Have had trouble maintaining an internet connection. Caught a Trojan days ago, but deleted it, so there's no quarantine specimen. Didn't jot down the name.....sorry about that. Two entries, one said 'embedded'. Was able to delete them, but may not have disabled System restore......
Days and days of (ICS) Internet Connection Sharing Service disabling itself and refusing to enable because of error 1068 'Dependencies'. Cannot right-click on either hi-speed icons (WAN Driver & Ethernet) to get drop-down menus.....because the Control Panel > Network Connections window freezes up and requires Task Manager to terminate the program.
Attempting to check Win XP Firewall results in a failure to open error because ICS services is stopped.
Right-clicking My Computer, choosing Mange, and opening the 'Services' list reveals that the "Windows/Firewall (ICS) Internet Connection Sharing Service" is stopped. It refuses to enable, in automatic (or manual), and sends this 1068 'dependencies' error.
I can get online for about 5 minutes upon booting up, but it moves slow and then I loose the connection entirely.
Ran all the scans you require in both normal and safe-mode, with system restore off. CWShredder, Adaware, Spybot , AVG Free, Ewido (now AVG Anti-Spyware 7), and finally Trojan Remover. Nothing ever came up. Device Manger revealed the hardware is fine, but access to enable the Network Connections is also being blocked from there.
Tonight, after a Trojan Remover Update and System Scan, I get this message, but it does not call it a malicious item:
File called by NT/XP Services Registry key:
C:\WINDOWS\System32\wbem\WmiApSrv.exe
Loaded by Registry Key:
Hkey_Local_Machine\System\CurrentControlSet\Services\WmiApSrv\"ImagePath"
So I track down these two files in C:\WINDOWS and in the registry HKEY tree.
They must have been renamed. I hope there is enough info to recommend a repair strategy. The only .exe file in the C:\WINDOWS is
smi2smir.exe
WMI SNMP MIB COMPILER
MS Corp.
And here I've exported this properties description from the HKEY registry entry:
Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApSrv
Class Name: <NO CLASS>
Last Write Time: 10/12/2006 - 10:58 PM
Value 0
Name: Type
Type: REG_DWORD
Data: 0x10
Value 1
Name: Start
Type: REG_DWORD
Data: 0x3
Value 2
Name: ErrorControl
Type: REG_DWORD
Data: 0x1
Value 3
Name: DisplayName
Type: REG_SZ
Data: WMI Performance Adapter
Value 4
Name: DependOnService
Type: REG_MULTI_SZ
Data: RPCSS
Value 5
Name: DependOnGroup
Type: REG_MULTI_SZ
Data:
Value 6
Name: ObjectName
Type: REG_SZ
Data: LocalSystem
Value 7
Name: Description
Type: REG_SZ
Data: Provides performance library information from WMI HiPerf providers.
Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApSrv\Security
Class Name: <NO CLASS>
Last Write Time: 8/26/2004 - 7:00 AM
Value 0
Name: Security
Type: REG_BINARY
Data:
00000000 01 00 14 80 90 00 00 00 - 9c 00 00 00 14 00 00 00 ................
00000010 30 00 00 00 02 00 1c 00 - 01 00 00 00 02 80 14 00 0...............
00000020 ff 01 0f 00 01 01 00 00 - 00 00 00 01 00 00 00 00 ˙...............
00000030 02 00 60 00 04 00 00 00 - 00 00 14 00 fd 01 02 00 ..`.........ý...
00000040 01 01 00 00 00 00 00 05 - 12 00 00 00 00 00 18 00 ................
00000050 ff 01 0f 00 01 02 00 00 - 00 00 00 05 20 00 00 00 ˙........... ...
00000060 20 02 00 00 00 00 14 00 - 8d 01 02 00 01 01 00 00 ...............
00000070 00 00 00 05 0b 00 00 00 - 00 00 18 00 fd 01 02 00 ............ý...
00000080 01 02 00 00 00 00 00 05 - 20 00 00 00 23 02 00 00 ........ ...#...
00000090 01 01 00 00 00 00 00 05 - 12 00 00 00 01 01 00 00 ................
000000a0 00 00 00 05 12 00 00 00 - ........
It looks so strange to me! Nothing on the Computer > Manage > Services list is wrong....so says a techie at eMachines.....except the (ICS) one.
My hi-speed cable server, Adelphia, ran some checks and determined they could see the flow go right up to my modem....so it isn't the cable service.
I hope this is the right kind of info in a format you can make sense of. I am new to alot of this. Any help fixing this problem would be GREATLY APPRECIATED.
- Scottportraits
Sign In
Create Account
