1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: System Restore

Discussion in 'Windows XP' started by **__**, Feb 10, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    When I click on any date in System Restore to restore my computer to an earlier time, After the computer restarts I get a message saying that the restore was not successfull.

    How do I fix this Problem???????

    Win XP Pro.
     
  2. kiwiguy

    kiwiguy

    Joined:
    Aug 17, 2003
    Messages:
    17,584
    System restore files are partly sequential, so if one gets corrupt it can affect all.

    Turn off system restore, restart the PC and turn it back on.

    That purges all system restore points and starts fresh. You lose all that are in there, but as you cannot use them, it's not like they are useful anymore...
     
  3. mike5532g

    mike5532g

    Joined:
    Jun 11, 2004
    Messages:
    2,312
  4. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    How would It Get Corrupted?
     
  5. kiwiguy

    kiwiguy

    Joined:
    Aug 17, 2003
    Messages:
    17,584
    How long is a piece of string?
    Files are not immune to corruption, on any hard drive or other storage medium.

    Flakey HDD data bits, momentary power disturbances, software bugs, hardware bugs, .... and 1,235 other possibilities.
     
  6. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    Sometimes when I uncheck the box turn off system restore in My Computer I get a message saying that System Restore couldn't disable/enable the System Restore. Then it says to restart the computer.

    Why does the error sometimes appeare?
     
  7. mike5532g

    mike5532g

    Joined:
    Jun 11, 2004
    Messages:
    2,312
  8. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    The error message in post #6, only appearse when you disable the System restore, then the first time you enable System restore after the computer has restarted.

    But the second time when you disable then enable system restore, and you don't restart the computer, the error doesn't appeare.

    Why does the message appeare only on the first time, when you enable system restore after the computer has restarted?????
     
  9. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    The problem isn't appearing on the Built-in Administrator account nor the other accounts, so why is it happening on one of my Administrator accounts?
     
  10. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
  11. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    Maybe, should I post a Hi-Jack This log?????????????????????
     
  12. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    Hi-Jack This logg for Moderator. I'm not sure what to delete if anything is infected. Please do not remove any Yahoo or Smiley Central Bar. Thank You.

    Logfile of HijackThis v1.99.0
    Scan saved at 9:19:36 PM, on 13/02/2005
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\McAfee\McAfee Parental Controls\GUARDDOG.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee\McAfee Parental Controls\GUARDDOG.EXE
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\DllHost.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe
    C:\Program Files\Winamp\Winampa.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\MYWEBS~1\bar\9.bin\mwsoemon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\unzipped\hijackthis[1]\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/*http://rogers.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
    O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_20_0.dll
    O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\9.bin\MWSBAR.DLL
    O2 - BHO: IYBookmarkHO Class - {8B11A219-80C8-4B42-B558-B8C14D1AA8C4} - C:\Program Files\Yahoo!\browser\ybmho.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_20_0.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [Atari Launcher 2] C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe
    O4 - HKLM\..\Run: [AtariBanner] "C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Banner.exe" /0
    O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [RAMBooster.Net] C:\Program Files\RAMBooster.Net\RAMBooster.exe -m
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [EleFunAnimatedWallpaper] "C:\Program Files\EleFun Multimedia\Alpine Lake Wallpaper\Alpine Lake.exe" DO_NOT_START
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\9.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Update Manager] "C:\Program Files\Rogers\Update Manager\UpdateManager.exe" /background
    O4 - HKCU\..\Run: [RHSI SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
    O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\9.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
    O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\9.bin\MWSOEMON.EXE
    O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\9.bin\MWSOEMON.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZZ
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
    O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra button: Rogers Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dll
    O9 - Extra 'Tools' menuitem: Rogers &Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dll
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - https://sympreg.bell.ca/HSEOrder/systemCheck/MotivePreQual.cab
    O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: McAfee Parental Controls - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Parental Controls\GUARDDOG.EXE
    O23 - Service: Nt System Kernel - Unknown - C:\WINDOWS\System32\ntsyskrnl.exe (file missing)
    O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: TrueVector Internet Monitor - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
     
  13. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,223
    First Name:
    Derek
    I wish I knew

    It's a problem I am seeing frequently including on my computer.

    I haven't been able to track it down yet but suspect it is due to a recent M$ update probably the January ones as it started happening since then or perhaps it's due to the fact taht many antiviruses now scan inside and try to fix "infected" files in system restore, despite M$ recommendations that they don't and that corrupts the entire restore settings

    It is intermittant and annoying but no-one seems to have tracked down the cause yet

    I notice you still have an unpatched version of XP and you are very at risk with taht so make an URGENT visit to windows update and get all critical & security updtaes and service packs
     
  14. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,223
    First Name:
    Derek
    however you do have what appears to be an SDbot worm
    Download pocket killbox from Download pocket killbox from http://www.thespykiller.co.uk/files/killbox.exe & put it on the desktop where you can find it easily

    Reboot into safe mode by following instructions here: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406

    Run hijackthis, put a tick in the box beside these entries listed below and ONLY these entries, double check to make sure, then make sure all browser & email windows are closed and press fix checked

    O23 - Service: Nt System Kernel - Unknown - C:\WINDOWS\System32\ntsyskrnl.exe (file missing)

    now run killbox and paste The FIRST ONE of these lines into the box, select standard file delete then press the red X button,say yes to the prompt

    then continue to paste the lines in in turn and follow the above procedure every time, If it says file is missing, don't worry, if it says unable to delete then make a note of the file name and let us know when you reply

    C:\WINDOWS\System32\ntsyskrnl.exe

    Then on killbox top bar press tools and then empty temp files and follow those prompts and say yes to everything

    then reboot & post a fresh log
     
  15. **__**

    **__** Thread Starter

    Joined:
    May 23, 2004
    Messages:
    1,243
    One time I was restarting my PC and I got a messege saying that some file is missing. It happened somewhere arount when the Windows XP Loggo is supposed to appeare. Well, it told me to press enter to continue starting Windows. Windows restarted successfully. I tryed to recored the error message but I couldn't because the second time I restarted my computer, the error message didn't appeare and it doesn't anymore. Why doesn't the message appeare anymore if it did once. Is it probably the O23 - Service: Nt System Kernel - Unknown - C:\WINDOWS\System32\ntsyskrnl.exe (file missing) File that I got in the logg from Hi-Jack This????
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Solved System Restore
  1. conceptualclarit
    Replies:
    4
    Views:
    377
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/329053

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice