Cannot run various programs

PC has: Windows XP Home SP1, IE 6, AOL 9.0 SE

Unable to view any https:// pages in IE or AOL. Can view http:// fine in IE or AOL.

Unable to run any Active X controls - settings are all default under Internet Options. Have also tried setting Internet Zone to low and also manually setting Active X to enabled. Uninstalled Flash

Uninstalled expired Norton AV 2004. Wanted to clean up using Norton Uninstall tool. Unable to run Norton Uninstall tool - error msg: "SymNRT: Invalid Signature. This file is unsigned so it won't run"

Removed several viruses (trojans) with current AVG and a lot of spyware (180Solutions, Gator, ISTbar, etc.) with current SpyBot.

Cannot install Windows XP Service Pack 2 - it unpacks everything, then ends with a pop-up that says "Setup Error: The system cannot find the file specified."

Cannot run SFC /scannow - After about 1 minute of no progress, the Windows File Checker window simply closes with no error message.

Cannot run WIndows Update or Online scans due to Active X failure.

I think one of the viruses altered the registry or the TCP/IP stack or Internet settings, but I can't figure out how to correct it. Any help would be appreciated.
Who is Participating?
rpggamergirlConnect With a Mentor Commented:
Yeah, a secure site is supposed to have https:// and has a padlock at the bottom page.

Anyway, these nasties showing in your log could be the culprit or part of it.
You have some bad entries in your log, not sure that all are showing, some could still be hiding.
You need to uninstall this toolbar if present in Add/remove:
"SafeGuard Protect PCShield"

and delete these files if still present:

Or use Killbox to delete them. Download Pocket Killbox.
*Select the "Delete on Reboot" option.
*Select "All Files"
*Copy the file names below to the clipboard by highlighting them and pressing Control-C:


*Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
*If the computer doesn't restart, just restart manually.

Then fix these entries in Hijackthis, while all browsers and other windows are closed:
O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - (no file)  
O2 - BHO: (no name) - {7AED1664-4CF6-3EFF-809A-F7DFE69D59D5} - C:\WINDOWS\Akakznhe.dll
O3 - Toolbar: Search - {CF1E70B2-6818-9488-DAC4-36F068F59828} - C:\WINDOWS\Akakznhe.dll
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg.dll"
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O23 - Service: sprio600 - Unknown owner - C:\WINDOWS\System32\sprio600.exe (file missing)

Download SUPERAntispyware:

Let us know how it goes.
Re-install Windows XP with a complete format. Too many issues to address one at a time.

Unless you've done a back-up which you can apply to your computer;  re-installing would be the best solution at this time.
HighTechGeekAuthor Commented:
I guess I feel that they are all related to a single issue and if we can figure it out, all the other problems will fall in line. Before re-installing do you have any suggestions that I might try?
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Check the links below for inability to access secure sites:

If it's not caused by the above, then maybe some nasties are causing it.
Can you show us a hijackthis log.
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

You can either upload the log to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: either these sites:
then at the bottom left corner click "paste"
Copy the address/url and post it here:
HighTechGeekAuthor Commented:
I thought all secure sites started with "https://", but the test sites that are referenced in the articles that you sent me to all begin with "http://" (eg.,, ). I can access them, but still can't access "https://" sites.

Also, the verisign SSL checker at  referenced in your second link says I am fine, yet all their sites also do not begin with "https://", so they work.

Here is the link to my hijackthis log:
(at least the log is relatively short)

O23 - Service: sprio600 - Unknown owner - C:\WINDOWS\System32\sprio600.exe (file missing)

Instead of fixing the above entry with Hijackthis, you could just use the command prompt to stop and delete that service.

Start > Run > type in


press Enter, and enter these commands pressing Enter after each one.
sc stop sprio600
sc delete sprio600

C:\WINDOWS\System32\sprio600.exe<-- also make sure that this file is really gone off your system, Hijackthis has a bug that says an 023 entry has "file missing" when in reality it is not, so make sure that's gone, probably hidden too and if you use "search" it won't find it unless you configure it to search for hidden files and folders.

SUPERAntispyware is a really good scanner so I hope you'll use that.
HighTechGeekAuthor Commented:
Well, so far it seems to be working. I eliminated the HiJackThis items you suggested, then I was able to get to https:// pages. Then I tried WindowsUpdate (which wasn't working) and it still failed, but it got further than before and it gave me an error message. Following some of the links from Microsoft regarding these errors, I was told to re-register a series of dlls. Some of the dlls were missing (3 of 8), but after registering the other 5 (using the regsvr32 command), WindowsUpdate proceeded to allow me to run Active X controls and upgrade the BITS and the Installer. I could then install WinXP Service Pack2 and IE7 which will hopefully restore any and all missing dlls. I think I am well on my way to recovery. I will see if I can run SFC and do a system check through the recovery console. Thanks rpggamergirl! I will try the superantispyware too! Hopefully, you will have your points by the end of the day!
Glad to know you can now access secure sites!
Well done on fixing the other problems too, hopefully everything will work out fine.

And oh, don't worry about points, you can reduce it if you like, since you did all the hardwork there fixing your problems, :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.