1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Windows XP LAN Trouble

Discussion in 'Networking (Hardware & Software)' started by Mortalbard, 2008/04/18.

  1. 2008/04/19
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    Here's the DSS main.txt

    Deckard's System Scanner v20071014.68
    Run by Joshua on 2008-04-19 18:16:15
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    18: 2008-04-20 01:16:20 UTC - RP351 - Deckard's System Scanner Restore Point
    17: 2008-04-19 17:02:48 UTC - RP350 - System Checkpoint
    16: 2008-04-18 15:48:45 UTC - RP349 - Software Distribution Service 3.0
    15: 2008-04-17 16:27:53 UTC - RP348 - Removed Pure Networks Platform
    14: 2008-04-17 16:27:16 UTC - RP347 - Removed Network Magic


    -- First Restore Point --
    1: 2008-04-11 04:37:25 UTC - RP334 - Installed FIRE GL driver for 3D Studio MAX/VIZ


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as Joshua ********.exe) -------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:17:21 PM, on 4/19/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\WINDOWS\System32\TPHDEXLG.exe
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    c:\program files\lenovo\system update\suservice.exe
    C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\TpShocks.exe
    C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\WINDOWS\system32\TpScrLk.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
    C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    C:\Program Files\SignupShield\bin\signupshield.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
    C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Joshua ********\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\Joshua ********.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aldaily.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.smc.edu:80
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
    O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
    O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
    O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
    O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
    O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
    O4 - HKLM\..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
    O4 - HKLM\..\Run: [frymxins] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl "
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
    O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
    O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
    O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
    O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    O4 - HKLM\..\Run: [signupshield] C:\Program Files\SignupShield\bin\signupshield.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe "
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: LaunchU3.exe.lnk = ?
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
    O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\PkgMgr.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O11 - Options group: [JAVA_IBM] Java (IBM)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://www.runaware.com/dolphin/wficat.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
    O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1099723804360
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} (CInstallLPCtrl Object) - http://u3.sandisk.com/download/apps/LPInstaller.CAB
    O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
    O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
    O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
    O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
    O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
    O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

    --
    End of file - 12462 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R1 ANC - c:\windows\system32\drivers\anc.sys <Not Verified; IBM Corp.; IBM Access Connections>
    R1 IBMTPCHK - c:\windows\system32\drivers\ibmbldid.sys
    R1 Smapint - c:\windows\system32\drivers\smapint.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
    R1 TDSMAPI - c:\windows\system32\drivers\tdsmapi.sys
    R1 TPHKDRV - c:\windows\system32\drivers\tphkdrv.sys <Not Verified; IBM Corporation; ThinkPad OnScreenDisplay>
    R1 TPPWR - c:\windows\system32\drivers\tppwr.sys <Not Verified; IBM Corp.; IBM ThinkPad Utility>
    R1 TSMAPIP - c:\windows\system32\drivers\tsmapip.sys
    R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.7.5.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Cisco Systems, Inc.; AEGIS Protocol 3.7.5.0>
    R2 EGATHDRV (IBM Access Support) - c:\windows\system32\egathdrv.sys <Not Verified; IBM Corporation; IBM eGatherer>
    R2 PMEM - c:\windows\system32\drivers\pmemnt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
    R2 smi2 - c:\program files\smi2\smi2.sys <Not Verified; IBM Corp.; TVT SMI Bios driver>
    R2 tvtfilter - c:\windows\system32\drivers\tvtfilter.sys <Not Verified; Lenovo; Rescue and Recovery>
    R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>

    S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
    R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
    R2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
    R2 SUService (System Update) - c:\program files\lenovo\system update\suservice.exe <Not Verified; Lenovo Group Limited; ThinkVantage System Update Service>
    R2 TpKmpSVC (IBM KCU Service) - c:\windows\system32\tpkmpsvc.exe
    R2 TVT Scheduler - "c:\program files\common files\lenovo\scheduler\tvtsched.exe" <Not Verified; Lenovo Group Limited; tvtsched Module>
    R2 tvtnetwk - c:\program files\lenovo\rescue and recovery\adm\iuservice.exe
    R3 ACS (ACU Configuration Service) - c:\windows\system32\acs.exe

    S3 PsaSrv (IBM PSA Access Driver Control) - c:\windows\system32\psasrv.exe (file missing)


    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) PRO/1000 MT Mobile Connection
    Device ID: PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0
    Manufacturer: Intel
    Name: Intel(R) PRO/1000 MT Mobile Connection
    PNP Device ID: PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0
    Service: E1000


    -- Files created between 2008-03-19 and 2008-04-19 -----------------------------

    2008-04-19 18:14:53 0 d-------- C:\Program Files\Trend Micro
    2008-04-18 19:50:54 0 d-------- C:\Program Files\Panda Security
    2008-04-18 08:48:51 0 d-------- C:\Program Files\MSXML 6.0
    2008-04-18 00:37:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
    2008-04-17 23:08:35 0 d-------- C:\Program Files\ACW
    2008-04-17 00:55:12 0 d-------- C:\Program Files\iPod
    2008-04-17 00:55:07 0 d-------- C:\Program Files\iTunes
    2008-04-17 00:54:56 0 d-------- C:\Program Files\Bonjour
    2008-04-17 00:53:46 0 d-------- C:\Program Files\Apple Software Update
    2008-04-17 00:53:38 0 d------c- C:\WINDOWS\system32\DRVSTORE
    2008-04-17 00:53:26 0 d-------- C:\Program Files\Common Files\Apple
    2008-04-17 00:53:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2008-04-14 21:10:32 0 d--h----- C:\WINDOWS\system32\GroupPolicy
    2008-04-12 23:28:57 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\OfficeUpdate12
    2008-04-12 23:28:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
    2008-04-12 23:25:55 0 d-------- C:\Program Files\Microsoft ActiveSync
    2008-04-12 23:24:50 0 d-------- C:\Program Files\Microsoft.NET
    2008-04-12 23:22:16 0 dr-h----- C:\MSOCache
    2008-04-10 22:30:41 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\SignupShield
    2008-04-10 22:30:37 0 d-------- C:\Program Files\SignupShield
    2008-04-10 22:13:44 0 d-------- C:\Program Files\Lavasoft
    2008-04-10 22:13:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-04-10 22:13:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-10 21:55:25 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-04-10 21:38:34 0 d-------- C:\Documents and Settings\All Users\Application Data\PC-Doctor
    2008-04-10 21:37:45 0 d-------- C:\Program Files\PCDR5


    -- Find3M Report ---------------------------------------------------------------

    2008-04-18 00:37:19 0 d-------- C:\Program Files\Intel
    2008-04-17 09:27:58 0 d-------- C:\Program Files\Common Files
    2008-04-17 00:54:43 0 d-------- C:\Program Files\QuickTime
    2008-04-14 23:56:35 0 d-------- C:\Program Files\Common Files\Adobe
    2008-04-13 00:00:00 5427 --a------ C:\WINDOWS\system32\EGATHDRV.SYS <Not Verified; IBM Corporation; IBM eGatherer>
    2008-04-12 00:27:07 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\Adobe
    2008-04-10 21:59:23 0 d-------- C:\Program Files\Ace Utilities
    2008-04-10 21:21:59 221 --a------ C:\WINDOWS\x
    2008-04-10 20:48:54 0 d-------- C:\Program Files\Common Files\Lenovo
    2008-04-10 20:48:53 0 d-------- C:\Program Files\Lenovo
    2008-03-17 14:49:26 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "S3TRAY2 "= "S3Tray2.exe" [10/12/2001 12:32 AM C:\WINDOWS\system32\S3Tray2.exe]
    "SynTPLpr "= "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [02/14/2006 02:17 PM]
    "SynTPEnh "= "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [02/14/2006 02:16 PM]
    "BluetoothAuthenticationAgent "= "bthprops.cpl" [08/04/2004 12:56 AM C:\WINDOWS\system32\bthprops.cpl]
    "TPKMAPHELPER "= "C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe" [10/28/2005 07:04 PM]
    "TpShocks "= "TpShocks.exe" [11/22/2007 03:09 PM C:\WINDOWS\system32\TpShocks.exe]
    "TPHOTKEY "= "C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe" [03/09/2007 02:49 PM]
    "TP4EX "= "tp4ex.exe" [10/17/2005 02:11 AM C:\WINDOWS\system32\TP4EX.exe]
    "EZEJMNAP "= "C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [04/27/2007 02:33 AM]
    "ATIPTA "= "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [02/06/2007 09:00 PM]
    "@ "=" " []
    "dla "= "C:\WINDOWS\system32\dla\tfswctrl.exe" [10/22/2003 02:04 AM]
    "Synchronization Manager "= "C:\WINDOWS\system32\mobsync.exe" [08/04/2004 12:56 AM]
    "BMMGAG "= "C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll" [04/19/2005 11:38 PM]
    "BMMLREF "= "C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE" [04/19/2005 11:38 PM]
    "BMMMONWND "= "C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll" [04/19/2005 11:38 PM]
    "BLOG "= "C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [04/19/2005 11:38 PM]
    "frymxins "= "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" []
    "SoundMAXPnP "= "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [10/14/2004 07:11 AM]
    "SoundMAX "= "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [09/23/2004 10:41 AM]
    "TPKBDLED "= "C:\WINDOWS\system32\TpScrLk.exe" [10/08/2002 08:28 PM]
    "PRONoMgrWired "= "C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe" [08/06/2003 02:08 PM]
    "ACWLIcon "= "C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [03/14/2008 06:53 PM]
    "cssauth "= "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" [05/12/2006 08:15 PM]
    "TVT Scheduler Proxy "= "C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [03/04/2008 10:34 AM]
    "signupshield "= "C:\Program Files\SignupShield\bin\signupshield.exe" [03/20/2008 05:11 PM]
    "Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
    "QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
    "iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IBM RecordNow! "=" " []
    "Shell "= "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" []
    "ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [1/3/2006 8:11:25 PM]
    LaunchU3.exe.lnk - C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe [6/17/2006 1:18:07 AM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
    ACNotify.dll 03/14/2008 06:54 PM 32768 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
    C:\Program Files\Lenovo\HOTKEY\notifyf2.dll 09/06/2006 04:37 PM 34344 C:\Program Files\Lenovo\HOTKEY\notifyf2.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
    C:\Program Files\Lenovo\HOTKEY\tphklock.dll 12/14/2006 11:06 AM 28672 C:\Program Files\Lenovo\HOTKEY\tphklock.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages "= scecli ACGina

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @= "Volume shadow copy "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Audible Download Manager.lnk]
    backup=C:\WINDOWS\pss\Audible Download Manager.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
    backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kensington Personal Firewall.lnk]
    backup=C:\WINDOWS\pss\Kensington Personal Firewall.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
    "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "ibmmessages "=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "ibmmessages "=C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs BthServ


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    AutoRun\command- E:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43bdb480-6077-11da-a2b5-00054e4b3edb}]
    AutoRun\command- E:\KPF.exe




    -- End of Deckard's System Scanner: finished at 2008-04-19 18:17:54 ------------
     
  2. 2008/04/19
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    And here's the DSS extra.txt

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professional (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) M processor 1.80GHz
    Percentage of Memory in Use: 39%
    Physical Memory (total/avail): 1022.86 MiB / 620.24 MiB
    Pagefile Memory (total/avail): 2462.5 MiB / 2139.17 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1922 MiB

    C: is Fixed (NTFS) - 51.6 GiB total, 37.44 GiB free.
    D: is CDROM (CDFS)

    \\.\PHYSICALDRIVE0 - HTS726060M9AT00 - 55.89 GiB - 2 partitions
    \PARTITION0 (bootable) - Installable File System - 51.6 GiB - C:
    \PARTITION1 - Unknown - 4.29 GiB



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    AntivirusOverride is set.


    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "C:\\Program Files\\IBM\\Updater\\jre\\bin\\javaw.exe "= "C:\\Program Files\\IBM\\Updater\\jre\\bin\\javaw.exe:*:Enabled:Java launcher "
    "C:\\Program Files\\Internet Explorer\\iexplore.exe "= "C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer "
    "C:\\WINDOWS\\explorer.exe "= "C:\\WINDOWS\\explorer.exe:*:Enabled:Windows Explorer "
    "%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe "= "C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour "
    "C:\\Program Files\\iTunes\\iTunes.exe "= "C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes "


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Joshua ********\Application Data
    CLASSPATH=.;C:\Program Files\IBM\Java141\jre\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=BIGLET
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Joshua ********
    LOGONSERVER=\\BIGLET
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\PROGRAM FILES\THINKPAD\UTILITIES;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\ATI Technologies\Fire GL 3D Studio Max;C:\WINDOWS\Downloaded Program Files;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ThinkPad\ConnectUtilities;C:\Program Files\Common Files\Lenovo;C:\Program Files\Lenovo\Client Security Solution;C:\Program Files\Intel\Wireless\Bin\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 6, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0d06
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\IBM\Java141\jre\lib\ext\QTJava.zip
    RR=C:\Program Files\Lenovo\Rescue and Recovery
    SESSIONNAME=Console
    SMA=C:\Program Files\ThinkVantage\SMA\
    SWSHARE=C:\SWSHARE
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp
    TMP=C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp
    TVT=C:\Program Files\Lenovo
    TVTCOMMON=C:\Program Files\Common Files\Lenovo
    TVTPYDIR=C:\Program Files\Common Files\Lenovo\Python24
    USERDOMAIN=BIGLET
    USERNAME=Joshua Tompkins
    USERPROFILE=C:\Documents and Settings\Joshua ********
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Joshua ******** (admin)
    Administrator (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
    --> c:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
    --> c:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    --> c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    --> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\SETUP.EXE" -l0x9 ControlPanelAnyText
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{510582B9-2633-11D4-99DC-0000F49094C7}\Setup.exe" UNINSTALL
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\SETUP.EXE" -l0x9 ControlPanel
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Access IBM --> MsiExec.exe /X{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}
    Access IBM Message Center --> MsiExec.exe /X{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}
    Ace Utilities --> "C:\Program Files\Ace Utilities\uninstall.exe "
    Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
    Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
    Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    FIRE GL driver for 3D Studio MAX/VIZ --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}\setup.exe" -l0x9
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    IBM 32-bit Runtime Environment for Java 2, v1.4.1 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6C72E14A-C1F3-45E5-8810-83CE3C19ED63} /l1033
    IBM DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    IBM Integrated Bluetooth II Software --> MsiExec.exe /X{E837279E-4C3F-411A-8E3D-0EFD97F818E3}
    IBM RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    IBM Themes --> MsiExec.exe /I{6CE96A14-61E2-48CC-837E-22710A953ADE}
    IBM ThinkPad Battery MaxiMiser and Power Management Features --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\ThinkPad\UTILIT~1\Unbmm.isu -c "C:\Program Files\ThinkPad\Utilities\Tpinsbmm.dll "
    Intel(R) PRO Network Connections Drivers --> Prounstl.exe
    Intel(R) PROSet for Wired Connections --> MsiExec.exe /I{16906D21-0656-4F8B-9A01-C3D24B5401FC}
    Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
    InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
    iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
    Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
    Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
    MetaFrame Presentation Server Web Client for Win32 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wficat.inf,DefaultUninstall
    Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
    mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
    MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    On Screen Display --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.XP 132 C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
    Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    PC-Doctor 5 for Windows --> C:\Program Files\PCDR5\uninst.exe
    PCPitstop Panda AntiVirus Scan (remove only) --> C:\Program Files\PCPitstop\AV\Uninst.exe
    Pre-Med Flashcards Trial --> MsiExec.exe /I{7454D63B-4BFD-4699-AA41-860BF340187F}
    QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
    Rescue and Recovery --> MsiExec.exe /I{7726CF62-7B45-4E6D-9266-615346816BCA}
    Rescue and Recovery Critical Patch for Windows Update (KB917422) --> MsiExec.exe /X{83E5061B-A69A-46AD-A780-1DA6569FF283}
    Scroll Lock Indicator Utility --> RunDll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\TpScrLk.inf
    Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe "
    Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe "
    SignupShield --> C:\PROGRA~1\SIGNUP~1\bin\UNWISE.EXE C:\PROGRA~1\SIGNUP~1\bin\INSTALL.LOG
    Software Installer --> swiif.exe /U
    Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
    Sony Digital Voice Editor 2 --> C:\PROGRA~1\SONY\DIGITA~1\UNINST.EXE
    SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
    Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
    System Migration Assistant --> MsiExec.exe /X{9EA84FDD-CCC0-47FD-A993-923165BEA47A}
    System Update --> MsiExec.exe /X{8675339C-128C-44DD-83BF-0A5D6ABD8297}
    ThinkPad Configuration --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\setup.exe" -l0x9 -AddRemove
    ThinkPad EasyEject Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1297C681-92D7-40EF-93BF-03F66EC5105C}\SETUP.EXE" -l0x9 -AddRemove
    ThinkPad FullScreen Magnifier --> RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.inf
    ThinkPad Integrated 56K Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014\HXFSETUP.EXE -U -ITkp0559k.inf -ISFG
    ThinkPad Keyboard Customizer Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\setup.exe" -l0x9 anything
    ThinkPad Power Management Driver --> RunDll32.exe tpinspm.dll,Uninstall
    ThinkPad Presentation Director --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\ThinkPad\UTILIT~1\UNNPDR.isu -c "C:\Program Files\ThinkPad\Utilities\Tpinsnpd.dll "
    ThinkPad UltraNav Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll ",standAloneUninstall
    ThinkPad UltraNav Wizard --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\setup.exe" -l0x9 UNINSTALL
    ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}\SETUP.EXE" -l0x9 UNINSTALLFROMSYS
    ThinkVantage Access Connections --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\setup.exe" -l0x9 anything
    ThinkVantage Active Protection System --> MsiExec.exe /X{46A84694-59EC-48F0-964C-7E76E9F8A2ED}
    TrackPoint Accessibility Features --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\setup.exe"
    U3Launcher --> MsiExec.exe /I{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}
    Wallpapers --> MsiExec.exe /I{F386C340-DF4B-4BBA-9503-420FB7EDB395}


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type12103 / Warning
    Event Submitted/Written: 04/17/2008 01:49:49 AM
    Event ID/Source: 1015 / MsiInstaller
    Event Description:
    Failed to connect to server. Error: 0x800401F0

    Event Record #/Type12006 / Error
    Event Submitted/Written: 04/14/2008 00:17:53 AM
    Event ID/Source: 1001 / Application Hang
    Event Description:
    Fault bucket 452615105.

    Event Record #/Type12005 / Error
    Event Submitted/Written: 04/14/2008 00:17:49 AM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Hanging application explorer.exe, version 6.0.2900.3156, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Event Record #/Type11989 / Warning
    Event Submitted/Written: 04/12/2008 11:46:26 PM
    Event ID/Source: 40 / WinMgmt
    Event Description:
    WMI ADAP was unable to create the object Win32_PerfRawData_ASPNET_2050727_ASPNETAppsv2050727 for Performance Library ASP.NET_2.0.50727 because error 0x80041001 was returned

    Event Record #/Type11988 / Warning
    Event Submitted/Written: 04/12/2008 11:46:26 PM
    Event ID/Source: 35 / WinMgmt
    Event Description:
    WMI ADAP was unable to load the ASP.NET_2.0.50727 performance library because it returned invalid data: 0x0



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type66240 / Error
    Event Submitted/Written: 04/19/2008 05:54:35 PM
    Event ID/Source: 10005 / DCOM
    Event Description:
    DCOM got error "%%1084" attempting to start the service EventSystem with arguments " "
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Event Record #/Type66236 / Error
    Event Submitted/Written: 04/19/2008 05:42:07 PM
    Event ID/Source: 7026 / Service Control Manager
    Event Description:
    The following boot-start or system-start driver(s) failed to load:
    ANC
    Fips
    IBMTPCHK
    intelppm
    Smapint
    TDSMAPI
    TPHKDRV
    TPPWR
    TSMAPIP

    Event Record #/Type66235 / Error
    Event Submitted/Written: 04/19/2008 05:41:18 PM
    Event ID/Source: 10005 / DCOM
    Event Description:
    DCOM got error "%%1084" attempting to start the service EventSystem with arguments " "
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Event Record #/Type66062 / Warning
    Event Submitted/Written: 04/18/2008 07:31:14 PM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Your computer was not able to renew its address from the network (from the
    DHCP Server) for the Network Card with network address 00054E4B3EDB. The following
    error occurred:
    %%1223.
    Your computer will continue to try and obtain an address on its own from
    the network address (DHCP) server.

    Event Record #/Type66055 / Warning
    Event Submitted/Written: 04/18/2008 07:31:13 PM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Your computer was not able to renew its address from the network (from the
    DHCP Server) for the Network Card with network address 00054E4B3EDB. The following
    error occurred:
    %%1223.
    Your computer will continue to try and obtain an address on its own from
    the network address (DHCP) server.



    -- End of Deckard's System Scanner: finished at 2008-04-19 18:17:54 ------------
     

  3. to hide this advert.

  4. 2008/04/19
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    Update

    Mike,

    The laptop networks perfectly in safe mode!

    Joshua
     
  5. 2008/04/19
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    Thats what I thought might be the case.

    In safe mode most all the startup programs are not running. So one of them is causing the problem.

    Download Startup Control panel http://www.mlin.net/files/StartupCPL_EXE.zip

    Run it and start unchecking all the IBM Cr*p but don't disable the Battery meter.

    Start with all IBM and Lenova and Thinkpad stuff. Then reboot and test.

    Using this program does not uninstall or remove anything it only stops it from loading up on boot. Rechecking the item will put it back on next boot.

    I would uncheck quicktime update etc.

    Not only is one of these things the problem but the more you can do without the faster your computer will be also.

    This type of stuff on IBM Dell and Acer I usually uninstall most of anyway and all of it after the warranty is over.

    Do it a step at a time and you will find it.

    I am calling it a night but I think we are on to something now.

    I will expect good news in the morn.

    Good luck,

    Mike
     
  6. 2008/04/20
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    Update

    Mike,

    One by one, I unchecked every single box on every single tab in the startup utility. Everything. It is my sad duty to report that the problem persists.

    What computer god have I offended?

    Joshua
     
  7. 2008/04/20
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    Josh Josh Josh!!!!

    I had time this morn to go over your HJT and DSS!

    Tell me what Virus scanner you think you are running!

    I don't see one running or even installed!

    You have a Virus on your U3 USB Drive unless you have had Kerio personal Firewall on it see below.

    http://www.f-prot.com/virusinfo/descriptions/lirva_c.html

    http://www.auditmypc.com/process/kpf.asp

    Found this in your DSS log
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{43bdb480-6077-11da-a2b5-00054e4b3edb}]
    AutoRun\command- E:\KPF.exe


    We will deal with the USB drive later but remove it now and don't reinsert it untill we are ready to deal with it!

    Do the below in the order given.

    1. Turn off the desktop untill this Laptop is clean after it is clean we need to turn off the Laptop and do all this to the Desktop. Don't have both on at same time untill we clear them as this can spread via network.

    2. Download Prevx http://info.prevx.com/downloadprevx2.asp

    3. Download DrWeb Cure-it http://freedrweb.com/

    4. XClean_Micro http://www.xblock.com/download/xclean_micro.exe

    5. AVG http://free.grisoft.com/ Install and update but do not run

    Once downloaded and installed do not run in full mode but boot to safe mode to run.

    In safe mode

    Begin with Xclean delete all it finds, decline to reboot on each thing it finds

    Then run Prevx

    Then DrWeb. DrWeb Cure-it runs a pre clean then you need to click full scan.

    Then reboot back to Normal mode and run AVG Complete scan.

    Note results of all above and report back results!

    Mike
     
  8. 2008/04/20
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    Josh

    After the laptop is in Safe Mode (non networking) there can be no connection between the 2 computers.

    So as long as the laptop is in safe mode you can begin this process on the Desktop computer.

    After you have all the downloads and updates on the Desktop you can turn off the router while you work on both at the same time.

    Afterwards tho, only have one on at a time if Router is back on and both are in normal mode. If one is in Safe mode non networking then the router can be on.

    Post fresh HJT and DSS logs and reports on each after the AVG scan on both.

    Now if you do have a Virus scanner on the Desktop then use it for now in place of the AVG. But let me know what Virus scanner it is please.

    Mike
     
  9. 2008/04/20
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    Laptop Cleaned

    Here's the HJT log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:56:32 PM, on 4/20/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\PrevxCSI\PrevxCSI.exe
    C:\Program Files\PrevxCSI\PrevxCSI.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\WINDOWS\System32\TPHDEXLG.exe
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
    C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    c:\program files\lenovo\system update\suservice.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aldaily.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.smc.edu:80
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
    O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\PkgMgr.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O11 - Options group: [JAVA_IBM] Java (IBM)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://www.runaware.com/dolphin/wficat.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
    O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1099723804360
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} (CInstallLPCtrl Object) - http://u3.sandisk.com/download/apps/LPInstaller.CAB
    O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
    O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\\PrevxCSI.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
    O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
    O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
    O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
    O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

    --
    End of file - 9850 bytes
     
  10. 2008/04/20
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    And here's the DSS log:

    Deckard's System Scanner v20071014.68
    Run by Joshua ******** on 2008-04-20 17:57:39
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------



    -- HijackThis (run as Joshua ********.exe) -------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:57:40 PM, on 4/20/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\PrevxCSI\PrevxCSI.exe
    C:\Program Files\PrevxCSI\PrevxCSI.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\WINDOWS\System32\TPHDEXLG.exe
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
    C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    c:\program files\lenovo\system update\suservice.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Joshua ********\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\JOSHUA~1.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aldaily.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.smc.edu:80
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
    O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java141\jre\bin\NPJPI141.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\PkgMgr.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O11 - Options group: [JAVA_IBM] Java (IBM)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://www.runaware.com/dolphin/wficat.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
    O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1099723804360
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} (CInstallLPCtrl Object) - http://u3.sandisk.com/download/apps/LPInstaller.CAB
    O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
    O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\\PrevxCSI.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
    O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
    O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
    O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
    O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

    --
    End of file - 9897 bytes

    -- Files created between 2008-03-20 and 2008-04-20 -----------------------------

    2008-04-20 09:00:22 0 d-------- C:\Documents and Settings\Joshua ********\DoctorWeb
    2008-04-20 08:42:20 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\AVG7
    2008-04-20 08:42:14 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
    2008-04-20 08:41:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2008-04-20 08:41:56 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
    2008-04-20 08:39:27 10880 --a------ C:\WINDOWS\system32\drivers\pxark.sys <Not Verified; ; Prevx CSI>
    2008-04-20 08:39:27 0 d-------- C:\Program Files\PrevxCSI
    2008-04-20 08:39:21 0 d-------- C:\Documents and Settings\All Users\Application Data\PrevxCSI
    2008-04-19 18:14:53 0 d-------- C:\Program Files\Trend Micro
    2008-04-18 19:50:54 0 d-------- C:\Program Files\Panda Security
    2008-04-18 08:48:51 0 d-------- C:\Program Files\MSXML 6.0
    2008-04-18 00:37:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
    2008-04-17 23:08:35 0 d-------- C:\Program Files\ACW
    2008-04-17 00:55:12 0 d-------- C:\Program Files\iPod
    2008-04-17 00:55:07 0 d-------- C:\Program Files\iTunes
    2008-04-17 00:54:56 0 d-------- C:\Program Files\Bonjour
    2008-04-17 00:53:46 0 d-------- C:\Program Files\Apple Software Update
    2008-04-17 00:53:38 0 d------c- C:\WINDOWS\system32\DRVSTORE
    2008-04-17 00:53:26 0 d-------- C:\Program Files\Common Files\Apple
    2008-04-17 00:53:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2008-04-14 21:10:32 0 d--h----- C:\WINDOWS\system32\GroupPolicy
    2008-04-12 23:28:57 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\OfficeUpdate12
    2008-04-12 23:28:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
    2008-04-12 23:25:55 0 d-------- C:\Program Files\Microsoft ActiveSync
    2008-04-12 23:24:50 0 d-------- C:\Program Files\Microsoft.NET
    2008-04-12 23:22:16 0 dr-h----- C:\MSOCache
    2008-04-10 22:30:41 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\SignupShield
    2008-04-10 22:30:37 0 d-------- C:\Program Files\SignupShield
    2008-04-10 22:13:44 0 d-------- C:\Program Files\Lavasoft
    2008-04-10 22:13:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-04-10 22:13:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-10 21:55:25 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-04-10 21:38:34 0 d-------- C:\Documents and Settings\All Users\Application Data\PC-Doctor
    2008-04-10 21:37:45 0 d-------- C:\Program Files\PCDR5


    -- Find3M Report ---------------------------------------------------------------

    2008-04-20 00:00:00 5427 --a------ C:\WINDOWS\system32\EGATHDRV.SYS <Not Verified; IBM Corporation; IBM eGatherer>
    2008-04-18 00:37:19 0 d-------- C:\Program Files\Intel
    2008-04-17 09:27:58 0 d-------- C:\Program Files\Common Files
    2008-04-17 00:54:43 0 d-------- C:\Program Files\QuickTime
    2008-04-14 23:56:35 0 d-------- C:\Program Files\Common Files\Adobe
    2008-04-12 00:27:07 0 d-------- C:\Documents and Settings\Joshua ********\Application Data\Adobe
    2008-04-10 21:59:23 0 d-------- C:\Program Files\Ace Utilities
    2008-04-10 21:21:59 221 --a------ C:\WINDOWS\x
    2008-04-10 20:48:54 0 d-------- C:\Program Files\Common Files\Lenovo
    2008-04-10 20:48:53 0 d-------- C:\Program Files\Lenovo
    2008-03-17 14:49:26 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [04/20/2008 08:42 AM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
    ACNotify.dll 03/14/2008 06:54 PM 32768 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
    C:\Program Files\Lenovo\HOTKEY\notifyf2.dll 09/06/2006 04:37 PM 34344 C:\Program Files\Lenovo\HOTKEY\notifyf2.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
    C:\Program Files\Lenovo\HOTKEY\tphklock.dll 12/14/2006 11:06 AM 28672 C:\Program Files\Lenovo\HOTKEY\tphklock.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages "= scecli ACGina

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @= "Volume shadow copy "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Audible Download Manager.lnk]
    backup=C:\WINDOWS\pss\Audible Download Manager.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
    backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kensington Personal Firewall.lnk]
    backup=C:\WINDOWS\pss\Kensington Personal Firewall.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
    "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "ibmmessages "=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "ibmmessages "=C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs BthServ


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    AutoRun\command- E:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43bdb480-6077-11da-a2b5-00054e4b3edb}]
    AutoRun\command- E:\KPF.exe




    -- End of Deckard's System Scanner: finished at 2008-04-20 17:58:01 ------------
     
  11. 2008/04/20
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    P.s.

    Mike,

    Okay, the laptop has been cleaned. The utilities found a little bit of spyware (I use AdAware regularly) but not much else.

    I will now shut off the laptop and clean the desktop.

    To finally answer your question, I must admit that I have no anti-virus software on either computer. About once a month or so I visit. www.pandasecurity.com and run the scan.

    I will post the desktop logs later this evening. Thanks again for your tireless help.

    Joshua
     
  12. 2008/04/21
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    Hi Josh

    I hoping for something we could deal with. Oh well....

    Ok we can forget the reference to a Virus on the USB device as this is a special laptop Firewall for the USB U3 drive.

    I am not sure if it is our problem but should only be active when the USB drive is active.

    For reference see: http://us.kensington.com/html/6500.html

    You may now use the USB drive.

    I need to see a deeper view of your Startups.

    Go here Download Autorun
    http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

    Run it and go to options and Check "Hide microsoft Entries" then hit the F5 key to refresh.

    Then hit Ctrl A and chose Save As

    accept the default Autoruns.txt then post this back to here.


    From the cmd prompt
    copy and paste the following 1 at a time

    dir c:\windows\x > "%USERPROFILE% "\Desktop\x.txt

    type c:\windows\x >> "%USERPROFILE% "\Desktop\x.txt

    Then on Desktop paste the contents of this file (x.txt) back.

    You may delete all these txt icons now.

    Lastly in Local Area connection uncheck but not remove the following if they exist (on both computers)

    Qos Packet Scheduler
    IP version 6
    any protocol beginning with the letters nw (netware not needed)
    reboot after doing so.

    Let me know the results.


    Mike
     
  13. 2008/04/21
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    Here's the Autoruns Text

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    + AVG7_CC AVG Control Center GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgcc.exe
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
    + 0 File not found: About:Home
    HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
    + AVG7 Shell Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll
    + WipeExt Wipext Module c:\program files\ace utilities\wipext.dll
    HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
    + AVG7 Shell Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll
    + WipeExt Wipext Module c:\program files\ace utilities\wipext.dll
    HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
    + PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
    + 7-Zip Shell Extension c:\program files\thinkvantage\sma\7z\7-zip.dll
    + AVG7 Find Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll
    + AVG7 Shell Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll
    + Display Panning CPL Extension File not found: deskpan.dll
    + DriveLetterAccess Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfswshx.dll
    + HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll
    + iTunes iTunes Mini Player DLL Apple Inc. c:\program files\itunes\itunesminiplayer.dll
    + My Bluetooth Places BTNeighborhood DLL WIDCOMM, Inc. c:\windows\system32\btneighborhood.dll
    + RecordNow! SendToExt Shell Extensions c:\program files\ibm recordnow!\shlext.dll
    + Sony Digital Voice File Shell Extention Module IcdShlex.dll (E) Sony Corporation c:\windows\system32\icdshlex.dll
    + WipeExt Class Wipext Module c:\program files\ace utilities\wipext.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
    + Adobe PDF Reader Link Helper Adobe PDF Helper for Internet Explorer Adobe Systems Incorporated c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
    + DriveLetterAccess Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfswshx.dll
    + {53707962-6F74-2D53-2644-206D7942484F} Bad download blocker Safer Networking Limited c:\program files\spybot - search & destroy\sdhelper.dll
    HKLM\Software\Microsoft\Internet Explorer\Extensions
    + Send To &Bluetooth c:\program files\ibm\bluetooth software\btsendto_ie.htm
    + Software Installer Software Installer Lenovo Group Limited c:\program files\thinkpad\pkgmgr\pkgmgr.exe
    HKLM\System\CurrentControlSet\Services
    + aawservice Protects your computer from spyware Lavasoft c:\program files\lavasoft\ad-aware 2007\aawservice.exe
    + AcPrfMgrSvc Access Connections Profile Manager Service Lenovo c:\program files\thinkpad\connectutilities\acprfmgrsvc.exe
    + AcSvc Access Connections Main Service Lenovo c:\program files\thinkpad\connectutilities\acsvc.exe
    + Apple Mobile Device Provides the interface to Apple mobile devices. Apple, Inc. c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
    + Ati HotKey Poller ATI External Event Utility EXE Module ATI Technologies Inc. c:\windows\system32\ati2evxx.exe
    + Avg7Alrt AVG Alert Manager GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgamsvr.exe
    + Avg7UpdSvc AVG Update Service GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgupsvc.exe
    + Bonjour Service Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence, so that users can discover and use those services without any unnecessary manual setup or administration. Apple Inc. c:\program files\bonjour\mdnsresponder.exe
    + btwdins Bluetooth Support Server WIDCOMM, Inc. c:\program files\ibm\bluetooth software\bin\btwdins.exe
    + CSIScanner Scans your PC to check for malware threats that may have bypassed your antivirus or antispyware products Prevx c:\program files\prevxcsi\prevxcsi.exe
    + EvtEng Manages the event trace messages for all the components of Intel(R) PROSet/Wireless software. Intel Corporation c:\program files\intel\wireless\bin\evteng.exe
    + IBMPMSVC ThinkPad Power Management Service Lenovo c:\windows\system32\ibmpmsvc.exe
    + RegSrvc Intel(R) PROSet/Wireless Registry Service Intel Corporation c:\program files\intel\wireless\bin\regsrvc.exe
    + S24EventMonitor Wireless Management Service for Intel(R) PROSet/Wireless Intel Corporation c:\program files\intel\wireless\bin\s24evmon.exe
    + SoundMAX Agent Service (default) SoundMAX service agent component Analog Devices, Inc. c:\program files\analog devices\soundmax\smagent.exe
    + SUService ThinkVantage System Update Service Lenovo Group Limited c:\program files\lenovo\system update\suservice.exe
    + ThinkVantage Registry Monitor Service ThinkVantage Registry Monitor Service Lenovo Group Limited c:\program files\common files\lenovo\tvt_reg_monitor_svc.exe
    + TPHDEXLGSVC ThinkVantage Active Protection System - HDD Logger Module Lenovo. c:\windows\system32\tphdexlg.exe
    + TpKmpSVC c:\windows\system32\tpkmpsvc.exe
    + TSSCoreService tvttcsd Application IBM c:\program files\lenovo\client security solution\tvttcsd.exe
    + TVT Backup Service Rescue and Recovery Backup Service Lenovo Group Limited c:\program files\lenovo\rescue and recovery\rrservice.exe
    + TVT Scheduler ThinkVantage Scheduler Lenovo Group Limited c:\program files\common files\lenovo\scheduler\tvtsched.exe
    + tvtnetwk c:\program files\lenovo\rescue and recovery\adm\iuservice.exe
    HKLM\System\CurrentControlSet\Services
    + ac97intc Intel(r) Integrated Controller Hub Audio Driver Intel Corporation c:\windows\system32\drivers\ac97intc.sys
    + aeaudio Andrea Audio Noise Cancellation Driver Andrea Electronics Corporation c:\windows\system32\drivers\aeaudio.sys
    + AegisP AEGIS Protocol (IEEE 802.1x) v3.7.5.0 Cisco Systems, Inc. c:\windows\system32\drivers\aegisp.sys
    + ANC IBM Access Connections - ANC IBM Corp. c:\windows\system32\drivers\anc.sys
    + AR5211 Driver for Atheros AR5001 Wireless Network Adapter Atheros Communications, Inc. c:\windows\system32\drivers\ar5211.sys
    + ati2mtag ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys
    + atmeltpm Atmel TPM Driver Atmel, Inc. c:\windows\system32\drivers\atmeltpm.sys
    + Avg7Core AVG Scanning Engine GRISOFT, s.r.o. c:\windows\system32\drivers\avg7core.sys
    + Avg7RsW AVG Resident Shield Unload Helper GRISOFT, s.r.o. c:\windows\system32\drivers\avg7rsw.sys
    + Avg7RsXP AVG Resident Anti-Virus Shield GRISOFT, s.r.o. c:\windows\system32\drivers\avg7rsxp.sys
    + AvgClean AVG7 Clean Driver GRISOFT, s.r.o. c:\windows\system32\drivers\avgclean.sys
    + BTKRNL Bluetooth Protocol Driver for Windows 2000 WIDCOMM, Inc. c:\windows\system32\drivers\btkrnl.sys
    + Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys
    + CmdIde CMD PCI IDE Bus Driver CMD Technology, Inc. c:\windows\system32\drivers\cmdide.sys
    + drvmcdb Device Driver Sonic Solutions c:\windows\system32\drivers\drvmcdb.sys
    + drvnddm Device Driver Manager Sonic Solutions c:\windows\system32\drivers\drvnddm.sys
    + E1000 Intel(R) PRO/1000 Adapter NDIS 5.1 deserialized driver Intel Corporation c:\windows\system32\drivers\e1000325.sys
    + E100B NDIS 5 driver Intel Corporation c:\windows\system32\drivers\e100b325.sys
    + EGATHDRV IBM eGatherer Kernel Module IBM Corporation c:\windows\system32\egathdrv.sys
    + GEARAspiWDM CD DVD Filter GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys
    + HSF_DPV HSF_DP driver Conexant Systems, Inc. c:\windows\system32\drivers\hsf_dpv.sys
    + HSFHWICH HSFHWICH WDM driver Conexant Systems, Inc. c:\windows\system32\drivers\hsfhwich.sys
    + IBMPMDRV ThinkPad Power Management Driver Lenovo. c:\windows\system32\drivers\ibmpmdrv.sys
    + IBMTPCHK c:\windows\system32\drivers\ibmbldid.sys
    + lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys
    + ltmodem5 LT Windows Modem LT c:\windows\system32\drivers\ltmdmnt.sys
    + mdmxsdk Diagnostic Interface DRIVER Conexant c:\windows\system32\drivers\mdmxsdk.sys
    + NSCIRDA NSC Fast Infrared Driver. National Semiconductor Corporation c:\windows\system32\drivers\nscirda.sys
    + PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys
    + PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys
    + PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys
    + PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys
    + PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys
    + Pfc Padus(R) ASPI Shell Padus, Inc. c:\windows\system32\drivers\pfc.sys
    + psadd SMBIOS Driver Lenovo (United States) Inc. c:\windows\system32\drivers\psadd.sys
    + Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys
    + pxark Prevx CSI Rootkit Detection and Removal Engine c:\windows\system32\drivers\pxark.sys
    + PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
    + s24trans WLAN Transport Intel Corporation c:\windows\system32\drivers\s24trans.sys
    + S3SSavage S3 Graphics SuperSavage Miniport S3 Graphics, Inc. c:\windows\system32\drivers\s3ssavm.sys
    + Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys
    + Shockprf Shockproof Disk Driver Lenovo. c:\windows\system32\drivers\apsx86.sys
    + smi2 SMI BIOS driver IBM Corp. c:\program files\smi2\smi2.sys
    + smwdm SoundMAX Integrated Digital Audio Analog Devices, Inc. c:\windows\system32\drivers\smwdm.sys
    + sscdbhk5 Shared Driver Component Sonic Solutions c:\windows\system32\drivers\sscdbhk5.sys
    + ssrtln Shared Driver Component Sonic Solutions c:\windows\system32\drivers\ssrtln.sys
    + SynTP Synaptics Touchpad Driver Synaptics, Inc. c:\windows\system32\drivers\syntp.sys
    + TDSMAPI c:\windows\system32\drivers\tdsmapi.sys
    + tfsnboio Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsnboio.sys
    + tfsncofs Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsncofs.sys
    + tfsndrct Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsndrct.sys
    + tfsndres Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsndres.sys
    + tfsnifs Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsnifs.sys
    + tfsnopio Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsnopio.sys
    + tfsnpool Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsnpool.sys
    + tfsnudf Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsnudf.sys
    + tfsnudfa Drive Letter Access Component Sonic Solutions c:\windows\system32\dla\tfsnudfa.sys
    + TPDIGIMN APS Digitizer Activity Monitor Lenovo. c:\windows\system32\drivers\apshm86.sys
    + TPHKDRV ThinkPad Hotkey Driver IBM Corporation c:\windows\system32\drivers\tphkdrv.sys
    + TPPWR IBM ThinkPad Power Management Device Driver IBM Corp. c:\windows\system32\drivers\tppwr.sys
    + TSMAPIP c:\windows\system32\drivers\tsmapip.sys
    + tvtfilter Rescue and Recovery filter driver Lenovo c:\windows\system32\drivers\tvtfilter.sys
    + TVTPktFilter TVT NDIS 5.1 Intermediate Miniport Filter Driver Lenovo Group Limited c:\windows\system32\drivers\tvtpktfilter.sys
    + TwoTrack IBM PS/2 TrackPoint Mouse Filter Driver IBM Corporation c:\windows\system32\drivers\twotrack.sys
    + UIUSys File not found: system32\drivers\UIUSys.sys
    + WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys
    + winachsf HSF_CNXT driver Conexant Systems, Inc. c:\windows\system32\drivers\hsf_cnxt.sys
    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    + lsdelete c:\windows\system32\lsdelete.exe
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    + ACNotify Access Connections Notify Support Module Lenovo c:\program files\thinkpad\connectutilities\acnotify.dll
    + AtiExtEvent ATI External Event Utility DLL Module ATI Technologies Inc. c:\windows\system32\ati2evxx.dll
    + tpfnf2 c:\program files\lenovo\hotkey\notifyf2.dll
    + tphotkey c:\program files\lenovo\hotkey\tphklock.dll
    HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
    + Bluetooth Printer Port bthcrp DLL WIDCOMM, Inc. c:\windows\system32\bthcrp.dll
    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
    + ACGina Access Connections Gina Module Lenovo c:\program files\thinkpad\connectutilities\acgina.dll
    HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
    + IntelNetProvCredMan IntelNetProvCredMan Intel Corporation c:\windows\system32\netprovcredman.dll
     
  14. 2008/04/21
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    All the startups even this deep look OK!

    I am interested in the results of the cleanup/scans on the desktop.

    And on the QOS IP6 etc on both!

    Mike
     
  15. 2008/04/21
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    You are doing a fantastic job!

    We will get this, I will stick with you all the way!

    We have all the big jobs Virus and Malware scanning etc done.

    Mike
     
  16. 2008/04/21
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    Josh

    Lets stop and do the below before we continue. And we may not need to continue at all if it works.

    You are obtaining IP adddress via DHCP. You router is appearently assigning IP's from 192.???.?.100 up.

    So lets try a static lan IP on both.

    Local Area connection-Properties-Internet protocol (TCP/IP)

    Put dot in use the following.

    On the one that has the .100 change it to .10 on the one that ends in .101 make it .11

    NEXT "

    On BIGLET that you changed to .11

    Browse to windows\system32\drivers\etc
    find the hosts file rt click and open to edit only with notepad

    find this line 127.0.0.1 localhost
    Add the below directly below that line

    192.???.?.10 sasquatch

    Make it look like this

    127.0.0.1 localhost
    192.???.?.10 sasquatch

    Leave all othe lines as they are just hit enter at the end of localhost to add a line

    Of course use the correct numbers in place of ???.
    --------------------------

    on sasquatch
    Make it look like this

    127.0.0.1 localhost
    192.???.?.11 BIGLET

    Now reboot and do the following before testing Sharing


    Past below to CMD prmt one line at at time then post the file it creates on desktop.

    On Sasquash
    pathping BIGLET > "%USERPROFILE% "\Desktop\pathping.txt
    pathping 192.???.?11 >> "%USERPROFILE% "\Desktop\pathping.txt

    On BIGLET
    pathping sasquatch >> "%USERPROFILE% "\Desktop\pathping.txt
    pathping 192.???.?10 >> "%USERPROFILE% "\Desktop\pathping.txt

    Now test Sharing.

    NOTE to see the Drivers\etc folder you may need to enable Show hidden files and folder and the Hosts file my be Read only.

    Mike
     
  17. 2008/04/24
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    I'm Back

    Mike,

    I had to focus on work earlier this week but am now resuming my quest for file sharing. Before I proceed with your instructions in post #35, I want to be about the first step. Are you saying that on the General tab of the TCP/IP Properties window in Network Connections, I should change the setting from "Obtain an IP address automatically" to "Use the following IP address" and enter my current IP address with the numerical change you indicated?

    If so, what subnet mask and default gateway should I input there? The same ones that show up when I type "ipconfig" at a command prompt? And what about the DNS server setting options on the same tab? Should input one manually or leave it set to automatic? Thanks again for all your terrific help.

    Joshua
     
  18. 2008/04/24
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    Yes that is correct.

    The IP, put with all the numbers from ipconfig except change the last number from .100 to .10. and on the other from .101 to 11.

    Subnet will auto fill to 255.255.255.0 on both

    Gateway exactly same as ipconfig on both machines.

    Additionally below in the DNS put dot in Use the following DNS server addresses on both

    Put your gateway address from above probably 192.168.1.1

    Save and reboot

    Mike
     
  19. 2008/04/24
    mflynn

    mflynn Inactive

    Joined:
    2002/08/14
    Messages:
    4,141
    Likes Received:
    9
    I figured you needed a break.:)

    In the Local are connections:
    What we are doing in the last posts is telling Windows explicidly what we want the IP to be. Instead of windows trying to find and set one for us.

    In the HOSTS file we are telling Windows the explicit IP of the other computer so it does not need to take other actions to search for it.

    This may fix your issue and get you a stable connection and sharing but it should work the way you had it.

    Mike
     
  20. 2008/04/24
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    Update

    Mike,

    I'm afraid it didn't work.

    Joshua

    Tracing route to BIGLET [192.***.1.11]

    over a maximum of 30 hops:

    0 sasquatch [192.***.1.10]

    1 * * *

    Computing statistics for 25 seconds...

    Source to Here This Node/Link

    Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address

    0 sasquatch [192.***.1.10]

    100/ 100 =100% |

    1 --- 100/ 100 =100% 0/ 100 = 0% sasquatch [0.0.0.0]



    Trace complete.



    Tracing route to BIGLET [192.***.1.11]

    over a maximum of 30 hops:

    0 sasquatch [192.***.1.10]

    1 * * *

    Computing statistics for 25 seconds...

    Source to Here This Node/Link

    Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address

    0 sasquatch [192.***.1.10]

    100/ 100 =100% |

    1 --- 100/ 100 =100% 0/ 100 = 0% sasquatch [0.0.0.0]



    Trace complete.
     
    Last edited: 2008/04/24
  21. 2008/04/24
    Mortalbard

    Mortalbard Inactive Thread Starter

    Joined:
    2008/04/18
    Messages:
    20
    Likes Received:
    0
    P.s.

    Tracing route to sasquatch [192.***.1.10]

    over a maximum of 30 hops:

    0 BIGLET [192.***.1.11]

    1 * * *

    Computing statistics for 25 seconds...

    Source to Here This Node/Link

    Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address

    0 BIGLET [192.***.1.11]

    100/ 100 =100% |

    1 --- 100/ 100 =100% 0/ 100 = 0% BIGLET [0.0.0.0]



    Trace complete.



    Tracing route to sasquatch [192.***.1.10]

    over a maximum of 30 hops:

    0 BIGLET [192.***.1.11]

    1 * * *

    Computing statistics for 25 seconds...

    Source to Here This Node/Link

    Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address

    0 BIGLET [192.***.1.11]

    100/ 100 =100% |

    1 --- 100/ 100 =100% 0/ 100 = 0% BIGLET [0.0.0.0]



    Trace complete.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.