| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 105128 | 2009-11-20 02:33:00 | error 2 message | kap (15450) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 831876 | 2009-11-20 02:33:00 | I am wanting to reload windows on my compaq presario desktop. the pc is going quite well but it has a few problems at times when I go into the system recoverey and press f10 I get a message saying cannot find log file retore error2:c|minint\system32\restore log missing.I can still use the system retore but can only go back about 3 weeks and this has not solved the issue. I had run a cleaner programme after I got the error message the cleaner said it found 3 trogans I have deleted them and rebooted but still get the error message. any suggestions.I have phoned compaq they said they would talk me through it on the phone for a fee I dont mind that if it resolves the problem but it may not.. any suggestions. thanks |
kap (15450) | ||
| 831877 | 2009-11-20 04:00:00 | I forgot to mention its running windows xp home edition | kap (15450) | ||
| 831878 | 2009-11-20 04:08:00 | It sounds like youre getting confused between system restore in windows, and doing a restore (by pressing F10 or whatever key), before you get into windows. To reinstall windows. That 3 weeks youre talking about, sounds like the system restore option in windows. Since, the other restore option (to reinstall windows), doesnt have an option to go back so far has it?? Sounds odd, if it does |
Speedy Gonzales (78) | ||
| 831879 | 2009-11-20 04:19:00 | i was talking about the system restore in system tools it will only go back 3 weeks. when i try to reload windows i get the error message and cant move past that point. thanks | kap (15450) | ||
| 831880 | 2009-11-20 04:25:00 | If it can boot into safe mode / networking, press F8 to go into it. Then get hijackthis below, install it run it. Click on scan the system, and save a log. Copy and paste the log here. We'll see if there's anything else in it, thats nasty. Or if you've got another working system (probably the one youre on, if its a desktop), connect that hdd to it, see if there's ISO's on it (on the restore partition). If there is, burn them | Speedy Gonzales (78) | ||
| 831881 | 2009-11-20 05:56:00 | this is what the scan in Hijack this revealed.I ran the trogan remover and it didnt find anything Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:45:42 PM, on 20/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\ClamWin\bin\ClamTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ie.redirect.hp.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ie.redirect.hp.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\s wg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - www.myheritage.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com O16 - DPF: {8C2D1BF0-5364-403C-9968-E6E348C6B4FB} (VBIRDPlayer.Player) - www.iradiopop.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 7635 bytes |
kap (15450) | ||
| 831882 | 2009-11-20 06:26:00 | Doesnt look too bad, you can tick these entries then tick fix checked Uninstall askbar O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" I would use a better AV program O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe |
Speedy Gonzales (78) | ||
| 831883 | 2009-11-20 23:08:00 | Thanks I have deleted the highlighted files,the pc seems to run faster when opening the browser but I still get the error 2 message when I try to do a system recover. thanks for your suggestions and time. | kap (15450) | ||
| 1 | |||||