PDA

View Full Version : Startup gone bad


tonyme
17-02-10, 10:33
Hello!

My Windows Vista laptop is starting up all weird, with a very basic interface and the following error message appears on the notifications bar: "Failed to connect to a Windows service: Windows could not connect to the System Event Notification service."

This normally would happen a few times after I install Windows Updates, and when I restart the PC a few times it starts up normally. But even when I shut off the automatic updates, it's still happening and I've been restarting the PC quite a few times and it's still like this! :(

Any help would be much appreciated. :)

EscondeR
17-02-10, 10:56
First try this:

Go to Start > All Programs > Accessories
Right click on Command Prompt and select "Run as administrator".
Once the command prompt window opens type "netsh winsock reset catalog" w/o quotes and press Enter.


Reboot.

If still the same issue, try:
Go to Start > Run, type in "sfc /scannow" w/o quotes and press Enter.

BTW, run ARDiag.exe (http://www.tombraiderhub.com/download/ardiag.exe) and post the report.
Running full system antivirus scan won't hurt also.

tonyme
17-02-10, 12:47
First try this:

Go to Start > All Programs > Accessories
Right click on Command Prompt and select "Run as administrator".
Once the command prompt window opens type "netsh winsock reset catalog" w/o quotes and press Enter.




Thanks a lot Alex.

When I do the quoted step, I get: "The requested operation requires elevation"

EscondeR
17-02-10, 12:49
READ (http://www.tombraiderwiki.com/index.php/Administrator), activate, log in, perform aforementioned steps. :)

tonyme
17-02-10, 13:31
First step didn't work, the second one is running now. :)

---------------------------------------------------------------
AutoRuns Diagnostics for TRF v 0.5 Developed by EscondeR
---------------------------------------------------------------



Program:
"Provides the interface to Apple mobile devices."
Publisher:
"(Verified) Apple Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Apple Mobile Device
Program path & name:
"c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe"
Enabled: [V]


Program:
"Provides protection against computer viruses and another dangerous software."
Publisher:
"(Verified) Kaspersky Lab"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
AVP
Program path & name:
"c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe"
Enabled: [V]


Program:
"Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network. Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour
Publisher:
any network service that explicitly depends on it will fail to start."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Bonjour Service
Program path & name:
"(Verified) Apple Inc.""c:\program files\bonjour\mdnsresponder.exe"
Enabled: [V]


Program:
"Service of ConfigFree."
Publisher:
"(Not verified) TOSHIBA CORPORATION"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
CFSvcs
Program path & name:
"c:\program files\toshiba\configfree\cfsvcs.exe"
Enabled: [V]


Program:
"Keeps your Google software up to date. If this service is disabled or stopped
Publisher:
your Google software will not be kept up to date meaning security vulnerabilities that may arise can't be fixed and features may not work. This service uninstalls itself when there is no Google software using it."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gupdate
Program path & name:
"(Verified) Google Inc""c:\program files\google\update\googleupdate.exe"
Enabled: [V]


Program:
"Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped
Publisher:
your Google software will not be kept up to date meaning security vulnerabilities that may arise cannot be fixed and features may not work."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"(Verified) Google Inc""c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
"PC Tools Firewall Plus service"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PCToolsFirewallPlus
Program path & name:
"c:\program files\pc tools firewall plus\fwservice.exe"
Enabled: [V]


Program:
"Spybot-S&D Security Center integration"
Publisher:
"(Verified) Safer Networking Ltd."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SBSDWSCService
Program path & name:
"c:\program files\spybot - search & destroy\sdwinsec.exe"
Enabled: [V]


Program:
"TDCSrv Application"
Publisher:
"(Not verified) TOSHIBA Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TODDSrv
Program path & name:
"c:\windows\system32\toddsrv.exe"
Enabled: [V]


Program:
"TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped."
Publisher:
"(Verified) TOSHIBA CORPORATION"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TosCoSrv
Program path & name:
"c:\program files\toshiba\power saver\toscosrv.exe"
Enabled: [V]


Program:
"TOSHIBA Bluetooth Service"
Publisher:
"(Not verified) TOSHIBA CORPORATION"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TOSHIBA Bluetooth Service
Program path & name:
"c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe"
Enabled: [V]


Program:
"Allows to use visual styles without Microsoft signature."
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
UxTuneUp
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]


Program:
"IP in IP Tunnel Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
IpInIp
Program path & name:
File not found: system32\DRIVERS\ipinip.sys"
Enabled: [V]


Program:
"Kaspersky Unified Driver"
Publisher:
"(Verified) Kaspersky Lab"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
kl1
Program path & name:
"c:\windows\system32\drivers\kl1.sys"
Enabled: [V]


Program:
"IPX Traffic Filter Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFlt
Program path & name:
File not found: system32\DRIVERS\nwlnkflt.sys"
Enabled: [V]


Program:
"IPX Traffic Forwarder Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFwd
Program path & name:
File not found: system32\DRIVERS\nwlnkfwd.sys"
Enabled: [V]


Program:
"Patin-Couffin low level access layer for CD devices"
Publisher:
"(Not verified) VSO Software"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pcouffin
Program path & name:
"c:\windows\system32\drivers\pcouffin.sys"
Enabled: [V]


Program:
"Memory Monitor Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pctmp
Program path & name:
"c:\windows\system32\drivers\pctmp.sys"
Enabled: [V]


Program:
"PC Tools IPC Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pctssipc
Program path & name:
"c:\windows\system32\drivers\pctssipc.sys"
Enabled: [V]


Program:
"PC Tools NDIS Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SFilter
Program path & name:
"c:\windows\system32\drivers\pctfw.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sptd
Program path & name:
c:\windows\system32\drivers\sptd.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TpChoice
Program path & name:
File not found: system32\DRIVERS\TpChoice.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
windrvNT
Program path & name:
File not found: C:\Windows\system32\windrvNT.sys"
Enabled: [V]


Program:
"Logon Visualizer"
Publisher:
"(Verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
klogon
Program path & name:
"c:\windows\system32\klogon.dll"
Enabled: [V]


Program:
N/A
Publisher:
"(Not verified) TOSHIBA CORPORATION."
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs
Entry name:
Toshiba Bluetooth Monitor
Program path & name:
"c:\windows\system32\tbtmon.dll"
Enabled: [V]


Program:
"Kaspersky Anti-Virus Ring 3 Hooker"
Publisher:
"(Verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\KASPER~1\KASPER~2.0\r3hook.dll
Program path & name:
"c:\program files\kaspersky lab\kaspersky anti-virus 7.0\r3hook.dll"
Enabled: [V]


Program:
"PC Tools Firewall GUI"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
00PCTFW
Program path & name:
"c:\program files\pc tools firewall plus\firewallgui.exe"
Enabled: [V]


Program:
"Kaspersky Anti-Virus"
Publisher:
"(Verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
AVP
Program path & name:
"c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe"
Enabled: [V]


Program:
"QuickTime Task"
Publisher:
"(Not verified) Apple Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
QuickTime Task
Program path & name:
"c:\program files\quicktime\qttask.exe"
Enabled: [V]


Program:
"iTunesHelper"
Publisher:
"(Verified) Apple Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
iTunesHelper
Program path & name:
"c:\program files\itunes\ituneshelper.exe"
Enabled: [V]


Program:
"Java(TM) Update Scheduler"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
SunJavaUpdateSched
Program path & name:
"c:\program files\common files\java\java update\jusched.exe"
Enabled: [V]


Program:
"TOSHIBA Power Saver"
Publisher:
"(Verified) TOSHIBA CORPORATION"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
TPwrMain
Program path & name:
"c:\program files\toshiba\power saver\tpwrmain.exe"
Enabled: [ ]


Program:
"Skype for COM API"
Publisher:
"(Verified) Skype Technologies SA"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
skype4com
Program path & name:
"c:\program files\common files\skype\skype4com.dll"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Update
Program path & name:
"c:\users\tttt\appdata\local\google\update\googleup date.exe"
Enabled: [V]


Program:
"TuneUp System Optimizer"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
Task Scheduler
Entry name:
1-Click Maintenance.job
Program path & name:
"c:\program files\tuneup utilities 2007\systemoptimizer.exe"
Enabled: [V]


Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
Google Software Updater.job
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskMachineCore.job
Program path & name:
"c:\program files\google\update\googleupdate.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskMachineUA.job
Program path & name:
"c:\program files\google\update\googleupdate.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskUserS-1-5-21-1357065688-547351928-568088638-1001Core.job
Program path & name:
"c:\users\tttt\appdata\local\google\update\googleup date.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskUserS-1-5-21-1357065688-547351928-568088638-1001UA.job
Program path & name:
"c:\users\tttt\appdata\local\google\update\googleup date.exe"
Enabled: [V]


Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Notifier BHO
Program path & name:
"c:\program files\google\googletoolbarnotifier\5.1.1309.3572\s wg.dll"
Enabled: [V]


Program:
"Ask.com Toolbar"
Publisher:
"(Verified) Ask.com"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Ask Toolbar
Program path & name:
"c:\program files\ask.com\genericasktoolbar.dll"
Enabled: [V]


Program:
"Java(TM) Platform SE binary"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Java(tm) Plug-In 2 SSV Helper
Program path & name:
"c:\program files\java\jre6\bin\jp2ssv.dll"
Enabled: [V]


Program:
"WinZip Shell Extension DLL"
Publisher:
"(Not verified) WinZip Computing LP"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinZip
Program path & name:
"c:\program files\winzip\wzshlstb.dll"
Enabled: [V]


Program:
"WinZip Shell Extension DLL"
Publisher:
"(Not verified) WinZip Computing LP"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinZip
Program path & name:
"c:\program files\winzip\wzshlstb.dll"
Enabled: [V]


Program:
"WinZip Shell Extension DLL"
Publisher:
"(Not verified) WinZip Computing LP"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinZip
Program path & name:
"c:\program files\winzip\wzshlstb.dll"
Enabled: [V]


Program:
"WinZip Shell Extension DLL"
Publisher:
"(Not verified) WinZip Computing LP"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinZip
Program path & name:
"c:\program files\winzip\wzshlstb.dll"
Enabled: [V]


Program:
"Cover Designer"
Publisher:
"(Verified) Nero AG"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
NeroCoverEd Live Icons
Program path & name:
"c:\program files\nero\nero 7\nero coverdesigner\coveredextension.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
File and Folder Privacy Context Menu Handler
Program path & name:
c:\windows\ffprext\ffprext.dll"
Enabled: [V]


Program:
"TuneUp Shredder Shell Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Shredder Shell Extension
Program path & name:
"c:\program files\tuneup utilities 2007\sdshelex-win32.dll"
Enabled: [V]


Program:
"TuneUp Theme Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Theme Extension
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]


Program:
"Script Monitor Internet Explorer plugin"
Publisher:
"(Verified) Kaspersky Lab"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Web Anti-Virus statistics
Program path & name:
"c:\program files\kaspersky lab\kaspersky anti-virus 7.0\scieplgn.dll"
Enabled: [V]


Program:
"Phone Browser"
Publisher:
"(Not verified) Nokia"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Nokia Phone Browser
Program path & name:
"c:\program files\nokia\nokia pc suite 6\phonebrowser.dll"
Enabled: [V]


Program:
"iTunes Mini Player DLL"
Publisher:
"(Verified) Apple Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
iTunes
Program path & name:
"c:\program files\itunes\itunesminiplayer.dll"
Enabled: [V]


Program:
"Ask.com Toolbar"
Publisher:
"(Verified) Ask.com"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
genericasktoolbar.dll
Program path & name:
"c:\program files\ask.com\genericasktoolbar.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Extensions
Entry name:
eBay
Program path & name:
File not found: http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?EN"
Enabled: [V]

EscondeR
17-02-10, 13:42
What do you mean under "didn't work"?

Have you activated an Administrator account?
Or have you run an elevated Command prompt (Run as Administrator)?

1. Download and run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) and untick the following entries:


Program:
"Keeps your Google software up to date. If this service is disabled or stopped
Publisher:
your Google software will not be kept up to date meaning security vulnerabilities that may arise can't be fixed and features may not work. This service uninstalls itself when there is no Google software using it."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gupdate
Program path & name:
"(Verified) Google Inc""c:\program files\google\update\googleupdate.exe"
Enabled: [V]


Program:
"Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped
Publisher:
your Google software will not be kept up to date meaning security vulnerabilities that may arise cannot be fixed and features may not work."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"(Verified) Google Inc""c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
"PC Tools Firewall Plus service"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PCToolsFirewallPlus
Program path & name:
"c:\program files\pc tools firewall plus\fwservice.exe"
Enabled: [V]


Program:
"Allows to use visual styles without Microsoft signature."
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
UxTuneUp
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]


Program:
"IP in IP Tunnel Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
IpInIp
Program path & name:
File not found: system32\DRIVERS\ipinip.sys"
Enabled: [V]


Program:
"IPX Traffic Filter Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFlt
Program path & name:
File not found: system32\DRIVERS\nwlnkflt.sys"
Enabled: [V]


Program:
"IPX Traffic Forwarder Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFwd
Program path & name:
File not found: system32\DRIVERS\nwlnkfwd.sys"
Enabled: [V]


Program:
"Memory Monitor Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pctmp
Program path & name:
"c:\windows\system32\drivers\pctmp.sys"
Enabled: [V]


Program:
"PC Tools IPC Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pctssipc
Program path & name:
"c:\windows\system32\drivers\pctssipc.sys"
Enabled: [V]


Program:
"PC Tools NDIS Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SFilter
Program path & name:
"c:\windows\system32\drivers\pctfw.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sptd
Program path & name:
c:\windows\system32\drivers\sptd.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TpChoice
Program path & name:
File not found: system32\DRIVERS\TpChoice.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
windrvNT
Program path & name:
File not found: C:\Windows\system32\windrvNT.sys"
Enabled: [V]


Program:
"PC Tools Firewall GUI"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
00PCTFW
Program path & name:
"c:\program files\pc tools firewall plus\firewallgui.exe"
Enabled: [V]


Program:
"QuickTime Task"
Publisher:
"(Not verified) Apple Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
QuickTime Task
Program path & name:
"c:\program files\quicktime\qttask.exe"
Enabled: [V]


Program:
"Java(TM) Update Scheduler"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
SunJavaUpdateSched
Program path & name:
"c:\program files\common files\java\java update\jusched.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Update
Program path & name:
"c:\users\tttt\appdata\local\google\update\googleup date.exe"
Enabled: [V]


Program:
"TuneUp System Optimizer"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
Task Scheduler
Entry name:
1-Click Maintenance.job
Program path & name:
"c:\program files\tuneup utilities 2007\systemoptimizer.exe"
Enabled: [V]


Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
Google Software Updater.job
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskMachineCore.job
Program path & name:
"c:\program files\google\update\googleupdate.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskMachineUA.job
Program path & name:
"c:\program files\google\update\googleupdate.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskUserS-1-5-21-1357065688-547351928-568088638-1001Core.job
Program path & name:
"c:\users\tttt\appdata\local\google\update\googleup date.exe"
Enabled: [V]


Program:
"Google Installer"
Publisher:
"(Verified) Google Inc"
Entry path:
Task Scheduler
Entry name:
GoogleUpdateTaskUserS-1-5-21-1357065688-547351928-568088638-1001UA.job
Program path & name:
"c:\users\tttt\appdata\local\google\update\googleup date.exe"
Enabled: [V]


Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Notifier BHO
Program path & name:
"c:\program files\google\googletoolbarnotifier\5.1.1309.3572\s wg.dll"
Enabled: [V]


Program:
"Ask.com Toolbar"
Publisher:
"(Verified) Ask.com"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Ask Toolbar
Program path & name:
"c:\program files\ask.com\genericasktoolbar.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
File and Folder Privacy Context Menu Handler
Program path & name:
c:\windows\ffprext\ffprext.dll"
Enabled: [V] - Very much likely a trojan!


Program:
"TuneUp Shredder Shell Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Shredder Shell Extension
Program path & name:
"c:\program files\tuneup utilities 2007\sdshelex-win32.dll"
Enabled: [V]


Program:
"TuneUp Theme Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Theme Extension
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]


Program:
"Ask.com Toolbar"
Publisher:
"(Verified) Ask.com"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
genericasktoolbar.dll
Program path & name:
"c:\program files\ask.com\genericasktoolbar.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Extensions
Entry name:
eBay
Program path & name:
File not found: http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?EN"
Enabled: [V]


2. Uninstall PCTools and TuneUP crapware.

3. Use THIS (http://www.duplexsecure.com/downloads) tool to remove all Daemon Tools remnants, as you have no DT installed ATM, but the driver is still there.

tonyme
17-02-10, 14:23
What do you mean under "didn't work"?

Have you activated an Administrator account?
Or have you run an elevated Command prompt (Run as Administrator)?



It didn't work 'cause when I rebooted, the windows interface was still the same, and the error message appeared. I ran an elevated Command Prompt (run as Admin).

EscondeR
17-02-10, 15:06
Have you tried this:

Go to Start > Run, type in "sfc /scannow" w/o quotes and press Enter.

Running full system antivirus scan won't hurt also.

tonyme
17-02-10, 15:16
Yes I did. It worked BUT major issue now!!:( My computer isn't recognizing any local area connection anymore! It's like there's no ethernet cable inserted! (This happened after I unticked the Autoruns entries)

EDIT: I'm using my sister's computer now

EscondeR
17-02-10, 16:08
Tick the following back in Autoruns:

Program:
"PC Tools Firewall Plus service"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PCToolsFirewallPlus
Program path & name:
"c:\program files\pc tools firewall plus\fwservice.exe"
Enabled: [V]


Program:
"Memory Monitor Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pctmp
Program path & name:
"c:\windows\system32\drivers\pctmp.sys"
Enabled: [V]


Program:
"PC Tools IPC Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pctssipc
Program path & name:
"c:\windows\system32\drivers\pctssipc.sys"
Enabled: [V]


Program:
"PC Tools NDIS Driver"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SFilter
Program path & name:
"c:\windows\system32\drivers\pctfw.sys"
Enabled: [V]


Program:
"PC Tools Firewall GUI"
Publisher:
"(Verified) PC Tools"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
00PCTFW
Program path & name:
"c:\program files\pc tools firewall plus\firewallgui.exe"
Enabled: [V]

then reboot your PC, then go to Control panel > Install and remove software and uninstall PC Tools completely.

tonyme
17-02-10, 16:34
Did that.

Connection's back, interface is perfect again! :) Thank you SO much!