Windows Legacy OS forum

General discussion

No System Restore

by raysavage / October 24, 2005 7:11 AM PDT

I am running win-xp-he-sp2 os. When I try to use System Restore, I get a blank page. What is my problem?

Thanks,
Ray Savage

Discussion is locked
You are posting a reply to: No System Restore
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: No System Restore
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
One repeating cure...
by R. Proffitt Forum moderator / October 24, 2005 7:18 AM PDT
In reply to: No System Restore

Press Start, Run and paste in the following.


rundll32.exe advpack.dll,LaunchINFSection C:\Windows\Inf\sr.inf

But let me note this is usually worm, virus or spyware damage. Be prepared for more trouble.

Collapse -
Problem still there
by raysavage / October 25, 2005 6:36 AM PDT
In reply to: No System Restore

Bob:

Thanks for your reply. I tried your suggestion, but problem is still there. Ran virus scan and Spyware Blaster - nothing found. Any other suggestions?

Thanks,
Ray Savage

Collapse -
2 more.
by R. Proffitt Forum moderator / October 25, 2005 6:39 AM PDT
In reply to: Problem still there
Collapse -
Ref: 2 more
by raysavage / October 26, 2005 2:54 AM PDT
In reply to: 2 more.

Bob:

Thanks for your reply. Ran SFC /SCANNOW. No missing files reported. Installed EWIDO and ran scans. Found 5 objects (Adware, Spyware, and Trojans - Quaranteened. Windows Update stills works - just installed latest update. System Restore still not working. What next?

Ray

Collapse -
Did you turn it off and back on?
by R. Proffitt Forum moderator / October 26, 2005 3:09 AM PDT
In reply to: Ref: 2 more

I may have missed this step.

Bob

Collapse -
Ref: Missed Step
by raysavage / October 26, 2005 6:12 AM PDT

Bob:

Did completely shut down and reboot.

Ray

Collapse -
A claimed cure.
by R. Proffitt Forum moderator / October 26, 2005 3:29 AM PDT
In reply to: Ref: 2 more
Collapse -
Ref: Claimed Cure
by raysavage / October 26, 2005 10:32 AM PDT
In reply to: A claimed cure.

Bob:

Sounds like I'm not alone with this problem. Tried suggestions from the link you provided. Although a couple more suspect files were found, and the suggestions from the link were tried, sadly to say my problem still exists. Any other suggestions short of a reinstall?

Thanks,
Ray

Collapse -
Sorry, but it looks like it dinged it good.
by R. Proffitt Forum moderator / October 26, 2005 11:29 AM PDT
In reply to: Ref: Claimed Cure
Collapse -
PS. Post or send me your HIJACKTHIS log.
by R. Proffitt Forum moderator / October 26, 2005 11:29 AM PDT

Maybe I'll spot something.

Collapse -
Ref: PS
by raysavage / October 28, 2005 2:53 PM PDT
In reply to: Ref: 2 more

Bob:

Thanks for your reply. I deleted everytinng in the System Volume Information folder; no improvement.
I discovered something else which may be revelant to the problem. I accidently selected "System Information" and got the a blank page - just like System Restore. When I closed the "Blank Page", I got the following error message:

"An error has occorred in the script on this page."

Line: 60

Char: 3

Error: Object Required

Code: 0

URL: hcp://System/sysinfo/msinfo.htm

"Do you want to continue running scripts on this page?"

I don't get any message when I close the System Restore "Blank Page".


Here's my HijackThis Log:


Logfile of HijackThis v1.99.0
Scan saved at 8:55:48 PM, on 10/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE
C:\Program Files\FirstCap\CapHk.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\PTFB.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
E:\sysdir\Temp\Temporary Directory 1 for Browser hijack this.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ctc.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\system32\HDBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: HTML Quick Edit - {C420F40F-9AD0-4EC5-BF71-01B8384CD66C} - C:\Program Files\HTML Quick Edit Bar\HTMLQuickEditBar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MailWasher] C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE
O4 - HKCU\..\Run: [FirstCap] C:\Program Files\FirstCap\CapHk.exe C:\Program Files\FirstCap
O4 - Startup: PTFB.lnk = C:\Program Files\PTFB.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127335605859
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Best regards,
Ray

Collapse -
No System Restore
by otoe1 / October 30, 2005 6:11 AM PST
In reply to: No System Restore
http://support.microsoft.com/default.aspx?kbid=302796

Have a look here, as well as the other links toward the bottom of the page.

In my dealings with 'sys restore', adaware and all that other stuff has no affect on your particular problem, but it never hurts to do a good cleaning as you have done.

Good luck.
Collapse -
Ref: Reply from otoe1
by raysavage / October 30, 2005 11:42 AM PST
In reply to: No System Restore

otoe1:

Thanks for your reply. I checked the ''srservice'' in my ''Event Viewer'' and found the following error message:

Event
Date: 10/18/2005 Source: SRService
Time: 9:43:32AM Category: None
Type: Information EventlD: 107
User: N/A
Computer: RSCC

Description:
The System Restore service has been suspended because there is not enough disk space available on the drive \\?\volume(eO2d090a~3744-11d8-ae97-806d61726S6f)\. System Restore will automabcalty resume service once at least 200 MB of free disk space is available on the system drive.

I don't understand this. My drive has two 150gb partitions, both of which have more than 90% Free Space. What is the problem?

Thanks,
Ray

Collapse -
another look
by otoe1 / October 30, 2005 6:35 PM PST
In reply to: Ref: Reply from otoe1
Collapse -
RFef: Another Look
by raysavage / October 31, 2005 11:55 PM PST
In reply to: another look

otoe1:

Thanks for your reply and suggestions. Unfortunately, they still didn't solve the problem. I'm just about ready to do a clean restore of the OS, although I hate to adfmit defeat.

Best regards,
Ray

Collapse -
Any chance of a HJT log?
by R. Proffitt Forum moderator / November 1, 2005 1:08 AM PST
In reply to: RFef: Another Look

It sometimes shows something.

Collapse -
Ref: Any chance....
by raysavage / November 3, 2005 10:03 AM PST

Bob:

Take a look at this:

Ray
*************************************************
HJT Log
Logfile of HijackThis v1.99.0
Scan saved at 8:55:48 PM, on 10/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE
C:\Program Files\FirstCap\CapHk.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\PTFB.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
E:\sysdir\Temp\Temporary Directory 1 for Browser hijack this.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ctc.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\system32\HDBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: HTML Quick Edit - {C420F40F-9AD0-4EC5-BF71-01B8384CD66C} - C:\Program Files\HTML Quick Edit Bar\HTMLQuickEditBar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MailWasher] C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE
O4 - HKCU\..\Run: [FirstCap] C:\Program Files\FirstCap\CapHk.exe C:\Program Files\FirstCap
O4 - Startup: PTFB.lnk = C:\Program Files\PTFB.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127335605859
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Collapse -
I'd clean that up a little.
by R. Proffitt Forum moderator / November 3, 2005 11:33 AM PST
In reply to: Ref: Any chance....
http://www.hijackthis.de/index.php?langselect=english and any "no file" entry should be removed.

Research the others.

The InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe entry is an oddball. What do you think it's for?

Bob
Collapse -
IDriverT.exe
by pearljamkornfan / November 3, 2005 2:48 PM PST

It appears that info on this process can be found at:
http://www.liutilities.com/products/wintaskspro/processlibrary/IDriverT/

Likely tough, it is a spoof copy that runs on startup to fool the user into thinking that it's a legit process. It maybe spyware, adware, etc, I'd be wary. Also, someone else is having some nasty problems with the same thing:

http://www.broadbandreports.com/forum/remark,14700432

A quick google search can provide a wealth of info on just about every thing in your log, but here, I'll let the pros and/or computer user decide what to do with it. Personally, I'd kill it (if possible) due to my obsessive compulsiveness and need to have as clean of a computer as necessary. Usually, you can do this by booting into safe mode and search for it in the registry. I searched my registry and all 4 of my hard drives for idrivert and nothing came up. I even included hidden and system folders, and archives.

Good luck

Collapse -
Ref: IDRIVERT.exe
by raysavage / November 6, 2005 10:54 AM PST
In reply to: IDriverT.exe

Thanks for you suggestions!

Best Regards,
Ray

Collapse -
Ref: I'd Clean That Up a Little
by raysavage / November 6, 2005 10:51 AM PST

Bob:

Thanks for the suggestion. Had log file analyzed, and found a few possible problem areas. The following was one that the program specified needed to be fixed, but didn't say how. Can you help?

Thanks,
Ray

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
Nasty Entries found in this registry zone are potentially nasty. This application ([9394EDE7-C8B5-483E-8773-474BF36AF6E4] - Result: 9394EDE7-C8B5-483E-8773-474BF36AF6E4) has been checked. Hit rate: 99 %
Must be fixed!

Collapse -
Ref: Have you tried....
by raysavage / November 7, 2005 10:31 AM PST

Thanks for your suggestion. I found an error message in the Computer Management System Log for SR, but haven't been able to determine exactly what it means. Did Google search, but suggestions didn't help.

Here's the Error Message- Maybe you can shed some light on it!

Ray


The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '_filelst.cfg' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

Collapse -
Try the reply at ...
by R. Proffitt Forum moderator / November 7, 2005 11:11 AM PST
Collapse -
Ref: Try this...
by raysavage / November 8, 2005 5:33 AM PST
In reply to: Try the reply at ...

Bob:

Thanks for the info. I made the registry change suggested. The procedure instructed to "reinstall System Restore". I have not been able to find how this is done. Could you help? A side note - I noted that system restore points are being created in the System Volume Information folder; they are just not being displayed in the System Restore page.

Thanks,
Ray

Collapse -
Your choice.
by R. Proffitt Forum moderator / November 6, 2005 8:00 PM PST

If you don't use MSN, then you can use hijackthis to remove the entry and then you can delete the file. Again, I can do that since I don't use MSN applications.

Bob

Collapse -
Ref: Your Choice
by raysavage / November 7, 2005 5:16 AM PST
In reply to: Your choice.

Bob:

Thanks for your response. Since I don't use MSN either, that makes it simple for me too!

Best regards,
Ray

Collapse -
That's called SR.INF.
by R. Proffitt Forum moderator / November 8, 2005 5:42 AM PST
In reply to: No System Restore
Collapse -
Ref: That's called....
by raysavage / November 8, 2005 10:59 AM PST
In reply to: That's called SR.INF.

Bob:

Thanks for your help. I reinstalled SR; however, it didn't solve the problem.

Best regards,
Ray

Collapse -
Ref: That's Called......
by raysavage / November 11, 2005 5:37 AM PST
In reply to: That's called SR.INF.

Bob:

Thought I would update you regarding my problem. I deceided to ''bite the bullet'' and reinstall XP. I first tried a Repair reinstall, which was unsatisfactory. Then I deceided to reinstall xp in a different directory (keeping the original in tact). This worked great! I was able easily to copy items (desktop icons, shortcuts,etc) from my old profile to the new. I had all my hardware drivers backedup on my other hd, so hardware reinstallation was a snap! Reinstallation of programs went smoothly thanks to data backup. I edited my boot.ini for the new xp location, saving the old file as ''bootini.txt''.

My System Restore worked fine after the reinstall, but I really won't need it now. As a ''bonus'' from the reinstall, I was able to reinstall my ''GoBack'' program. A few months ago, this program would not reinstall after I had made a partition adjustment with PM 8.0; the program wouldn't reinstall because it could not determine the ''Boot drive''. This one thing made the whole reinstall worth while - Goback had been one of the best utilities I had ever used; it's really ironic how I finally got it back!

Thanks so much for all the suggestion and help with my XP System Restore problem. The only regret is that I didn't get the problem solved through our troubleshooting.But if I had, I wouldn't have my ''GoBack''. So I can say that failure was ''a blessing in disguise''! Thanks again to you and all the others who offed assistance with the problem.

Best regards,
Ray

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?