan enterprise. But never when scanning or updating.

2. I am waiting for your go ahead to get a P2P program.

3. Or let me start over. Under network connections, in control panel, the LAC is fine, and works great. However (also in network connections) the connection I made to connect to the internet (the default, using username and password, 'cause the 'always connected to the internet' connection didn't work when I tried it) has a X in the corner of the icon, and it says: unavalible, device missing. If I try to double click on it, it brings me to it's properties. If I right click on it, the 'connect' option is gray and unclickable. However, when I open FF, the connection screen I normally would see when double clicking on my connection pops up and asks me to connect. I connect no prob. Then if I go check in 'network connections' again, the red x is gone, and it says it's connected.

Step 1. In device manager my DVD/CD drive is enabled. However in the Device Status box it says this:

Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)

Click Troubleshoot to start the troubleshooter for this device.

It is NOT listed in my disk management. I only have my hard drive partitions, C and D like usual. My DVD/CD used to be E.

Here are the services:

Name Description Status Startup Type Log On As

.NET Runtime Optimization Service v2.0.50727_X86 Microsoft .NET Framework NGEN Manual Local System

Alerter Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local Service

Apple Mobile Device Provides the interface to Apple mobile devices. Started Automatic Local System

Application Layer Gateway Service Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall. Started Manual Local Service

Application Management Provides software installation services such as Assign, Publish, and Remove. Manual Local System

ASP.NET State Service Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service

Automatic Updates Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. Started Automatic Local System

AVG Anti-Spyware Guard Started Automatic Local System

Background Intelligent Transfer Service Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly. Manual Local System

BitDefender Communicator Ensures proper communication between BitDefender components Started Automatic Local System

BitDefender Desktop Update Service Downloads BitDefender updates and new malware signatures from the Internet Started Automatic Local System

BitDefender Scan Server Scans media for viruses and other security threats Started Automatic Local System

BitDefender Virus Shield Scans media for viruses and other security threats Started Automatic Local System

Canon Camera Access Library 8 Started Automatic Local System

ClipBook Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System

COM+ Event System Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. Started Manual Local System

COM+ System Application Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Manual Local System

Computer Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

Creative Service for CDROM Access Started Automatic Local System

Cryptographic Services Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

DCOM Server Process Launcher Provides launch functionality for DCOM services. Started Automatic Local System

DHCP Client Manages network configuration by registering and updating IP addresses and DNS names. Started Automatic Local System

Distributed Link Tracking Client Maintains links between NTFS files within a computer or across computers in a network domain. Started Automatic Local System

Distributed Transaction Coordinator Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service

DNS Client Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Network Service

Error Reporting Service Allows error reporting for services and applictions running in non-standard environments. Started Automatic Local System

Event Log Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Started Automatic Local System

Fast User Switching Compatibility Provides management for applications that require assistance in a multiple user environment. Started Manual Local System

Help and Support Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

HTTP SSL This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System

Human Interface Device Access Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System

IIS Admin Allows administration of Web and FTP services through the Internet Information Services snap-in Started Automatic Local System

IMAPI CD-Burning COM Service Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System

Indexing Service Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language. Manual Local System

InstallDriver Table Manager Provides support for the Running Object Table for InstallShield Drivers Manual Local System

iPod Service iPod hardware management services Started Manual Local System

IPSEC Services Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Started Automatic Local System

Logical Disk Manager Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

Logical Disk Manager Administrative Service Configures hard disk drives and volumes. The service only runs for configuration processes and then stops. Started Manual Local System

McAfee Framework Service Shared component framework for McAfee products Started Automatic Local System

Media Center Extender Service Started Automatic Local Service

Media Center Receiver Service Media Center Service for TV and FM broadcast reception Started Automatic Local System

Media Center Scheduler Service Started Automatic Local System

Messenger Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System

Messenger Sharing Folders USN Journal Reader service Service installed by Messenger to enable sharing scenarios Manual Local System

MHN Multimedia Home Networking (MHN) is a networking platform for Audio Video (AV) streaming applications on IP home networks. MHN enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications by providing mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization. Manual Local System

MS Software Shadow Copy Provider Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System

Net Logon Supports pass-through authentication of account logon events for computers in a domain. Manual Local System

Net.Tcp Port Sharing Service Provides ability to share TCP ports over the net.tcp protocol. Disabled Local Service

NetMeeting Remote Desktop Sharing Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System

Network Associates McShield Started Automatic Local System

Network Associates Task Manager Started Automatic Local System

Network Connections Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. Started Manual Local System

Network DDE Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System

Network DDE DSDM Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System

Network Location Awareness (NLA) Collects and stores network configuration and location information, and notifies applications when this information changes. Started Manual Local System

Network Provisioning Service Manages XML configuration files on a domain basis for automatic network provisioning. Manual Local System

NT LM Security Support Provider Provides security to remote procedure call (RPC) programs that use transports other than named pipes. Manual Local System

NVIDIA Display Driver Service Provides system and desktop level support to the NVIDIA display driver Started Automatic Local System

Office Source Engine Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports. Manual Local System

Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Network Service

Plug and Play Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Started Automatic Local System

Pml Driver HPZ12 Started Automatic Local System

Portable Media Serial Number Service Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device. Manual Local System

Print Spooler Loads files to memory for later printing. Started Automatic Local System

PrismXL Started Automatic Local System

Protected Storage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Started Automatic Local System

P###ec Manual Local System

QoS RSVP Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets. Manual Local System

Remote Access Auto Connection Manager Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Manual Local System

Remote Access Connection Manager Creates a network connection. Started Manual Local System

Remote Desktop Help Session Manager Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box. Manual Local System

Remote Procedure Call (RPC) Provides the endpoint mapper and other miscellaneous RPC services. Started Automatic Network Service

Remote Procedure Call (RPC) Locator Manages the RPC name service database. Manual Network Service

Remote Registry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service

Removable Storage Disabled Local System

Routing and Remote Access Offers routing services to businesses in local area and wide area network environments. Disabled Local System

Secondary Logon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

Security Accounts Manager Stores security information for local user accounts. Started Automatic Local System

Security Center Monitors system security settings and configurations. Started Automatic Local System

Server Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

Shell Hardware Detection Provides notifications for AutoPlay hardware events. Started Automatic Local System

Simple Mail Transfer Protocol (SMTP) Transports electronic mail across the network Started Automatic Local System

Smart Card Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local Service

SNMP Service Includes agents that monitor the activity in network devices and report to the network console workstation. Started Automatic Local System

SNMP Trap Service Receives trap messages generated by local or remote SNMP agents and forwards the messages to SNMP management programs running on this computer. Manual Local Service

SSDP Discovery Service Enables discovery of UPnP devices on your home network. Started Automatic Local Service

Stedman Service Provides system level services Manual Local System

Sygate Personal Firewall Started Automatic Local System

System Event Notification Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Started Automatic Local System

System Restore Service Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Started Automatic Local System

Task Scheduler Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

TCP/IP NetBIOS Helper Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Started Automatic Local Service

Telephony Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service. Started Manual Local System

Telnet Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled Local System

Terminal Services Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server. Started Manual Local System

Themes Provides user experience theme management. Started Automatic Local System

Uninterruptible Power Supply Manages an uninterruptible power supply (UPS) connected to the computer. Manual Local Service

Universal Plug and Play Device Host Provides support to host Universal Plug and Play devices. Manual Local Service

Volume Shadow Copy Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System

WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local Service

Windows Audio Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

Windows CardSpace Securely enables the creation, management, and disclosure of digital identities. Manual Local System

Windows Driver Foundation - User-mode Driver Framework Manages user-mode driver host processes Started Automatic Local System

Windows Firewall/Internet Connection Sharing (ICS) Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. Started Automatic Local System

Windows Image Acquisition (WIA) Provides image acquisition services for scanners and cameras. Started Automatic Local System

Windows Installer Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. Manual Local System

Windows Management Instrumentation Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

Windows Management Instrumentation Driver Extensions Provides systems management information to and from drivers. Manual Local System

Windows Media Player Network Sharing Service Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play Manual Network Service

Windows Presentation Foundation Font Cache 3.0.0.0 Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. Manual Local Service

Windows Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Started Automatic Local System

Wireless Zero Configuration Provides automatic configuration for the 802.11 adapters Started Automatic Local System

WMI Performance Adapter Provides performance library information from WMI HiPerf providers. Manual Local System

Workstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Started Automatic Local System

World Wide Web Publishing Provides Web connectivity and administration through the Internet Information Services snap-in Started Automatic Local System

Wow, I so appreciate you looking thru that mess.

Step 2: Done. But when I double click the bat file, it says it cannot find look.TXT and asks me to find it for it.

And that's where I am at now.

farbar

D.C.,

Now that you have a firewall you may install p2p to see what happens and what causes the freezing. When you download something:

1. Try to download from the sites which have a secure download line (Majorgeeks.com is one of them)and not an external mirror unless don't have an alternative. Many people get infected when downloading from download.com, they get redirected and download the wrong file. A better alternative to download.com is softpedia.com which usually has a secure download line, but even there they use external mirrors too.

2. Find out the size of the download before downloading and when downloading check the size of the download and

the authenticity of the site you are downloading from( it is on the download pop up window).

3. About the connection: Which one is your default connection? IE or FF, you may try to change the default connection and see what happens. here is a link on that:

http://www.chami.com/tips/internet/043099I.html

4. About DVD/ROM: The most simple thing is to update the driver, or uninstall and reinstall it, you can do it from the device manager. Is windows able to see the new hardware when you connect a new hardware to the PC? If yes uninstall the DVD/ROM driver, reboot, windows should find the new hardware and search for the driver. If the driver is not available it asks permission to search via Internet. Then it downloads and installs it.

5. At the first look I don't see anything wrong with the services. I am going to take a deeper look.

farbar

Hi,

About the services: Please go to services, among the services select Removable Storage (Disabled Local System) double click on it, under General tab, set the startup type from disable to Automatic. Reboot or start the system (by selecting the service and clicking on start).

Download Dial-a-fix from Majorgeeks or djlizard.net

To remove restrictions:

Doubleclick Dial-a-fix-date/versions.exe to start the program.

Immediately a window will open with on top: "Dial-A-fix : Restrictive policies"

You'll see registry keys.

Check them all and click the remove button below.

Then click close. This should close the policies window.

Then click exit in the main window under it, because we don't need anything from there.

REBOOT your computer afterwards, important.

Please keep me informed.

Darcy Chiasson

Farbar,

We had a computer shop take a look at our DVD drive, and much to our suprise it was actually broken. At the same time, they also reinstalled Windows to see if it would get rid of our other problems... it did. My computer is so far so good. We bought a router, V11 Wireless G by ZI0. It suppositly has a firewall too. So should download a firewall too? By the way, when they looked at my computer and the problem with the connection, the guys at the tech shop said they hadn't seen anything like it.

farbar

Farbar,

We had a computer shop take a look at our DVD drive, and much to our suprise it was actually broken. At the same time, they also reinstalled Windows to see if it would get rid of our other problems... it did. My computer is so far so good. We bought a router, V11 Wireless G by ZI0. It suppositly has a firewall too. So should download a firewall too? By the way, when they looked at my computer and the problem with the connection, the guys at the tech shop said they hadn't seen anything like it.

Hi D.C.,

I don't know what tools you had used but it was really a mess.

About the firewall: You are safer when you are behind a router, but still you need a firewall with Internet traffic control with which you can easily manage the traffic.

Darcy Chiasson

Thank you, just one last problem, I can't seem to get Ares (P2P) to work, it connects I can search for files, but it wont download them, it just keeps "connecting". do you know any other good safe P2P that wont slow down my system too much?

farbar

Thank you, just one last problem, I can't seem to get Ares (P2P) to work, it connects I can search for files, but it wont download them, it just keeps "connecting". do you know any other good safe P2P that wont slow down my system too much?

You should use your router's manual to configure it in order to enable UPNP. It is usually like this: you enter the router's server (it is numerical) in the IE address bar. It opens up a window pop up asking you to enter your password. By default it is admin. Then you get the configuration page. Under Advanced Settings tab you select UPNP tab and check enable, then apply. Also you have to configure your p2p to use UPNP connection.

Ares or any other p2p like utorrent should not slow down your system if you configure it to limit the download and upload size in order not to use maximum bandwidth and leave enough room for other activities.

Darcy Chiasson

Thx for all your help, Nice avatar by the way.

farbar

Thx for all your help, Nice avatar by the way.

You are welcome D.C.