|
Author
|
Topic: system restore
|
Josh1
Administrator
|
posted October 11, 2006 02:17 PM
 
Yea you are right nothing in that log should affect system restore. Try some of these things http://support.microsoft.com/default.aspx?scid=kb;en-us;302796 http://www.kellys-korner.com/xp_restore.htm just to make sure run the virus scans http://www.avast.com/eng/avast-virus-cleaner.html
------------------
Forget not my law but let your heart keep my commandments Proverbs 3:1 Powered by Intelligent Computing Solutions.
------------------------
www.footslog.com For every problem, there is a solution. Please give what you can to the Hurricane relief http://www.microsoft.com/mscorp/citizenship/giving/relief.asp
IP: Logged |
dm567
Member
|
posted October 10, 2006 08:11 PM
Those are from an online reservation system. They are not maleware or viruses and I doubt they should affect the operation of system restore.The computer was used for reservations at a hotel before I closed it. dominic IP: Logged |
Josh1
Administrator
|
posted October 10, 2006 04:02 PM
Well I don't know what these are
O16 - DPF: NetRez ADU v5,0,0,18 -
O16 - DPF: NetRez ADU v5,0,0,26 -
O16 - DPF: NetRez ADU v5,0,0,27 - Have a look at this http://support.microsoft.com/default.aspx?scid=kb;en-us;304449 ------------------
Forget not my law but let your heart keep my commandments Proverbs 3:1 Powered by Intelligent Computing Solutions.
------------------------
www.footslog.com For every problem, there is a solution. Please give what you can to the Hurricane relief http://www.microsoft.com/mscorp/citizenship/giving/relief.asp
IP: Logged |
dm567
Member
|
posted October 10, 2006 02:48 PM
I don't have to manually disable system restore. Its always disabled and I cannot enable it. Here is the results of Hijack this:Logfile of HijackThis v1.99.1
Scan saved at 12:46:57 PM, on 10/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\DNTUS26.EXE
c:\shift4\NetApi\NetApiSvc.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\tlntsvr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\DOCUMENTS AND SETTINGS\DOMINIC\DESKTOP\PROCESSEXPLORERNT\PROCEXP.EXE
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Dominic\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NetworkStartup] net share IPC$ /delete /yes
O4 - HKLM\..\Run: [Secure1] net share c$ /delete /yes
O4 - HKLM\..\Run: [Secure2] net share d$ /delete /yes
O4 - HKLM\..\Run: [Secure3] net share ipc$ /delete /yes
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: NetRez ADU v5,0,0,18 -
O16 - DPF: NetRez ADU v5,0,0,26 -
O16 - DPF: NetRez ADU v5,0,0,27 -
O16 - DPF: NetRez Client Installer - https://wam4.netrez2.netrez.com/classes/anasazi/ClientInstall.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4866/mcfscan.cab
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
O23 - Service: DirectX 3D (Dx3d) - Unknown owner - DirectX\Dinput\d3dim.exe (file missing)
O23 - Service: Shift4 NetApi (frmNetApiService) - Shift4 Corporation - c:\shift4\NetApi\NetApiSvc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: MySQL - Unknown owner - C:\WINDOWS\system32\sqlclt.exe (file missing)
O23 - Service: RPC stream (RPCl) - Unknown owner - os2\dll\rcs.exe (file missing)
O23 - Service: Net Login User (r_server) - Unknown owner - C:\WINDOWS\system32\netlogon.com".exe (file missing) IP: Logged |
Josh1
Administrator
|
posted October 10, 2006 02:11 PM
Can you manually disable system restore? Run a hijack this scan, and post your log, and then tell us what the error message is with system restore.------------------
Forget not my law but let your heart keep my commandments Proverbs 3:1 Powered by Intelligent Computing Solutions.
------------------------
www.footslog.com For every problem, there is a solution. Please give what you can to the Hurricane relief http://www.microsoft.com/mscorp/citizenship/giving/relief.asp
IP: Logged |
dm567
Member
|
posted October 10, 2006 12:44 PM
System restore won't work. It gives an error message about the drives not responding when I try to turn it on.I have two scsi drives with raid. The screen says "system restore encountered an error trying to enble/disable one or more drives." Below that it says drive c is turned off in the status box. What is going on? I thought it was the virus but now the virus seems to be gone. IP: Logged |
Email This Page to Someone
Footslog's Web Boards
