New
#11
Thank you guys...
OK. I want to thank you for all of your answers... I have to say it is quite a relief to have some other minds working with me on this problem as I either end up talking to someone with a blank, glassy-eyed stare as they have no idea what I am talking about, or, if they do, they think I am on some psychotropic substance.
But to the topic. I do not want to sound cocky, but this IS in fact some strange hijacking. Here are some stats. (A) Number of times installed Windows Vista (in the beginning): 2x. (B) # of times I have either wiped the HD and did a slow format and installed Windows 7 straight from the DVD which I burned from the MS image.....untouched from the download (i.e., Build 7000): 40 to 50 times. (C) # times I have reformated my hard drive and installed Ubuntu, only to suffer similar problems with network funny-business (suddenly iwconfig was no longer recognized as a command, or suddenly, I have no wireless adapter.)
I am attaching a number of other docs to this post, namely output from wininternals utilities. I have also included some other items. Please look at them... Some I understand, some I don't (not quite sure how handles work for instance). I will say, irrespective of my complete understanding of all of this output, after about 10 minutes of looking at this stuff, if you have been working with computers for anywhere over 5 years (and I am going on 20...in various areas), something just SMELLS. IT is undeniable. I do not know if this guy who is trying to ruin my life is doing this to several wireless PC's outhtere to build some sort of chained netowrk of his own (if that makes sense), but given the amount of time he has had to have put inot this endeavor, it would seem it has gone beyond a simple revenge for my intrusion into a network to use the net.
Docs attached:
-A VMMAP (sysinternals) report on a service called WmiPrvSE )always in my task manager)
-Another VMMap of services.exe--a common process in taskmanager, but this one that is particularly important to this guy. If I lower the priority (or kill it of course), he shuts down my system (but the system is still on, if you know what I mean, i.e. lights are on --screen is dead). Also, Services.exe has about 10-15 svchost processes running immediately after I login after installation. This cannot be right.
-Pipelist (from sysinternals as well)
-AccessEnum (sysinternals).... OK, look at this. Why are their so many network based processes on here? Why is trustedinstaller everywhere????? [FYI, in the registry where all of these ISATAP and other adapters exists, I have modified them so they will not work (did not touch my wireless adapter), made my Administrator the sole owner of these keys, and made user "SERVICE" (i.e., TrustedInstaller) a user with all privs denied. I actually was able to use my PC for about 4 hours after this!!!!
--autorunsc (wininternals) Also very strange.
--Accesschk (wininternals) -f -t -s (file is called perm.txt) (I think those were the switches) on drive c: Please tell me this does not look crazy.... This is my f&*!inG LAPTOP!!!!
--Laslty, I am sending a copy of HKLM. It also seems unusual, although I will admit, the registry and me are only good friends, not intimate in any way :) .
I really think the only way I am able to install win 7 is to find a hospital or lead-lined room where there is no RF or WIFI. Then install a firewall to keep this guys UDP packets from hitting my adapter. And yes, my adapters are all on. PLUS two ISATAP, TEREDO, SSDP, and a bunch of others... I will try to send a screenshot of my device manager tomorrow (it is loaded with "unknown devices" and numerous other devices when one shows "hidden devices" from the menu.
Thanks again guys.... I owe you big.... I am about to use this fine 1.5 year old dual core HP as a paperweight....beause after 3 different OS installations in locations all over Chicago, I still cannot use my PC as I am accustomed.
Paul