# Solved: Lose Internet connection after 3 mintues on XP. Only restarted fixes.



## finance (Nov 8, 2010)

I have an HP laptop with an XP home with all updates, semantic antivirus, and zone alarm free firewall. A few days ago, I started losing my Internet connection, having to reboot to get going. Virus scan is clean. Same story for wifi or plug-in connection, both fail. HP network repair isn't fixing the problem. A new machine is working fine, but now I can only get 3 minutes of Internet on my older PC. Very annoying. I did do some windows patches over the past month. Zone alarm version 9-- issue with them? I set my networks to be trusted. I tried installing different browsers. Can't think of what to do next? Thanks for any help.
--finance guy (not tech support)


----------



## Phantom010 (Mar 9, 2009)

Restarting a computer normally refreshes the DNS resolver cache, so perhaps that's why you can reconnect to those websites again. However, it doesn't explain why you would need to refresh your DNS that often. 

As a test, instead of restarting your computer, try the following:

Press the Windows key + R to open a Run box.

Type *CMD*

In the Command Prompt window, type (or paste): *ipconfig /flushdns*

If that works, I suggest changing your DNS server settings:

Try using *Google Public DNS*.

Or, *OpenDNS*.


----------



## finance (Nov 8, 2010)

Hi,
Thank you for the suggestion. I went to the command window and the DNS Resolver Cache flush was successful. Unfortunately, it did not fix the Internet acess. I still can't get on IE or Firefox right now.
Any help is very much appreciated.


----------



## Phantom010 (Mar 9, 2009)

Try using *Google Public DNS*.

Or, *OpenDNS*.

If still no luck,

Press the Windows key + R to open a Run box.

Type *CMD*.

Press OK.

In the Command Prompt, type *ipconfig /all*.

Press Enter.

Copy (right-click and Select All > press Enter) the entire content of that window and paste it into your next reply.


----------



## TerryNet (Mar 23, 2005)

In Device Manager right click on your network adapter and uninstall it; then reboot and let Windows discover the adapter and reinstall the adapter.

Uninstall Zone Alarm and run the Removal Tool.

Then run these repairs ...

(From a JohnWill post)

*TCP/IP stack repair options for use with Windows XP with SP2 or SP3.*

*Start, Run, CMD, OK* to open a command prompt.

Reset WINSOCK entries to installation defaults: *netsh winsock reset catalog*

Reset TCP/IP stack to installation defaults. *netsh int ip reset reset.log*

Reboot the machine.


----------



## finance (Nov 8, 2010)

I did the goggleDNS, but it did not fix the problem. Below is the current DNS log. I am wondering if it some remnant of zone alarm, since these things seem to have trouble updating. I can try the zone alarm uninstall next. But if that works, which would be fantastic, what do you recommend I use as a firewall? Thanks again for the help.

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Admin>ipconfig /all

Windows IP Configuration

******* Host Name . . . . . . . . . . . . : PC130101
******* Primary Dns Suffix* . . . . . . . :
******* Node Type . . . . . . . . . . . . : Unknown
******* IP Routing Enabled. . . . . . . . : No
******* WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

******* Connection-specific DNS Suffix* . :
******* Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
******* Physical Address. . . . . . . . . : 00-16-36-93-58-38
******* Dhcp Enabled. . . . . . . . . . . : Yes
******* Autoconfiguration Enabled . . . . : Yes
******* IP Address. . . . . . . . . . . . : 192.168.0.102
******* Subnet Mask . . . . . . . . . . . : 255.255.255.0
******* Default Gateway . . . . . . . . . :
******* DHCP Server . . . . . . . . . . . : 192.168.0.1
******* DNS Servers . . . . . . . . . . . : 8.8.8.8
******************************************* 8.8.4.4
******* Lease Obtained. . . . . . . . . . : Monday, November 08, 2010 9:48:58 PM

******* Lease Expires . . . . . . . . . . : Monday, November 15, 2010 9:48:58 PM

Ethernet adapter Wireless Network Connection 2:

******* Connection-specific DNS Suffix* . :
******* Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
******* Physical Address. . . . . . . . . : 00-14-A5-EB-85-2E
******* Dhcp Enabled. . . . . . . . . . . : Yes
******* Autoconfiguration Enabled . . . . : Yes
******* IP Address. . . . . . . . . . . . : 192.168.0.100
******* Subnet Mask . . . . . . . . . . . : 255.255.255.0
******* Default Gateway . . . . . . . . . : 192.168.0.1
******* DHCP Server . . . . . . . . . . . : 192.168.0.1
******* DNS Servers . . . . . . . . . . . : 8.8.8.8
******************************************* 8.8.4.4
******* Lease Obtained. . . . . . . . . . : Monday, November 08, 2010 9:20:19 PM

******* Lease Expires . . . . . . . . . . : Monday, November 15, 2010 9:20:19 PM

C:\Documents and Settings\Admin>


----------



## Phantom010 (Mar 9, 2009)

Go ahead with removing ZoneAlarm.


----------



## finance (Nov 8, 2010)

I am unsure about how to do this:

In Device Manager right click on your network adapter and uninstall it; then reboot and let Windows discover the adapter and reinstall the adapter.

In network connections folder, I see connections for the wifi and the plug-in connection. Right clicking gives me the option to disable. Should I do that? Or select the connection and hit "delete" on the keyboard? I am unclear on how to "uninstall" this. Thanks for the help.

Also, even though I lose Internet connection, I am still able to ping yahoo.com in the cmd window, in case that info helps.


----------



## finance (Nov 8, 2010)

I did the zone alarm uninstall, ran that exe file he linked, and ran the two cmd codes, but I am still getting the Internet disconnection problem after about 3 minutes I wasn't able to uninstall the two network connection ( wired and wifi), but I did disable them, and then after restart re-enabled them an then ran the "reapair connection" wizard. 
I see that windows firewall now turned itself on after the zone alarm uninstall (win firewall had been off). 
Please help me with further suggestions. That uninstaller link he gave me now comes up each time I reboot the computer. Thanks for your assistance.


----------



## Phantom010 (Mar 9, 2009)

Please click *HERE* to download and install *HijackThis.* 

Run it and select *Do a system scan and save a logfile* from the Main Menu.

The log will be saved in Notepad. Copy and paste the log in your next post.

*IMPORTANT: Do not fix anything*

If you can't download the program from your faulty computer, use a working one and copy the program to a USB flash drive or other media. Plug the flash drive into the fautly computer to install HijackThis.


----------



## finance (Nov 8, 2010)

Again, I want to thank you for your continued help with these. Here is the log file from the scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:52:47 PM, on 11/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\McAfee\QuickClean\PlgUni.exe
C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\GreenPrint Technologies\GreenPrint World\GPTray.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Imonitor] "C:\Program Files\McAfee\QuickClean\PlgUni.exe" /START
O4 - HKLM\..\Run: [GPPrinterNotify] "C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"* -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CheckPoint Cleanup] C:\DOCUME~1\Admin\LOCALS~1\Temp\cpes_clean_launcher.exe C:\DOCUME~1\Admin\LOCALS~1\Temp\cpes_clean.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [ARC] "C:\Program Files\McAfee\QuickClean\Uni.exe" /ARC:HP Rhapsody
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: Seagate Product Registration.lnk = C:\Documents and Settings\Admin\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GreenPrint Printer Notify.lnk = ?
O4 - Global Startup: GreenPrint TrayIcon.lnk = ?
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.5.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.evite.com/html/imageUpload/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1190502314906
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://mathworksevents.webex.com/client/T27L10NSP11EP5/event/ieatgpc.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://remotedesktop.americancentury.com/dana-cached/setup/JuniperSetupSP1.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://remotedesktop.americancentury.com/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

--
End of file - 18128 bytes


----------



## TerryNet (Mar 23, 2005)

DEVICE MANAGER, not Network Connections.  Right click on My Computer - Properties - Hardware - Device Manager. Then you will see your network adapter (Broadcom 802.11b/g WLAN) under Network Adapters.

You asked about firewall recommendations. I use the built-in Windows firewall (plus am almost always running behind the "natural firewall" of a router). If you still like Zone Alarm it is OK to reinstall it. The uninstall and Removal Tool was to clear out any possible corruption.


----------



## Phantom010 (Mar 9, 2009)

Have you tried disabling Norton?


----------



## TerryNet (Mar 23, 2005)

Symantec Endpoint Protection includes a firewall. Symantec/Norton firewalls are just as good as Zone Alarm at gumming up networking.

I would suggest uninstalling it also, but if this is a company computer, or used for company business, please do not do that without first checking with your IT department.


----------



## Phantom010 (Mar 9, 2009)

If the computer isn't a company computer, use the *Norton Removal Tool*. Just take note of your Norton registration informations before uninstalling.


----------



## finance (Nov 8, 2010)

Ok, I tried the driver or network device uninstall and restarted (also with the flush), but it didn't work--I still lose the Internet connection. I have an employer provided Symantec Endpoint Protection on my home machine. Is that the same thing as Norton--they used to be two companies, correct? Since I'm now unemployed, I love to be able to keep it if I have to uninstall it. But I'd rather have the computer functioning. It says it has antivirus and antispyware, proactive threat protection, and network threat protection--doesn't use the word "firewall", though it may provide that service. 
Next step should be uninstalling symantec, with norton removal tool?
Thanks again for your time and expert advice.


----------



## Phantom010 (Mar 9, 2009)

Yes, Symantec is Norton.


----------



## TerryNet (Mar 23, 2005)

In this description see the 2nd bulletin item under Learn - Key features [color added by me]:



> Seamlessly integrates antivirus, antispyware, firewall, intrusion prevention, device and application control


Unless *Phantom010 *spotted something else in the HJT log I thing we are running out of ideas here. And, by the way, if you are no longer working for the company that provided the package it may not still be legit for you to be using it.


----------



## finance (Nov 8, 2010)

Thanks again for all of the info. I try to run the norton removal tool, but it just is running in the background, using no CPU and 6800K of memory. Does not seem to be doing much? I ran this thing called AppRemover, which was listed on the zone alarm board, but it could not find anything. So I tried to reinstall ZA to run this, but ZA said that I didn't have famine rights. But I just double checked, and I am in the Admin account with full rights. So weird. And I discovered that even when the Internet stops working (can't type in a new URL or ITunes updates suddenly ceases download, that I can still run an gmail--send and receive emails, inside of the open session even though I can't get a new URL. I also tried system rest or, but it would not work to any old points. 
Any advice is appreciated. Is there anything else I can do other than wipe out everything. Thanks for the help so far.


----------



## Phantom010 (Mar 9, 2009)

Try running the *Norton Removal Tool* in *Safe Mode*.


----------



## finance (Nov 8, 2010)

Sure, how do I do safe mode?


----------



## finance (Nov 8, 2010)

Ok, I found documentation on starting up in safe mode. I'll try that...


----------



## Phantom010 (Mar 9, 2009)

finance said:


> Sure, how do I do safe mode?


*Safe Mode *


----------



## finance (Nov 8, 2010)

I got into safe mode, but it wouldn't uninstall symantec Endpoint with that Norton Tool without first using the regular uninstall. So I went over to zonealrm tech support chat site, and they gave me the stadard line if that I already uninstalled it, then it wasn't the source of the problem. But they would still give me the manual uninstall instructions (and I was already in safe mode). My experience with the ZA tech support was as fast and efficient as I've had with any software company. Congrats to the

So I went ahead and tried them. Restarted, and I haven't lost my connection for 30 minutes. Hopefully, it is resolved and I am in the clear! Thank you everyone for your suggestions and help along the way. Hopefully, this case is closed. I've learned a lot in the process with your help.

Here are their instructions (Brian H. is ZA tech support):

*Brian H.: *You're still losing internet after removing ZA? 
*Finance**: *yes, removing ZA didn't fix anything. 
*Brian H.: *I'm not sure what I can suggest, if ZA isn't installed it's not causing the issue... I can give you manual removal steps to check for lingering ZA files if you would like. *Finance: *yes, that would be helpful. i've removed a firewall from a different company before, where it didn't work until I manually went through registries with their detailed instructions to remove everything. 
*Brian H.: *If possible, first try to run the universal uninstaller found at the link below. This tool will remove all ZoneAlarm data from your computer: When the download box pops up, choose Save, in the next box choose Save to Desktop. Restart the computer before running the tool. 
*Brian H.: *http://download.zonealarm.com/bin/free/support/cpes_clean.exe 
*Brian H.: *Then try re-installing ZoneAlarm again 
*Brian H.: *Here is a link where you can download the latest versions. 
*Brian H.: *http://server.iad.liveperson.net/hc...ETYPE?sf=101133&documentid=345310&action=view 
*Brian H.: *If this tool fails for any reason, or if you want to ensure that all ZoneAlarm files were removed from the system, continue with the steps below. Please make sure that you have the latest version downloaded from the link above first. 
*Brian H.: *01.) Restart your computer 
*Brian H.: *02.) When you see the screen go black and it starts booting back up keep tapping the "F8" key (at the top of your keyboard) 
*Brian H.: *03.) This should bring up a menu. Choose Safe Mode off the menu by using the arrow keys on the keyboard to highlight Safe Mode and press Enter 
*Brian H.: *04.) If you get a message asking to go to Safe Mode, choose Yes. If you get a help and support window, close this. 
*Brian H.: *05.) Once you are at the desktop, Click Start, Computer 
*Brian H.: *06.) Click Tools, Folder Options, View Tab 
*Brian H.: *NOTE: If you cannot see the menu bar with the Tools menu on it, you have to press the Alt-key on the keyboard and the menu bar should then be visible. 
*Brian H.: *07.) Place a dot next to "Show Hidden Files and Folders" 
*Brian H.: *08.) Remove the check from "Hide Protected Operating System Files (Recommended)" 
*Brian H.: *09.) Choose Yes to the warning 
*Brian H.: *10.) Click OK 
*Brian H.: *11.) Double click C: 
*Brian H.: *Note: In the future steps if you do not see any files or folders, please click the "Show Files" link to view them. 
*Brian H.: *12.) Double Click the Program Files Folder 
*Brian H.: *13.) Right Click the Zone Labs Folder, click Delete, and choose Yes 
*Brian H.: *NOTE: If you cannot delete the entire folder, please open the Zone Labs -> ZoneAlarm folder and delete out as many of the files listed here as possible. 
*Brian H.: *14.) Close this window 
*Brian H.: *15.) Click Start, Computer 
*Brian H.: *16.) Double Click C: 
*Brian H.: *17.) Double Click the Windows Folder 
*Brian H.: *18.) Right Click the Internet Logs Folder, click Delete, and choose Yes 
*Brian H.: *19.) Double Click the System32 Folder 
*Brian H.: *20.) Right Click the Zone Labs Folder, click Delete, and choose Yes 
*Brian H.: *NOTE: If you cannot delete the entire folder, please open the Zone Labs folder and delete out as many of the files listed here as possible. 
*Brian H.: *21.) Locate and delete the following files in the System32 folder if they are present: 
*Brian H.: *- vsconfig.xml 
*Brian H.: *- vsxml.dll 
*Brian H.: *- vsregexp.dll 
*Brian H.: *- vsdata.dll 
*Brian H.: *- vsdata95.vxd 
*Brian H.: *- vsdatant.sys 
*Brian H.: *- vsmonapi.dll 
*Brian H.: *- vspubapi.dll 
*Brian H.: *- vsinit.dll 
*Brian H.: *- vsutil.dll 
*Brian H.: *- vswmi.dll 
*Brian H.: *- zlcommdb.dll 
*Brian H.: *- zlcomm.dll 
*Brian H.: *- zpeng24.dll or zpeng25.dll 
*Brian H.: *22.) Clear your Temp Directory per the instructions below. 
*Brian H.: *- Go to Start -> Run 
*Brian H.: *- Type %temp% and click OK 
*Brian H.: *- Select all of these files and delete them 
*Brian H.: *23.) Clear the Prefetch folder per the instructions below. 
*Brian H.: *- Go to Start -> Run 
*Brian H.: *- Type Prefetch and click OK 
*Brian H.: *- Select all of these files and delete them 
*Brian H.: *NOTE: If you do not have the Run option on the Start menu, you can press and hold the Windows logo key and tap the letter R . 
*Brian H.: *24.) Remove the necessary registry entries: 
*Brian H.: **Important Advisory: Deleting registry entries incorrectly may cause serious problems to your operating system, which may necessitate the need to reinstall it. Please make sure you are able to perform these deletions correctly before you decide to edit the entries. If you are not sure, you should seek help from someone who is familiar with editing the registry. 
*Brian H.: *For information about how to edit the registry in Windows, from your desktop, click Start -> Run -> and type regedit. Click on Help -> Help Topics. Under the Contents tab, click Change Keys and Values (this may be found under the How to... section). 
*Brian H.: *Also, you should always make a backup of the registry before editing it. You can find this in the same section of the Help files. 
*Brian H.: *To remove the needed registry entries, go to Start -> Run and type in regedit. Choose OK, and use the folders on the left side of the Registry Editor window to navigate to the specified directories below. Note that you will remove the entire folder specified (eg. Zone Labs, vsmon, vsdatant): 
*Brian H.: *HKEY_LOCAL_MACHINE\Software\Zone Labs 
*Brian H.: *HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\vsmon 
*Brian H.: *HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\vsdatant 
*Brian H.: *25.) Close this window, then empty your recycle bin. 
*Brian H.: *26.) Restart the computer. 
*Brian H.: *27.) Try to install the latest version again. 
*Brian H.: *NOTE - Links to sites other than ZoneAlarm.com are provided for the convenience of our users. ZoneAlarm does not provide, and is not responsible for, the content users may find on such sites.


----------

