so SLOOOOOWWWW

Can someone please take a look at my hijack log and let me know if there is a problem that can be fixed. My computer has gotten so slow that I have about given upLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:44 AM, on 1/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
G:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
G:\Program Files\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
G:\WINDOWS\System32\PAStiSvc.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
G:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
G:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
G:\WINDOWS\system32\wuauclt.exe
G:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
G:\PROGRA~1\Grisoft\AVG7\avgcc.exe
G:\PROGRA~1\Grisoft\AVG7\avgemc.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
G:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - g:\program files\hbtools\hbtv\hbtvhelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.5.0_10\bin\jusched.exe "
O4 - HKLM\..\Run: [MimBoot] G:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [AVG7_CC] G:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "G:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [com.codeode.cactusspamfilter] "G:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe" -minimized
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Reboot.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - G:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://clubgames.pogo.com/online2/pogop/mahjong_escape_ancient/PTGameLauncher.cab
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - G:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - G:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - G:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: STI Simulator - Unknown owner - G:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 7315 bytes
hope. Thank You

 

Hi stinkingdog101

You are running two anti-virus programs, this is not a good idea, they can conflict with each other and actually give you less protection
Please remove one 1 of them.
AVG7
Norton AntiVirus

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

hbtools or hbtv

Please note any other programs that you don't recognize in that list and post them in your next response


Please re-open HiJackThis and scan only. Check the boxes next to all the entries listed below.

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - g:\program files\hbtools\hbtv\hbtvhelper.dll (file missing)
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab

Now close all windows other than HiJackThis, then click Fix Checked.

Close HJT.


Using Windows Explorer (to get there right-click your Start button and go to "Explore "), please delete these folders (if present):

g:\program files\hbtools

After that, Reboot.

Please post a New HJT Log into this Thread.
Let me know how thing are.

Thanks
Geri

 

Problem deleting Antivirus

I have tried many times to delete Norton and Symantec in the ADD and Remove Programs page. I can delete a lot and have but these programs are protected in some sort of way. Once you highlite Norton or Symantec the option to remove is not there. Geri I appreciate your help and hope you have an easy solution to this nightmare. Thanks

 

Hi stinkingdog101

Go here and run the Norton Removal Tool for the product version you have.

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039

Did you do the HJT fix? if not please do so.

After doing the above please post a new HJT log.

Thanks
Geri

 

Norton Bye BYe

Finally got the Norton out of there. It is still slow and freezing up. It won't connect to the internet right now and so am having to save the Hijack Logfile on flashdrive and send by my other computer. I did also rebbot and got rid of the lines you told me. Here is the Hijack Log....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:00:32 PM, on 1/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
G:\PROGRA~1\Grisoft\AVG7\avgcc.exe
G:\WINDOWS\system32\ctfmon.exe
G:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
G:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
G:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
G:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
G:\PROGRA~1\Grisoft\AVG7\avgemc.exe
G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
G:\WINDOWS\System32\PAStiSvc.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.5.0_10\bin\jusched.exe "
O4 - HKLM\..\Run: [MimBoot] G:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [AVG7_CC] G:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "G:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [com.codeode.cactusspamfilter] "G:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe" -minimized
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] G:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Reboot.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: g:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - G:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - G:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 4525 bytes
Thanks for your Help......

 

Hi stinkingdog101

Please try this.

Open a command window and type the following commands, hitting enter after each.

ipconfig /release

ipconfig /flushdns

ipconfig /renew

See if the connection is restored. If not, proceed with the following.

Download Winsock XP Fix. Close all open programs and connections. Run Winsock XP Fix and select Fix. Reboot.

Let me know if you get Internet back.

Thanks
Geri

 

Freezing computer

I typed the instructions you gave me in the command window. And also pressed enter after each. I then rebooted. And then I went to the link you gave me and downloaded the fix. It worked perfectly with a laptop that I have and fixed the same problem I had with it. On the computer that we are concerned with in this session though.....the program runs untill it trys to reset the TCP parameters with Netshell. At this point the program freezes and even after an hour doesn't start again. SOOOOOO, whats next?

 

Hi stinkingdog101

Copy the following to a text file and transfer it to the affected computer, then copy all of the text and paste it into a command window, then reboot.

Code:

echo before catalog repair> "%userprofile%\desktop\winsock.txt "
echo ~~~~~~~~~~~~>> "%userprofile%\desktop\winsock.txt "
echo.>> "%userprofile%\desktop\winsock.txt "
netsh winsock show catalog>> "%userprofile%\desktop\winsock.txt "
netsh winsock reset catalog 
echo.>> "%userprofile%\desktop\winsock.txt "
echo after catalog repair>> "%userprofile%\desktop\winsock.txt "
echo ~~~~~~~~~~~~>> "%userprofile%\desktop\winsock.txt "
echo.>> "%userprofile%\desktop\winsock.txt "
netsh winsock show catalog>> "%userprofile%\desktop\winsock.txt "
exit
cls

Post the contents of the winsock.txt file thats on your desktop.

Thanks
Geri

 

This post reads very familiar.
If it is I believe G:\ is a CDROM.

And things such as the above being shown 3 times as running and from two different folders I believe still indicates strongly a 2nd improper install of Windows.
And Again I again I ask. If indeed G: is a CDROM them Why is Windows on it? And I believe that would also explain why Windows is a bit slower at booting.
Another thought ( good or bad ) just crossed my mind. If G: is indeed a CD and does have Windows on it, was it installed by the same machine that you are using it on ?

BillyBob

 

Hi BillyBob,

If you look at the list of running processes you will see they all run from G: That tells us that the OS is installed on G:, which is fine. It's likely a dual boot machine.


RE: 2 paths, see here as a reminder there's not a problem with that << restricted access link
RE: multiple svchost see here as a reminder this is normal << restricted access link

 

Not working to good

I tried in ernest to follow your instructions but came to another glich. Once I tried to paste the text into the command window it would copy only part of the first line. Then it would freeze and no matter what I did I could not get it to copy the full text. I did also try typing the text in by hand line for line but came to a problem also. When I got to the third line I could not get the cursor to move on down to the next line to start my typing. I got a system error message when it did not respond and it closed on its own.

 

Hi stdog,

Please type the following bolded command (quotes included) into a command window, then hit enter. Make sure to put a space between the letters I've colored red.

netsh winsock show catalog> "%userprofile%\desktop\winsock.txt "

Wait for it to return to a command prompt then see if the winsock.txt log is on the desktop and post it's contents.

 

winsock file

Ok...that worked. Here is the winsock file. Hope it helps. Thanks
Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD Tcpip [TCP/IP]
Provider ID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1001
Version: 2
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 1
Protocol: 6
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD Tcpip [UDP/IP]
Provider ID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1002
Version: 2
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 2
Protocol: 17
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD Tcpip [RAW/IP]
Provider ID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1003
Version: 2
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 3
Protocol: 0
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: RSVP UDP Service Provider
Provider ID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path: %SystemRoot%\system32\rsvpsp.dll
Catalog Entry ID: 1004
Version: 6
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 2
Protocol: 17
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: RSVP TCP Service Provider
Provider ID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path: %SystemRoot%\system32\rsvpsp.dll
Catalog Entry ID: 1005
Version: 6
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 1
Protocol: 6
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD nwlnkipx [IPX]
Provider ID: {11058240-BE47-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1064
Version: 2
Address Family: 6
Max Address Length: 16
Min Address Length: 14
Socket Type: 2
Protocol: 1000
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD nwlnkspx [SPX]
Provider ID: {11058241-BE47-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1065
Version: 2
Address Family: 6
Max Address Length: 16
Min Address Length: 14
Socket Type: 5
Protocol: 1256
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD nwlnkspx [SPX] [Pseudo Stream]
Provider ID: {11058241-BE47-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1066
Version: 2
Address Family: 6
Max Address Length: 16
Min Address Length: 14
Socket Type: 1
Protocol: 1256
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD nwlnkspx [SPX II]
Provider ID: {11058241-BE47-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1067
Version: 2
Address Family: 6
Max Address Length: 16
Min Address Length: 14
Socket Type: 5
Protocol: 1257
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD nwlnkspx [SPX II] [Pseudo Stream]
Provider ID: {11058241-BE47-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1068
Version: 2
Address Family: 6
Max Address Length: 16
Min Address Length: 14
Socket Type: 1
Protocol: 1257
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 6
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1069
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -6
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 6
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1070
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -6
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07A58950-731E-43EA-AA97-E1FFBD43FD4B}] SEQPACKET 5
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1071
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -5
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07A58950-731E-43EA-AA97-E1FFBD43FD4B}] DATAGRAM 5
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1072
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -5
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C7A1D91-E86A-4CF3-B392-2CC2AC2D588E}] SEQPACKET 0
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1073
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -2147483648
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5C7A1D91-E86A-4CF3-B392-2CC2AC2D588E}] DATAGRAM 0
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1074
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -2147483648
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B5F4BF3A-91C2-4BEA-AFD3-E5E82570191C}] SEQPACKET 1
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1075
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -1
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B5F4BF3A-91C2-4BEA-AFD3-E5E82570191C}] DATAGRAM 1
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1076
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -1
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{272C5593-2ED4-422F-9579-E93838F1EF9A}] SEQPACKET 2
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1077
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -2
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{272C5593-2ED4-422F-9579-E93838F1EF9A}] DATAGRAM 2
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1078
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -2
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8DD0AD5F-A865-4552-A677-0F2B1BCCECA2}] SEQPACKET 3
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1079
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -3
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8DD0AD5F-A865-4552-A677-0F2B1BCCECA2}] DATAGRAM 3
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1080
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -3
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8179DA44-2923-4139-B47B-2F32CCE395A3}] SEQPACKET 4
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1081
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -4
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8179DA44-2923-4139-B47B-2F32CCE395A3}] DATAGRAM 4
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1082
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -4
Protocol Chain Length: 1

Name Space Provider Entry
------------------------------------------------------
Description: Tcpip
Provider ID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Name Space: 12
Active: 1
Version: 0


Name Space Provider Entry
------------------------------------------------------
Description: NTDS
Provider ID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Name Space: 32
Active: 1
Version: 0


Name Space Provider Entry
------------------------------------------------------
Description: Network Location Awareness (NLA) Namespace
Provider ID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Name Space: 15
Active: 1
Version: 0


Name Space Provider Entry
------------------------------------------------------
Description: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
Provider ID: {E02DAAF0-7E9F-11CF-AE5A-00AA00A7112B}
Name Space: 1
Active: 1
Version: 1

 

Great! That was mainly a log for identifying current LSPs loaded. The next command is supposed to rebuild the whole winsock catalog to default, and we needed the log to compare the new with the current in case a legitimate third party LSP is left out and needs to be re-installed.

Open a command window and type the following command then hit enter.

netsh winsock reset catalog

It may take some time, but when it again returns to a prompt close the command window and restart the computer. See if you have an internet connection. If not, type the following in a command window and hit enter.

ipconfig /all> "%userprofile%\desktop\ipconfig.txt "

Post the contents of ipconfig.txt on the desktop.

 

ipconfig file

Ok...it did not connect to internet so I got the ipconfig file and here it is. Thanks
Windows IP Configuration
Host Name . . . . . . . . . . . . : DANA
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VIA Compatable Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-07-95-4C-51-A8
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.47.226
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :

 

Is the computer connected to a router?

 

Router

Yes it is...but I disconnected the router from this computer and swapped cables. Both cables coming from the router work fine on this computer.

 

Please run the same ipconfig command on the working computer and post the log. With that we can try setting a static ip address on the non-working computer to see if that works.

 

IP on working computer

Windows IP Configuration

Host Name . . . . . . . . . . . . : Dad-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1A-A0-5F-4F-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::905d:bfe1:1bf5:ad74%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 13, 2008 10:02:15 AM
Lease Expires . . . . . . . . . . : Thursday, February 20, 2144 3:05:12 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 201333408
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e50:4c:139b:3f57:fdfc(Preferred)
Link-local IPv6 Address . . . . . : fe80::4c:139b:3f57:fdfc%8(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.3%12(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

 

On the affected computer, open Network Connections and right click the Local Area Connection, then select Properties. Scroll down to Internet Protocol (TCP/IP) in the list and select it, then click Properties.

Select Use the following IP Address
Enter the following (type the numbers and periods)

IP Address: 192.168.2.4
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.2.1

Select Use the following DNS Server addresses

Preferred DNS Server: 192.168.2.1
Alternate DNS Server:

Click OK and OK again to exit the connection's properties dialog.

See if you can connect to the internet. If you can't, open IE and enter the following address then hit enter.

http://192.168.2.1

Do you get a login dialog for the router?