• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3504
  • Last Modified:

XP barely responding Post User running registry defrag and deleting c\XP\i386 files

The current state of my PC is as follow:

1. Barely responding.
2. Immediately from startup the pc becomes incredibly slow
3. For the most part I cant open anything
4. System goes through mini freezes every 10 seconds where the mouse disappears from the screen.

The following is what I did:

One day ago I decided to run some utilities programs on my XP, (1GB Ram) (TuneUp Utilities 2004) which defraged the registry amongst other optimisation utilities. I also installed MemoryBooster Pro. Later I found a whole series of what were mainly redundant files and deided to delete them (they were mainly databases containing financial stock price data). Unfortunately on reflection it seems I deleted the c\XP\i386 files.

I tried Last Known Configuration to restore and improve the situation which did not change anything.

Unfortunately it appears that the System Restore feature was turned off and I also can not seem to restart it (not that it would be much help now).

Any help would be greatly appreciated.
0
paulmcmillan
Asked:
paulmcmillan
  • 23
  • 18
1 Solution
 
Nirmal SharmaSolution ArchitectCommented:
Ok...is it working in Safe Mode now ?
0
 
paulmcmillanAuthor Commented:
Yes it is.
0
 
Nirmal SharmaSolution ArchitectCommented:
ok.......

First boot into safe Mode.

1. Start Menu > Run > type regedit.exe
2. Navigate to the following locations in Registry :-

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
point to "Services" key > File Menu > Export > and save this file name it "Services.reg"

3. Then goto the following locatiosn: -

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal
point to "Minimal" key > File Menu > Export > and save this file name it "Minimal.reg"

4. Now edit the Minimal.reg file in Wordpad and find the following: -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]

and replace all with: -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

5. Save this file (minimal.reg) and double click on it.

6. Restart the system. Your system should start now in Normal Mode.

Please let me know if you want help on above procedure.

Thankx
SystmProg
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
paulmcmillanAuthor Commented:
Thanks for this. Ok, all of the above has been completed and now I have just booted back up
0
 
Nirmal SharmaSolution ArchitectCommented:
Is it working now ?
0
 
paulmcmillanAuthor Commented:
The boot was quicker, but the mouse keeps freezing on screen every 5 seconds. I tried to open an internet explorer window but it stops at "detecting proxy settings". I try to close it and it wont close.
0
 
Nirmal SharmaSolution ArchitectCommented:
>>>The boot was quicker, but the mouse keeps freezing on screen every 5 seconds. I tried to open an internet explorer window but it stops at "detecting proxy settings". I try to close it and it wont close.

Ok...Do you have Windows CD with you ?
Does it happen only with Internet Explorer or windows Explorer also ?

0
 
paulmcmillanAuthor Commented:
It happens with all programs.

Unfortunately I have the 9 cd's that I bought from HP. My system originally did not come with an XP system CD's.
0
 
paulmcmillanAuthor Commented:
Apologies, I meant to say that my system originally DID NOT come with an XP system CD's.
0
 
Nirmal SharmaSolution ArchitectCommented:
Can you run SFC /SCANNOW from Run box ? it will restore all damaged modules.

and also perform the following scans to just make sure your system is not infected with any malware process: -

CWshredder     http://www.majorgeeks.com/download4086.html
     Spybot :        http://www.download.com/3000-8022-10122137.html
     adaware :      http://www.lavasoftusa.com/
     STINGER  :   http://vil.nai.com/vil/stinger/   
http://housecall.trendmicro.com/                                       online scan for trojans
http://www.ravantivirus.com/scan/
http://www.spychecker.com/program/coolwebshredder.html          CWshredder
http://www.spychecker.com/program/hijackthis.html                        download
http://www.hijackthis.de/index.php?langselect=english                         check the log
0
 
paulmcmillanAuthor Commented:
ok, will do thanks.
0
 
Nirmal SharmaSolution ArchitectCommented:
Please let us know :-)
0
 
paulmcmillanAuthor Commented:
sorry, with the SFC/SCANNOW, can i run this in safe mode? (since the pc is barely responding in NORMAL Mode). Also I tried typing SFC/SCANNOW into RUN but a dialogue appeared saying that windows could not find it.
0
 
Nirmal SharmaSolution ArchitectCommented:
SFC / Scannow.

There must be a space between SFC and / and run in Safe Mode.
0
 
paulmcmillanAuthor Commented:
ok. There is a lot to get through here so I will try and make a synopsis of it.

1) SFC /Scannow - I ran the process and it wanted to use the Windows XP Home Edition CD's to copy certain files to the DLL cache. Unfortunately I tried all 9 of the restore cd's that I bought separately with my HP Pavillion and none of them were accepted as containing the proper files. I thinking i counted 60-70 files that I was asked for before I shut down the pc as I was in a loop of cancel and then YES etc.

2) CWShredder found 1 piece of malware (MSOle) and fixed it.

3) Spybot found 2 cookies and deleted them

4) AdAware fails at the same point every time at c:\windows\system32\mui. At that stage there are 14 critical objects, which I cant remove because of the failure.

5) Stinger shows nothing.

6) Trend Micro will not run for some reason. I cant click on my computer to check it. It wont let me.

7) raantvirus fails also. It gets a couple of minutes in and appears to stop and will not produce a report even though it should about 20 files infected.

8) The hijackthis site was excellent and produced a report with about 17 'nasty' items which I proceeded to delete viathe hijaack this interface. Unfortunately one particular sort of spyware could not be removed refered to as "010 - Hiacked Internet access by New.Net" and it says to go to cexx.org to remove it or use Spybot to remove it. Spybot cant find anything there at all and the link on cexx.org/lspfix no longer exists.

So that is the state of play at present. Thanks for introducing me to some of these spyware/virus utilities which all appear very handy in different ways.
0
 
paulmcmillanAuthor Commented:
I finally got raantivirus to work and the results were: This was after using all the other spyware/virus  programs including my own Zonealarm Anti Virus and Spyware Killer......I dont think aaantivirus removed them though....
Scan started at 1/03/2005 1:33:01 AM
 
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\install.htm - HTML/DialogArg.B* -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar.jar-34e50ec4-55d19e0c.zip->BlackBox.class - Trojan:Java/ClassLoader.C -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar.jar-34e50ec4-55d19e0c.zip->VerifierBug.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar.jar-34e50ec4-55d19e0c.zip->Beyond.class - TrojanDownloader:Java/OpenStream.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-34e2b6fd-6e026fb6.zip->VerifierBug.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-34e2b6fd-6e026fb6.zip->Gummy.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-4966bd13-3448a300.zip->Gummy.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-4966bd13-3448a300.zip->Counter.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-4966bd13-3448a300.zip->VerifierBug.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-5000a103-56a4bcd0.zip->Gummy.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-5000a103-56a4bcd0.zip->Counter.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\ar3.jar-5000a103-56a4bcd0.zip->VerifierBug.class - Trojan:Java/ClassLoader.D -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\archive.jar-2880d2c3-5f8a3ae4.zip->rundll32.exe - Trojan:Win32/StartPage.MF -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\archive.jar-487b52a0-598bddf6.zip->rundll32.exe - Trojan:Win32/StartPage.AQ -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-481b81b6-6bcd3249.zip->GetAccess.class - Trojan:Java/ClassLoader -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-481b81b6-6bcd3249.zip->InsecureClassLoader.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-481b81b6-6bcd3249.zip->Installer.class - TrojanDownloader:Java/OpenConnection.F -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-ab3806d-32b2066c.zip->GetAccess.class - Trojan:Java/ClassLoader -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-ab3806d-32b2066c.zip->InsecureClassLoader.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\classload.jar-ab3806d-32b2066c.zip->Installer.class - TrojanDownloader:Java/OpenConnection.F -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\clsld.jar-13d5a4c7-2501d23c.zip->GetAccess.class - Trojan:Java/ClassLoader -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\clsld.jar-13d5a4c7-2501d23c.zip->InsecureClassLoader.class - Java/Bytverify -> Infected
C:\Documents and Settings\Owner\.jpi_cache\jar\1.0\clsld.jar-13d5a4c7-2501d23c.zip->Installer.class - TrojanDownloader:Java/OpenConnection.F -> Infected
C:\Temp\aniscreen1 Global Screensaver.exe->[wise.17] - Backdoor:Win32/Ruledor.B -> Infected

Scanned
============================
      Objects: 185676
      Directories: 6254
      Archives: 21630
      Size(Kb): -829458
      Infected files: 24

Found
============================
      Viruses found: 10
      Suspicious files: 0
      Disinfected files: 0
      Mail files: 153
0
 
Nirmal SharmaSolution ArchitectCommented:
Oh!...
0
 
paulmcmillanAuthor Commented:
Since I ran raantivirus I now appear to have the following two errors and have lost access to the internet and Microsoft Outlook.

1) Mobile Service Properties
The TCP/IP network transport is not installed

2) Run dll
Error loading c:\Program~1\Newdot~1Newdot~2.dll. Specified Module could not be found. This was one of the spyware/malware/viruses found.

I need to get this sorted out as my livelihood depends upon the problematic machine.

I have half my system partitiioned as system restore. Should I proceed down the system restore path? What are the implications of that?
0
 
Nirmal SharmaSolution ArchitectCommented:
>>>Since I ran raantivirus I now appear to have the following two errors and have lost access to the internet and Microsoft Outlook.

This is because of WinSock corrupted by viruses....you need to download and run the following: -

run the following download on the PC, and all should be restored
http://www.spychecker.com/program/winsockxpfix.html
sounds like some of the spyware may have intruded on your tcp\ip stack, running this will restore it to its original condition. (I have seen Newdotnet do this to many computers.)

>>>1) Mobile Service Properties
The TCP/IP network transport is not installed

Goto \winnt\inf\nettcpip.inf > Right Click on this file and click on "Install". It will install TCP/IP Protocol...

Please post back.

Thanks
SystmProg
0
 
paulmcmillanAuthor Commented:
ok, will do above now. thanks
0
 
Nirmal SharmaSolution ArchitectCommented:
Ya...please let me know.
0
 
paulmcmillanAuthor Commented:
Sorry I am struggling a bit here.

I have because i have lost TCP/IP I have no ability to get on the net and hence no email connection. I have downloaded Winsock to my laptop but have no burner to get file to desktop where the problem is. Trying to think of ....

I have a USB memory stick but my Win 98 laptop is not recognising it?
0
 
Nirmal SharmaSolution ArchitectCommented:
Did you click on "Install" button to install TCP/IP protocol ? Install it first....share the folder on your laptop that contains the utility you downloaded and then.....ok do it step by step: -

1. On your computer (XP) issue the following commands: -
netsh int ip reset reset.txt (this will reset the TCP/IP protocol and will install the protocol).
2. Share a folder on your laptop.
3. accesss this shared folder using the UNC path \\IP_address of laptop computer.

Let me know.
0
 
paulmcmillanAuthor Commented:
finally installed the winsock program and no tcp/ip transport error coming up now on boot.

I cant seem to find the winnt directory?
0
 
Nirmal SharmaSolution ArchitectCommented:
Why you need WINNT directory now ? its Windows actually for XP...Winnt for Winodws 2000 and NT
0
 
paulmcmillanAuthor Commented:
sorry just going on your instructions above..which were

Goto \winnt\inf\nettcpip.inf > Right Click on this file and click on "Install". It will install TCP/IP Protocol...
0
 
Nirmal SharmaSolution ArchitectCommented:
No...now your TCP/IP is working...you do not need to go through steps i provided above.

Is your net working now ?
0
 
paulmcmillanAuthor Commented:
Yes thankyou very much much.

Clearly I still have viruses on my system.
I went into the documents/settings files and deleted all the "jar" java viruses. Not sure if this will help.
I read that the system32/mui is for Multilingual support and is redundant. Hence i can delete this and hopefully adaware should now run.
I still need to get rid of the Newdot.dll error that comes up at the start.

Thanks again for your help and your patience it has been much appreciated.
0
 
Nirmal SharmaSolution ArchitectCommented:
Thanks for your reply :-)

Ok

http://www.spychecker.com/program/hijackthis.html                        download
save log > post here.
0
 
paulmcmillanAuthor Commented:
Apologies for the long delays, my system still keeps freezing on me and is incredibly slow when running. I will attempt to forward the log file asap.....
0
 
Nirmal SharmaSolution ArchitectCommented:
Its late night here...please i will post tommo..

Thanks
0
 
paulmcmillanAuthor Commented:
Ok, have now tried to restart my desktop pc 10 times, to no avail.

I still get the newdot dll error at the start and basically I cant regain control of the machine. I can move the mouse sometimes, but mostly its a "freeze -unfreeze - freeze" situation. I really cant open anything at all and the system is barely responding and defintely unstable.
0
 
paulmcmillanAuthor Commented:
Apologies, I think our last posts crossed at the same time. Have a good sleep. Thanks Paul
0
 
paulmcmillanAuthor Commented:
ok, I went off to my French class and the PC was barely responding (actually not responding) but I decided to leave it running. When I came back I had a dialogue on screen saying "Windows Virtual Memory Minimum too Low Windows Increased the Size of the Paging File".

Now the PC seems to be running beautifully. What follows is the analysis from the www.hijackthis.de website: There appears to be two "Nasty" processes left, including the Newdot issue that keeps coming up.

Logfile of HijackThis v1.99.1  
Safe.   Shows the version of HijackThis an. The newest version is: v1.99.1!   This should be the newest version. (v1.99.1)
  Platform: Windows XP SP2 (WinNT 5.01.2600)          
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)  
Safe.   Shows the version of your Internet Explorer. Newest Version is: 6.00.2800.1106!   This should be the newest version. (6.00.2900.2180)
  C:\WINDOWS\System32\smss.exe  
Safe.   running process. (smss.exe)
Systemprozess - Anwendung, die benutzt wird um Sitzungen zu starten, verwalten und löschen.  
 
  C:\WINDOWS\system32\winlogon.exe  
Safe.   running process. (winlogon.exe)
Systemprozess - Windows Login Routine  
 
  C:\WINDOWS\system32\services.exe  
Safe.   running process. (services.exe)
Systemprozess - Verwaltet die Systemdienste.  
 
  C:\WINDOWS\system32\lsass.exe  
Safe.   running process. (lsass.exe)
Systemprozess  
 
  C:\WINDOWS\system32\Ati2evxx.exe  
Safe.   running process. (Ati2evxx.exe)
ATI2evxx.exe is related to ATI Technologies Inc. hardware.  
 
  C:\WINDOWS\system32\svchost.exe  
Safe.   running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.  
 
  C:\WINDOWS\System32\svchost.exe  
Safe.   running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.  
 
  C:\WINDOWS\system32\Ati2evxx.exe  
Safe.   running process. (Ati2evxx.exe)
ATI2evxx.exe is related to ATI Technologies Inc. hardware.  
 
  C:\WINDOWS\Explorer.EXE  
Safe.   running process. (Explorer.EXE)
Systemprozess für Desktop und Taskleiste.  
 
  C:\WINDOWS\system32\spoolsv.exe  
Safe.   running process. (spoolsv.exe)
Systemprozess  
 
  C:\windows\system\hpsysdrv.exe  
Safe.   running process. (hpsysdrv.exe)
   
 
  C:\Windows\system32\HpSrvUI.exe  
Unknown   running process. (HpSrvUI.exe)
HP related    This is a unknown process.
 
  C:\WINDOWS\system32\usb.exe  
Unknown   running process. (usb.exe)
HP related - not sure whether it\'s required    This is a unknown process.
 
  C:\WINDOWS\system32\ps2.exe  
Safe.   running process. (ps2.exe)
Multimedia Keyboard companion on HP computers. If this is prevented from starting, then some keyboard functionality will be lost.  
 
  C:\Program Files\Common Files\Real\Update_OB\realsched.exe  
Safe.   running process. (realsched.exe)
   
 
  C:\WINDOWS\system32\rundll32.exe  
Safe.   running process. (rundll32.exe)
RUNDLL32 is the Microsoft Windows program that loads DLLs into memory so that they can be used by specific programs or by Windows.  
 
  C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE  
Safe.   running process. (TRAYAP~1.EXE)
   
Possibly nasty! According to our database this process runs normally in c:\progra~1\nokia\nokiap~1! Check if you know this process and arrange a viruscheck where required.
  C:\WINDOWS\system32\bcmwltry.exe  
Unknown   running process. (bcmwltry.exe)
Broadcom Corporation Wireless Network Tray Applet.Is it required?    This is a unknown process.
 
  C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe  
Safe.   running process. (fpdisp5a.exe)
   
 
  C:\WINDOWS\system32\PDesk\PDesk.exe  
Safe.   running process. (PDesk.exe)
For Matrox video cards. Quick access to tweak your card to your liking.  
 
  C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE  
Safe.   running process. (WCESCOMM.EXE)
   
 
  C:\Program Files\WimsPrg\wclock30.exe  
Unknown   running process. (wclock30.exe)
   This is a unknown process.
 
  C:\Program Files\Skype\Phone\Skype.exe  
Safe.   running process. (Skype.exe)
   
 
  C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe  
Safe.   running process. (sqlmangr.exe)
   
 
  C:\Program Files\WinZip\WZQKPICK.EXE  
Safe.   running process. (WZQKPICK.EXE)
   
 
  C:\WINDOWS\system32\cisvc.exe  
Safe.   running process. (cisvc.exe)
Microsoft Index Service Helper  
 
  C:\WINDOWS\system32\mgabg.exe  
Safe.   running process. (mgabg.exe)
   
 
  C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe  
Safe.   running process. (sqlservr.exe)
   
 
  C:\Program Files\PurgeIE\PurgeIE_Service.exe  
Unknown   running process. (PurgeIE_Service.exe)
   This is a unknown process.
 
  C:\WINDOWS\System32\svchost.exe  
Safe.   running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.  
 
  C:\WINDOWS\system32\ZoneLabs\vsmon.exe  
Safe.   running process. (vsmon.exe)
ZoneAlarm Firewall  
 
  C:\WINDOWS\system32\fxssvc.exe  
Safe.   running process. (fxssvc.exe)
Systemprozess - Microsoft's Fax Service  
 
  C:\Program Files\InfoSoft\Bodhi3\Main\B3Fre32.exe  
Unknown   running process. (B3Fre32.exe)
   This is a unknown process.
 
  C:\WINDOWS\system32\cidaemon.exe  
Safe.   running process. (cidaemon.exe)
Indexing Service Filter Daemon  
 
  C:\WINDOWS\system32\wuauclt.exe  
Safe.   running process. (wuauclt.exe)
Windows Update AutoUpdate Client  
 
  C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE  
Safe.   running process. (OUTLOOK.EXE)
E-Mail Client für Windows.  
 
  C:\Program Files\Internet Explorer\iexplore.exe  
Safe.   running process. (iexplore.exe)
Internet Explorer - Wir empfehlen einen sichereren alternativen Browser zu verwenden. (z.B. Firefox)  
 
  C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe  
Unknown   running process. (mantispm.exe)
MailFrontier_Desktop (Matador) email spam blocker software    This is a unknown process.
 
  C:\PROGRA~1\InfoSoft\Bodhi3\Main\B3Cat32.exe  
Unknown   running process. (B3Cat32.exe)
   This is a unknown process.
 
  C:\unzipped\hijackthis_199\HijackThis.exe  
Safe.   running process. (HijackThis.exe)
Tool, mit dem sie dieses Logfile erzeugt haben.   Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups!
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1  
Possibly nasty   This page could possibly be nasty.   If you do not know the entry '127.0.0.1', delete it.
  O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([02478D38-C3F9-4efb-9B51-7695ECA05670] - Result: 02478D38-C3F9-4efb-9B51-7695ECA05670) has been checked. Hit rate: 99 %    
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([06849E9F-C8D7-4D59-B87D-784B7D6BE0B3] - Result: 06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) has been checked. Hit rate: 99 %    
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([53707962-6F74-2D53-2644-206D7942484F] - Result: 53707962-6F74-2D53-2644-206D7942484F) has been checked. Hit rate: 99 %    
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([AA58ED58-01DD-4d91-8333-CF10577473F7] - Result: AA58ED58-01DD-4d91-8333-CF10577473F7) has been checked. Hit rate: 99 %    
  O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([DB43E4E6-FF8A-4018-8C8E-F68587A44A73] - Result: DB43E4E6-FF8A-4018-8C8E-F68587A44A73) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %    
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([2318C2B1-4965-11d4-9B18-009027A5CD4F] - Result: 2318C2B1-4965-11D4-9B18-009027A5CD4F) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 96 %    
  O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-99FF-FD63B990BE2C} - (no file)  
Unnecessarily   Entries found in this registry zone are potentially nasty. This application ([4E7BD74F-2B8D-469E-99FF-FD63B990BE2C] - Result: ) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: -1 %   If you do not know that application, fix it.
Unnecessary (deactivated) entry that can be fixed.
  O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll  
Safe.   Entries found in this registry zone are potentially nasty. This application ([EF99BD32-C1FB-11D2-892F-0090271D4F88] - Result: EF99BD32-C1FB-11D2-892F-0090271D4F88) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %    
  O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe  
Safe.   Hewlett-Packard
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe  
Safe.   Application that implements the Intel Hotkey command.
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe  
Unknown   HP related
Hit rate: 99 % (result)   Unknown application.
  O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r  
Safe.   Sonic Update Manager
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE  
Safe.   Hewlett Packard Software
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe  
Unknown  
Hit rate: -1 % (result)   Unknown application.
  O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe  
Unknown  
Hit rate: -1 % (result)   Unknown application.
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe  
Safe.   HP Deskjet 3320
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot  
Safe.   Part of RealPlayer
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent  
Safe.   Conzeptronic-USB-Dongle
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE  
Safe.  
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe  
Unknown   Broadcom Corporation Wireless Network Tray Applet.Is it required?
Hit rate: 99 % (result)   Unknown application.
  O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM  
Unknown  
Hit rate: 6 % (result)   Unknown application.
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k  
Safe.  
Hit rate: 9 % (result)   Not dangerous, but unnecessary.
  O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"  
Safe.   Firewall program from Zonelabs. Pro version inlcudes other online security options
Hit rate: 85 % (result)    
  O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe  
Safe.   Control panel for the ATI series of video cards allowing access to such features as display resolution, colour depth, etc. Available via Start -> Settings -> Control Panel -> Display. Some users may need it if they have optimised their settings
Hit rate: 78 % (result)    
  O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime  
Safe.   ATI Catalyst ControlCenter
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\system32\PDesk\PDesk.exe /Autolaunch  
Safe.   Matrox Powerdesk
Hit rate: 99 % (result)    
  O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s  
Nasty   New Dot Net Spyware
Hit rate: 99 % (result)   Must be fixed!
  O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"  
Safe.   Active sync for use with Windows CE based palm PC
Hit rate: 99 % (result)    
  O4 - HKCU\..\Run: [ANONYMIZER_SPYWAREKILLER] C:\Program Files\SpyWare Killer\spywarekiller.exe /BOOT  
Safe.   Anonymizer Spyware Killer; see here
Hit rate: 90 % (result)    
  O4 - HKCU\..\Run: [WorldClock] "C:\Program Files\WimsPrg\wclock30.exe"  
Unknown  
Hit rate: 6 % (result)   Unknown application.
  O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized  
Safe.   "Skype is free and simple software that will enable you to make free calls anywhere in the world in minutes"
Hit rate: 99 % (result)   Not dangerous, but unnecessary.
  O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe  
Safe.   ATI CATALYST
Hit rate: 95 % (result)    
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE  
Safe.  
Hit rate: 67 % (result)    
  O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe  
Safe.   SQL Server Service Manager - provides tray access to SQL server, the server agent and MSDTC. Available via Start -> Programs
Hit rate: 93 % (result)   Not dangerous, but unnecessary.
  O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE  
Safe.   Added with WinZip version 8.1. "The new WinZip Quick Pick taskbar tray icon gives you instant access to WinZip and your Zip files. Just left click the icon to open WinZip, or right click it to instantly reopen recently used Zip files, access your Favorite Zip Folders, open WinZip Help, or start WinZip itself.". You can right-click and close it - choosing to not re-load it at start-up
Hit rate: 93 % (result)   Not dangerous, but unnecessary.
  O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar2.dll/cmsearch.html  
Safe.   The entry &Google Search has been identified as safe.   If the entry '&Google Search ' is not needed anymore, it should be fixed.
  O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Backward Links ' is unknown.
  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Cached Snapshot of Page ' is unknown.
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000  
Safe.   The entry E&xport to Microsoft Excel has been identified as safe.   If the entry 'E&xport to Microsoft Excel ' is not needed anymore, it should be fixed.
  O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Open Image in New Window ' is unknown.
  O8 - Extra context menu item: Related web pages - file://C:\Program Files\Yahoo!\Y!Q DemoBar\Cache\SelectedContextSearch.htm  
Nasty   The entry Related web pages has been identified as nasty.    
  O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm  
Safe.   The entry Send To &Bluetooth has been identified as safe.   If the entry 'Send To &Bluetooth ' is not needed anymore, it should be fixed.
  O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html  
Possibly nasty   Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed.   To be fixed if the entry 'Similar Pages ' is unknown.
  O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar2.dll/cmtrans.html  
Safe.   The entry Translate into English has been identified as safe.   If the entry 'Translate into English ' is not needed anymore, it should be fixed.
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll  
Safe.   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll  
Safe.   The entry Sun Java Console has been identified as safe.   If the entry 'Sun Java Console ' is not needed anymore, it should be fixed.
  O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll  
Safe.   The entry Create Mobile Favorite has been identified as safe.   If the entry 'Create Mobile Favorite ' is not needed anymore, it should be fixed.
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll  
Safe.   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll  
Safe.   The entry Create Mobile Favorite... has been identified as safe.   If the entry 'Create Mobile Favorite... ' is not needed anymore, it should be fixed.
  O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll  
Safe.   The entry Messenger has been identified as safe.   If the entry 'Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll  
Safe.   The entry Yahoo! Messenger has been identified as safe.   If the entry 'Yahoo! Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe  
Safe.   The entry AIM has been identified as safe.   If the entry 'AIM ' is not needed anymore, it should be fixed.
  O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm  
Safe.   The entry @btrez.dll, has been identified as safe.   If the entry '@btrez.dll,' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm  
Safe.   The entry @btrez.dll, has been identified as safe.   If the entry '@btrez.dll,' is not needed anymore, it should be fixed.
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe  
Safe.   The entry Messenger has been identified as safe.   If the entry 'Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe  
Safe.   The entry Windows Messenger has been identified as safe.   If the entry 'Windows Messenger ' is not needed anymore, it should be fixed.
  O9 - Extra button: @C:\Program Files\4Team Corporation\Fax4Outlook\Fax4IE.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll (HKCU)  
Possibly nasty   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry '@C:\Program FilesTeam Corporation\Fax4Outlook\Fax4IE.dll,' is unknown.
  O9 - Extra 'Tools' menuitem: Send Fax - {410C30C7-098A-4090-928E-F1D356D34C7F} - C:\WINDOWS\System32\shdocvw.dll (HKCU)  
Possibly nasty   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry 'Send Fax ' is unknown.
  O15 - Trusted Zone: *.windowsupdate.com  
Safe.   If you did not add these pages to your trusted pages, they should be fixed.    
  O16 - DPF: KCrypto for Applets - https://www.ros.ie/applets/kcrypto.cab   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {1DD81666-F3AD-11D3-BA86-00500487B4EC} (WonSearchX Control) - http://www.investors.com/member/ocx/WonSearchX.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall /xscan53.cab  
Safe.   This entry has been identified as safe.    
  O16 - DPF: {78267546-F2AC-11D2-A278-005004676C44} (WonList Control) - http://www.investors.com/member/ocx/WonList.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupdate2.exe   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab   
Safe.   This entry has been identified as safe.    
  O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} (Plotwon Control) - http://www.investors.com/member/ocx/plotwon.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {C96E4911-9087-44F2-908B-5AD05155560D} (WDSConfiguration Control) - http://wireless.vodafone.com.au/FCRoot/CAB/WDSConfiguration.cab   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O16 - DPF: {EE3CD402-69EB-4B53-819D-0CA2F95AD7DA} (PFMngr Control) - http://www.investors.com/member/ocx/PFMngr.ocx   
Possibly nasty   Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!   Check if you know this site and fix it if you do not.
  O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll  
Unknown      
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (Ati2evxx.exe) was identified as a good one.
  O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (ati2sgag.exe) was identified as a good one.
  O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (mgabg.exe) was identified as a good one.
  O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (HPZipm12.exe) was identified as a good one.
  O23 - Service: PurgeIE XP Service (PurgeIEservice) - Assistance & Resources for Computing, Inc. - C:\Program Files\PurgeIE\PurgeIE_Service.exe  
Unknown   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   Unknown service. (PurgeIE_Service.exe)
  O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (WinStylerThemeSvc.exe) was identified as a good one.
  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe  
Safe.   These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it.   This service (vsmon.exe) was identified as a good one.
0
 
Nirmal SharmaSolution ArchitectCommented:
So then did you fix ?
or you want me to do something for you :-)
0
 
paulmcmillanAuthor Commented:
At this stage I have done at least 2 reboots and everything appears to be fine.

Your help has been invaluable. Your patience is superb. Thank you so much for everything.

Regards
Paul
0
 
paulmcmillanAuthor Commented:
oh, one last thing. I could not finish SFC SCannow because for some reason my restore disks do not match what the program asks for. This suggests that there are many files missing and hence it would be advisable to get a copy of the XP disk from someone and run SFC Scannow?
0
 
Nirmal SharmaSolution ArchitectCommented:
>>>oh, one last thing. I could not finish SFC SCannow because for some reason my restore disks do not match what the program asks for. This suggests that there are many files missing and hence it would be advisable to get a copy of the XP disk from someone and run SFC Scannow?

Yes friend...this scan is necessary...you have to run this...
0
 
paulmcmillanAuthor Commented:
ok, thanks again.
0
 
Nirmal SharmaSolution ArchitectCommented:
So..did you solve the problem ?
0
 
paulmcmillanAuthor Commented:
Virus issues seem to be sorted out. But no to the SFC SCANNOW. I have to find someone who has the XP disk. Then all should be fine!!!! I'm off to bed, its almost 4 am where I am in Dublin, Ireland! See you Thanks Paul
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 23
  • 18
Tackle projects and never again get stuck behind a technical roadblock.
Join Now