?
Solved

XP barely responding Post User running registry defrag and deleting c\XP\i386 files

Posted on 2005-02-28
41
Medium Priority
?
3,503 Views
Last Modified: 2012-05-05
The current state of my PC is as follow:

1. Barely responding.
2. Immediately from startup the pc becomes incredibly slow
3. For the most part I cant open anything
4. System goes through mini freezes every 10 seconds where the mouse disappears from the screen.

The following is what I did:

One day ago I decided to run some utilities programs on my XP, (1GB Ram) (TuneUp Utilities 2004) which defraged the registry amongst other optimisation utilities. I also installed MemoryBooster Pro. Later I found a whole series of what were mainly redundant files and deided to delete them (they were mainly databases containing financial stock price data). Unfortunately on reflection it seems I deleted the c\XP\i386 files.

I tried Last Known Configuration to restore and improve the situation which did not change anything.

Unfortunately it appears that the System Restore feature was turned off and I also can not seem to restart it (not that it would be much help now).

Any help would be greatly appreciated.
0
Comment
Question by:paulmcmillan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 23
  • 18
41 Comments
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13418378
Ok...is it working in Safe Mode now ?
0
 

Author Comment

by:paulmcmillan
ID: 13418392
Yes it is.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13418402
ok.......

First boot into safe Mode.

1. Start Menu > Run > type regedit.exe
2. Navigate to the following locations in Registry :-

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
point to "Services" key > File Menu > Export > and save this file name it "Services.reg"

3. Then goto the following locatiosn: -

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal
point to "Minimal" key > File Menu > Export > and save this file name it "Minimal.reg"

4. Now edit the Minimal.reg file in Wordpad and find the following: -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]

and replace all with: -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

5. Save this file (minimal.reg) and double click on it.

6. Restart the system. Your system should start now in Normal Mode.

Please let me know if you want help on above procedure.

Thankx
SystmProg
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:paulmcmillan
ID: 13418466
Thanks for this. Ok, all of the above has been completed and now I have just booted back up
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13418474
Is it working now ?
0
 

Author Comment

by:paulmcmillan
ID: 13418492
The boot was quicker, but the mouse keeps freezing on screen every 5 seconds. I tried to open an internet explorer window but it stops at "detecting proxy settings". I try to close it and it wont close.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13418596
>>>The boot was quicker, but the mouse keeps freezing on screen every 5 seconds. I tried to open an internet explorer window but it stops at "detecting proxy settings". I try to close it and it wont close.

Ok...Do you have Windows CD with you ?
Does it happen only with Internet Explorer or windows Explorer also ?

0
 

Author Comment

by:paulmcmillan
ID: 13418627
It happens with all programs.

Unfortunately I have the 9 cd's that I bought from HP. My system originally did not come with an XP system CD's.
0
 

Author Comment

by:paulmcmillan
ID: 13418639
Apologies, I meant to say that my system originally DID NOT come with an XP system CD's.
0
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 2000 total points
ID: 13418667
Can you run SFC /SCANNOW from Run box ? it will restore all damaged modules.

and also perform the following scans to just make sure your system is not infected with any malware process: -

CWshredder     http://www.majorgeeks.com/download4086.html
     Spybot :        http://www.download.com/3000-8022-10122137.html
     adaware :      http://www.lavasoftusa.com/
     STINGER  :   http://vil.nai.com/vil/stinger/   
http://housecall.trendmicro.com/                                       online scan for trojans
http://www.ravantivirus.com/scan/
http://www.spychecker.com/program/coolwebshredder.html          CWshredder
http://www.spychecker.com/program/hijackthis.html                        download
http://www.hijackthis.de/index.php?langselect=english                         check the log
0
 

Author Comment

by:paulmcmillan
ID: 13418686
ok, will do thanks.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13418703
Please let us know :-)
0
 

Author Comment

by:paulmcmillan
ID: 13418728
sorry, with the SFC/SCANNOW, can i run this in safe mode? (since the pc is barely responding in NORMAL Mode). Also I tried typing SFC/SCANNOW into RUN but a dialogue appeared saying that windows could not find it.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13418768
SFC / Scannow.

There must be a space between SFC and / and run in Safe Mode.
0
 

Author Comment

by:paulmcmillan
ID: 13421637
ok. There is a lot to get through here so I will try and make a synopsis of it.

1) SFC /Scannow - I ran the process and it wanted to use the Windows XP Home Edition CD's to copy certain files to the DLL cache. Unfortunately I tried all 9 of the restore cd's that I bought separately with my HP Pavillion and none of them were accepted as containing the proper files. I thinking i counted 60-70 files that I was asked for before I shut down the pc as I was in a loop of cancel and then YES etc.

2) CWShredder found 1 piece of malware (MSOle) and fixed it.

3) Spybot found 2 cookies and deleted them

4) AdAware fails at the same point every time at c:\windows\system32\mui. At that stage there are 14 critical objects, which I cant remove because of the failure.

5) Stinger shows nothing.

6) Trend Micro will not run for some reason. I cant click on my computer to check it. It wont let me.

7) raantvirus fails also. It gets a couple of minutes in and appears to stop and will not produce a report even though it should about 20 files infected.

8) The hijackthis site was excellent and produced a report with about 17 'nasty' items which I proceeded to delete viathe hijaack this interface. Unfortunately one particular sort of spyware could not be removed refered to as "010 - Hiacked Internet access by New.Net" and it says to go to cexx.org to remove it or use Spybot to remove it. Spybot cant find anything there at all and the link on cexx.org/lspfix no longer exists.

So that is the state of play at present. Thanks for introducing me to some of these spyware/virus utilities which all appear very handy in different ways.
0
 

Author Comment

by:paulmcmillan
ID: 13426060
I finally got raantivirus to work and the results were: This was after using all the other spyware/virus  programs including my own Zonealarm Anti Virus and Spyware Killer......I dont think aaantivirus removed them though....
Scan started at 1/03/2005 1:33:01 AM
 
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\install.htm - HTML/DialogArg.B* -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar.jar-34e50ec4-55d19e0c.zip->BlackBox.class - Trojan:Java/ClassLoader.C -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar.jar-34e50ec4-55d19e0c.zip->VerifierBug.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar.jar-34e50ec4-55d19e0c.zip->Beyond.class - TrojanDownloader:Java/OpenStream.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-34e2b6fd-6e026fb6.zip->VerifierBug.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-34e2b6fd-6e026fb6.zip->Gummy.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-4966bd13-3448a300.zip->Gummy.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-4966bd13-3448a300.zip->Counter.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-4966bd13-3448a300.zip->VerifierBug.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-5000a103-56a4bcd0.zip->Gummy.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-5000a103-56a4bcd0.zip->Counter.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-5000a103-56a4bcd0.zip->VerifierBug.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\archive.jar-2880d2c3-5f8a3ae4.zip->rundll32.exe - Trojan:Win32/StartPage.MF -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\archive.jar-487b52a0-598bddf6.zip->rundll32.exe - Trojan:Win32/StartPage.AQ -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-481b81b6-6bcd3249.zip->GetAccess.class - Trojan:Java/ClassLoader -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-481b81b6-6bcd3249.zip->InsecureClassLoader.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-481b81b6-6bcd3249.zip->Installer.class - TrojanDownloader:Java/OpenConnection.F -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-ab3806d-32b2066c.zip->GetAccess.class - Trojan:Java/ClassLoader -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-ab3806d-32b2066c.zip->InsecureClassLoader.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-ab3806d-32b2066c.zip->Installer.class - TrojanDownloader:Java/OpenConnection.F -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\clsld.jar-13d5a4c7-2501d23c.zip->GetAccess.class - Trojan:Java/ClassLoader -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\clsld.jar-13d5a4c7-2501d23c.zip->InsecureClassLoader.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\clsld.jar-13d5a4c7-2501d23c.zip->Installer.class - TrojanDownloader:Java/OpenConnection.F -> Infected
C:\Temp\aniscreen1 Global Screensaver.exe->[wise.17] - Backdoor:Win32/Ruledor.B -> Infected

Scanned
============================
      Objects: 185676
      Directories: 6254
      Archives: 21630
      Size(Kb): -829458
      Infected files: 24

Found
============================
      Viruses found: 10
      Suspicious files: 0
      Disinfected files: 0
      Mail files: 153
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13426259
Oh!...
0
 

Author Comment

by:paulmcmillan
ID: 13428204
Since I ran raantivirus I now appear to have the following two errors and have lost access to the internet and Microsoft Outlook.

1) Mobile Service Properties
The TCP/IP network transport is not installed

2) Run dll
Error loading c:\Program~1\Newdot~1Newdot~2.dll. Specified Module could not be found. This was one of the spyware/malware/viruses found.

I need to get this sorted out as my livelihood depends upon the problematic machine.

I have half my system partitiioned as system restore. Should I proceed down the system restore path? What are the implications of that?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13428241
>>>Since I ran raantivirus I now appear to have the following two errors and have lost access to the internet and Microsoft Outlook.

This is because of WinSock corrupted by viruses....you need to download and run the following: -

run the following download on the PC, and all should be restored
http://www.spychecker.com/program/winsockxpfix.html
sounds like some of the spyware may have intruded on your tcp\ip stack, running this will restore it to its original condition. (I have seen Newdotnet do this to many computers.)

>>>1) Mobile Service Properties
The TCP/IP network transport is not installed

Goto \winnt\inf\nettcpip.inf > Right Click on this file and click on "Install". It will install TCP/IP Protocol...

Please post back.

Thanks
SystmProg
0
 

Author Comment

by:paulmcmillan
ID: 13428252
ok, will do above now. thanks
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13428344
Ya...please let me know.
0
 

Author Comment

by:paulmcmillan
ID: 13428368
Sorry I am struggling a bit here.

I have because i have lost TCP/IP I have no ability to get on the net and hence no email connection. I have downloaded Winsock to my laptop but have no burner to get file to desktop where the problem is. Trying to think of ....

I have a USB memory stick but my Win 98 laptop is not recognising it?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13428583
Did you click on "Install" button to install TCP/IP protocol ? Install it first....share the folder on your laptop that contains the utility you downloaded and then.....ok do it step by step: -

1. On your computer (XP) issue the following commands: -
netsh int ip reset reset.txt (this will reset the TCP/IP protocol and will install the protocol).
2. Share a folder on your laptop.
3. accesss this shared folder using the UNC path \\IP_address of laptop computer.

Let me know.
0
 

Author Comment

by:paulmcmillan
ID: 13428643
finally installed the winsock program and no tcp/ip transport error coming up now on boot.

I cant seem to find the winnt directory?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13428672
Why you need WINNT directory now ? its Windows actually for XP...Winnt for Winodws 2000 and NT
0
 

Author Comment

by:paulmcmillan
ID: 13428695
sorry just going on your instructions above..which were

Goto \winnt\inf\nettcpip.inf > Right Click on this file and click on "Install". It will install TCP/IP Protocol...
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13428860
No...now your TCP/IP is working...you do not need to go through steps i provided above.

Is your net working now ?
0
 

Author Comment

by:paulmcmillan
ID: 13428896
Yes thankyou very much much.

Clearly I still have viruses on my system.
I went into the documents/settings files and deleted all the "jar" java viruses. Not sure if this will help.
I read that the system32/mui is for Multilingual support and is redundant. Hence i can delete this and hopefully adaware should now run.
I still need to get rid of the Newdot.dll error that comes up at the start.

Thanks again for your help and your patience it has been much appreciated.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13429020
Thanks for your reply :-)

Ok

http://www.spychecker.com/program/hijackthis.html                        download
save log > post here.
0
 

Author Comment

by:paulmcmillan
ID: 13429170
Apologies for the long delays, my system still keeps freezing on me and is incredibly slow when running. I will attempt to forward the log file asap.....
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13429337
Its late night here...please i will post tommo..

Thanks
0
 

Author Comment

by:paulmcmillan
ID: 13429398
Ok, have now tried to restart my desktop pc 10 times, to no avail.

I still get the newdot dll error at the start and basically I cant regain control of the machine. I can move the mouse sometimes, but mostly its a "freeze -unfreeze - freeze" situation. I really cant open anything at all and the system is barely responding and defintely unstable.
0
 

Author Comment

by:paulmcmillan
ID: 13429513
Apologies, I think our last posts crossed at the same time. Have a good sleep. Thanks Paul
0
 

Author Comment

by:paulmcmillan
ID: 13433808
ok, I went off to my French class and the PC was barely responding (actually not responding) but I decided to leave it running. When I came back I had a dialogue on screen saying "Windows Virtual Memory Minimum too Low Windows Increased the Size of the Paging File".

Now the PC seems to be running beautifully. What follows is the analysis from the www.hijackthis.de website: There appears to be two "Nasty" processes left, including the Newdot issue that keeps coming up.

Logfile of HijackThis v1.99.1  
Safe.   Shows the version of HijackThis an. The newest version is: v1.99.1!   This should be the newest version. (v1.99.1)
  Platform: Windows XP SP2 (WinNT 5.01.2600)          
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)  
Safe.   Shows the version of your Internet Explorer. Newest Version is: 6.00.2800.1106!   This should be the newest version. (6.00.2900.2180)
  C:\WINDOWS\System32\smss.exe  
Safe.   running process. (smss.exe)
Systemprozess - Anwendung, die benutzt wird um Sitzungen zu starten, verwalten und löschen.  
 
  C:\WINDOWS\system32\winlogon.exe  
Safe.   running process. (winlogon.exe)
Systemprozess - Windows Login Routine  
 
  C:\WINDOWS\system32\services.exe  
Safe.   running process. (services.exe)
Systemprozess - Verwaltet die Systemdienste.  
 
  C:\WINDOWS\system32\lsass.exe  
Safe.   running process. (lsass.exe)
Systemprozess  
 
  C:\WINDOWS\system32\Ati2evxx.exe  
Safe.   running process. (Ati2evxx.exe)
ATI2evxx.exe is related to ATI Technologies Inc. hardware.  
 
  C:\WINDOWS\system32\svchost.exe  
Safe.   running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.  
 
  C:\WINDOWS\System32\svchost.exe  
Safe.   running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.  
 
  C:\WINDOWS\system32\Ati2evxx.exe  
Safe.   running process. (Ati2evxx.exe)
ATI2evxx.exe is related to ATI Technologies Inc. hardware.  
 
  C:\WINDOWS\Explorer.EXE  
Safe.   running process. (Explorer.EXE)
Systemprozess für Desktop und Taskleiste.  
 
  C:\WINDOWS\system32\spoolsv.exe  
Safe.   running process. (spoolsv.exe)
Systemprozess  
 
  C:\windows\system\hpsysdrv.exe  
Safe.   running process. (hpsysdrv.exe)
   
 
  C:\Windows\system32\HpSrvUI.exe  
Unknown   running process. (HpSrvUI.exe)
HP related    This is a unknown process.
 
  C:\WINDOWS\system32\usb.exe  
Unknown   running process. (usb.exe)
HP related - not sure whether it\'s required    This is a unknown process.
 
  C:\WINDOWS\system32\ps2.exe  
Safe.   running process. (ps2.exe)
Multimedia Keyboard companion on HP computers. If this is prevented from starting, then some keyboard functionality will be lost.  
 
  C:\Program Files\Common Files\Real\Update_OB\realsched.exe  
Safe.   running process. (realsched.exe)
   
 
  C:\WINDOWS\system32\rundll32.exe  
Safe.   running process. (rundll32.exe)
RUNDLL32 is the Microsoft Windows program that loads DLLs into memory so that they can be used by specific programs or by Windows.  
 
  C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE  
Safe.   running process. (TRAYAP~1.EXE)
   
Possibly nasty! According to our database this process runs normally in c:\progra~1\nokia\nokiap~1! Check if you know this process and arrange a viruscheck where required.
  C:\WINDOWS\system32\bcmwltry.exe  
Unknown   running process. (bcmwltry.exe)
Broadcom Corporation Wireless Network Tray Applet.Is it required?    This is a unknown process.
 
  C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe  
Safe.   running process. (fpdisp5a.exe)
   
 
  C:\WINDOWS\system32\PDesk\PDesk.exe  
Safe.   running process. (PDesk.exe)
For Matrox video cards. Quick access to tweak your card to your liking.  
 
  C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE  
Safe.   running process. (WCESCOMM.EXE)
   
 
  C:\Program Files\WimsPrg\wclock30.exe  
Unknown   running process. (wclock30.exe)
   This is a unknown process.
 
  C:\Program Files\Skype\Phone\Skype.exe  
Safe.   running process. (Skype.exe)
   
 
  C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe  
Safe.   running process. (sqlmangr.exe)
   
 
  C:\Program Files\WinZip\WZQKPICK.EXE  
Safe.   running process. (WZQKPICK.EXE)
   
 
  C:\WINDOWS\system32\cisvc.exe  
Safe.   running process. (cisvc.exe)
Microsoft Index Service Helper  
 
  C:\WINDOWS\system32\mgabg.exe  
Safe.   running process. (mgabg.exe)
   
 
  C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe  
Safe.   running process. (sqlservr.exe)
   
 
  C:\Program Files\PurgeIE\PurgeIE_Service.exe  
Unknown   running process. (PurgeIE_Service.exe)
   This is a unknown process.
 
  C:\WINDOWS\System32\svchost.exe  
Safe.   running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.  
 
  C:\WINDOWS\system32\ZoneLabs\vsmon.exe  
Safe.   running process. (vsmon.exe)
ZoneAlarm Firewall  
 
  C:\WINDOWS\system32\fxssvc.exe  
Safe.   running process. (fxssvc.exe)
Systemprozess - Microsoft's Fax Service  
 
  C:\Program Files\InfoSoft\Bodhi3\Main\B3Fre32.exe  
Unknown   running process. (B3Fre32.exe)
   This is a unknown process.
 
  C:\WINDOWS\system32\cidaemon.exe  
Safe.   running process. (cidaemon.exe)
Indexing Service Filter Daemon  
 
  C:\WINDOWS\system32\wuauclt.exe  
Safe.   running process. (wuauclt.exe)
Windows Update AutoUpdate Client  
 
  C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE  
Safe.   running process. (OUTLOOK.EXE)
E-Mail Client für Windows.  
 
  C:\Program Files\Internet Explorer\iexplore.exe  
Safe.   running process. (iexplore.exe)
Internet Explorer - Wir empfehlen einen sichereren alternativen Browser zu verwenden. (z.B. Firefox)  
 
  C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe  
Unknown   running process. (mantispm.exe)
MailFrontier_Desktop (Matador) email spam blocker software    This is a unknown process.
 
  C:\PROGRA~1\InfoSoft\Bodhi3\Main\B3Cat32.exe  
Unknown   running process. (B3Cat32.exe)
   This is a unknown process.
 
  C:\unzipped\hijackthis_199\HijackThis.exe  
Safe.   running process. (HijackThis.exe)
Tool, mit dem sie dieses Logfile erzeugt haben.   Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups!
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1  
Possibly nasty   This page could possibly be nasty.   If you do not know the entry '127.0.0.1', delete it.
  O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([02478D38-C3F9-4efb-9B51-7695ECA05670] - Result: 02478D38-C3F9-4efb-9B51-7695ECA05670) has been checked. Hit rate: 99 %    
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([06849E9F-C8D7-4D59-B87D-784B7D6BE0B3] - Result: 06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) has been checked. Hit rate: 99 %    
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([53707962-6F74-2D53-2644-206D7942484F] - Result: 53707962-6F74-2D53-2644-206D7942484F) has been checked. Hit rate: 99 %    
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([AA58ED58-01DD-4d91-8333-CF10577473F7] - Result: AA58ED58-01DD-4d91-8333-CF10577473F7) has been checked. Hit rate: 99 %    
  O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([DB43E4E6-FF8A-4018-8C8E-F68587A44A73] - Result: DB43E4E6-FF8A-4018-8C8E-F68587A44A73) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %    
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([2318C2B1-4965-11d4-9B18-009027A5CD4F] - Result: 2318C2B1-4965-11D4-9B18-009027A5CD4F) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 96 %    
  O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-99FF-FD63B990BE2C} - (no file)  
Unnecessarily   Entries found in this registry zone are potentially nasty. This application ([4E7BD74F-2B8D-469E-99FF-FD63B990BE2C] - Result: ) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: -1 %   If you do not know that application, fix it.
Unnecessary (deactivated) entry that can be fixed.
  O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([EF99BD32-C1FB-11D2-892F-0090271D4F88] - Result: EF99BD32-C1FB-11D2-892F-0090271D4F88) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %    
  O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe  
Safe.   Hewlett-Packard
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe  
Safe.   Application that implements the Intel Hotkey command.
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe  
Unknown   HP related
Hit rate: 99 % (result)   Unknown application.
  O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r  
Safe.   Sonic Update Manager
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE  
Safe.   Hewlett Packard Software
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe  
Unknown  
Hit rate: -1 % (result)   Unknown application.
  O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe  
Unknown  
Hit rate: -1 % (result)   Unknown application.
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe  
Safe.   HP Deskjet 3320
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot  
Safe.   Part of RealPlayer
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent  
Safe.   Conzeptronic-USB-Dongle
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE  
Safe.  
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe  
Unknown   Broadcom Corporation Wireless Network Tray Applet.Is it required?
Hit rate: 99 % (result)   Unknown application.
  O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM  
Unknown  
Hit rate: 6 % (result)   Unknown application.
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k  
Safe.  
Hit rate: 9 % (result)   Not dangerous, but unnecessary.
  O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"  
Safe.   Firewall program from Zonelabs. Pro version inlcudes other online security options
Hit rate: 85 % (result)    
  O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe  
Safe.   Control panel for the ATI series of video cards allowing access to such features as display resolution, colour depth, etc. Available via Start -> Settings -> Control Panel -> Display. Some users may need it if they have optimised their settings
Hit rate: 78 % (result)    
  O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime  
Safe.   ATI Catalyst ControlCenter
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\system32\PDesk\PDesk.exe /Autolaunch  
Safe.   Matrox Powerdesk
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s  
Nasty   New Dot Net Spyware
Hit rate: 99 % (result)   Must be fixed!
  O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"  
Safe.   Active sync for use with Windows CE based palm PC
Hit rate: 99 % (result)    
  O4 - HKCU\..\Run: [ANONYMIZER_SPYWAREKILLER] C:\Program Files\SpyWare Killer\spywarekiller.exe /BOOT  
Safe.   Anonymizer Spyware Killer; see here
Hit rate: 90 % (result)    
  O4 - HKCU\..\Run: [WorldClock] "C:\Program Files\WimsPrg\wclock30.exe"  
Unknown  
Hit rate: 6 % (result)   Unknown application.
  O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized  
Safe.   "Skype is free and simple software that will enable you to make free calls anywhere in the world in minutes"
Hit rate: 99 % (result)   Not dangerous, but unnecessary.
  O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe  
Safe.   ATI CATALYST
Hit rate: 95 % (result)    
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE  
Safe.  
Hit rate: 67 % (result)    
  O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe  
Safe.   SQL Server Service Manager - provides tray access to SQL server, the server agent and MSDTC. Available via Start -> Programs
Hit rate: 93 % (result)   Not dangerous, but unnecessary.
  O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE  
Safe.   Added with WinZip version 8.1. "The new WinZip Quick Pick taskbar tray icon gives you instant access to WinZip and your Zip files. Just left click the icon to open WinZip, or right click it to instantly reopen recently used Zip files, access your Favorite Zip Folders, open WinZip Help, or start WinZip itself.". You can right-click and close it - choosing to not re-load it at start-up
Hit rate: 93 % (result)   Not dangerous, but unnecessary.
  O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar2.dll/cmsearch.html  
Safe.   The entry &Google Search has been identified as safe.   If the entry '&Google Search ' is not needed anymore, it should be fixed.
  O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Backward Links ' is unknown.
  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Cached Snapshot of Page ' is unknown.
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000  
Safe.   The entry E&xport to Microsoft Excel has been identified as safe.   If the entry 'E&xport to Microsoft Excel ' is not needed anymore, it should be fixed.
  O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Open Image in New Window ' is unknown.
  O8 - Extra context menu item: Related web pages - file://C:\Program Files\Yahoo!\Y!Q DemoBar\Cache\SelectedContextSearch.htm  
Nasty   The entry Related web pages has been identified as nasty.    
  O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm  
Safe.   The entry Send To &Bluetooth has been identified as safe.   If the entry 'Send To &Bluetooth ' is not needed anymore, it should be fixed.
  O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Similar Pages ' is unknown.
  O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar2.dll/cmtrans.html  
Safe.   The entry Translate into English has been identified as safe.   If the entry 'Translate into English ' is not needed anymore, it should be fixed.
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll  
Safe.   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll  
Safe.   The entry Sun Java Console has been identified as safe.   If the entry 'Sun Java Console ' is not needed anymore, it should be fixed.
  O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll  
Safe.   The entry Create Mobile Favorite has been identified as safe.   If the entry 'Create Mobile Favorite ' is not needed anymore, it should be fixed.
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll  
Safe.   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll  
Safe.   The entry Create Mobile Favorite... has been identified as safe.   If the entry 'Create Mobile Favorite... ' is not needed anymore, it should be fixed.
  O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll  
Safe.   The entry Messenger has been identified as safe.   If the entry 'Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll  
Safe.   The entry Yahoo! Messenger has been identified as safe.   If the entry 'Yahoo! Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe  
Safe.   The entry AIM has been identified as safe.   If the entry 'AIM ' is not needed anymore, it should be fixed.
  O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm  
Safe.   The entry @btrez.dll, has been identified as safe.   If the entry '@btrez.dll,' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm  
Safe.   The entry @btrez.dll, has been identified as safe.   If the entry '@btrez.dll,' is not needed anymore, it should be fixed.
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe  
Safe.   The entry Messenger has been identified as safe.   If the entry 'Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe  
Safe.   The entry Windows Messenger has been identified as safe.   If the entry 'Windows Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra button: @C:\Program Files\4Team Corporation\Fax4Outlook\Fax4IE.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll (HKCU)  
Possibly nasty   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry '@C:\Program FilesTeam Corporation\Fax4Outlook\Fax4IE.dll,' is unknown.
  O9 - Extra 'Tools' menuitem: Send Fax - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll (HKCU)  
Possibly nasty   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry 'Send Fax ' is unknown.
  O15 - Trusted Zone: *.windowsupdate.com  
Safe.   If you did not add these pages to your trusted pages, they should be fixed.    
  O16 - DPF: KCrypto for Applets - https://www.ros.ie/applets/kcrypto.cab   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {1DD81666-F3AD-11D3-BA86-00500487B4EC} (WonSearchX Control) - http://www.investors.com/member/ocx/WonSearchX.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall /xscan53.cab  
Safe.   This entry has been identified as safe.    
  O16 - DPF: {78267546-F2AC-11D2-A278-005004676C44} (WonList Control) - http://www.investors.com/member/ocx/WonList.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupdate2.exe   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} (Plotwon Control) - http://www.investors.com/member/ocx/plotwon.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {C96E4911-9087-44F2-908B-5AD05155560D} (WDSConfiguration Control) - http://wireless.vodafone.com.au/FCRoot/CAB/WDSConfiguration.cab   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {EE3CD402-69EB-4B53-819D-0CA2F95AD7DA} (PFMngr Control) - http://www.investors.com/member/ocx/PFMngr.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll  
Unknown      
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (Ati2evxx.exe) was identified as a good one.
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (ati2sgag.exe) was identified as a good one.
  O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (mgabg.exe) was identified as a good one.
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (HPZipm12.exe) was identified as a good one.
  O23 - Service: PurgeIE XP Service (PurgeIEservice) - Assistance & Resources for Computing, Inc. - C:\Program Files\PurgeIE\PurgeIE_Service.exe  
Unknown   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   Unknown service. (PurgeIE_Service.exe)
  O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (WinStylerThemeSvc.exe) was identified as a good one.
  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (vsmon.exe) was identified as a good one.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13436151
So then did you fix ?
or you want me to do something for you :-)
0
 

Author Comment

by:paulmcmillan
ID: 13436318
At this stage I have done at least 2 reboots and everything appears to be fine.

Your help has been invaluable. Your patience is superb. Thank you so much for everything.

Regards
Paul
0
 

Author Comment

by:paulmcmillan
ID: 13436329
oh, one last thing. I could not finish SFC SCannow because for some reason my restore disks do not match what the program asks for. This suggests that there are many files missing and hence it would be advisable to get a copy of the XP disk from someone and run SFC Scannow?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13436442
>>>oh, one last thing. I could not finish SFC SCannow because for some reason my restore disks do not match what the program asks for. This suggests that there are many files missing and hence it would be advisable to get a copy of the XP disk from someone and run SFC Scannow?

Yes friend...this scan is necessary...you have to run this...
0
 

Author Comment

by:paulmcmillan
ID: 13443586
ok, thanks again.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13446480
So..did you solve the problem ?
0
 

Author Comment

by:paulmcmillan
ID: 13446529
Virus issues seem to be sorted out. But no to the SFC SCANNOW. I have to find someone who has the XP disk. Then all should be fine!!!! I'm off to bed, its almost 4 am where I am in Dublin, Ireland! See you Thanks Paul
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Can you find a fax from a vendor you saved a decade ago in seconds? Have you ever cursed your PC under your breath during an audit because you couldn’t find the requested statement or driver history?  If you answered no to the first question or yes …
Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month10 days, 16 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question