# Solved: Massive ME problems after Windows Update - HJT included



## Tony1966 (Jul 16, 2006)

(Posting this from my laptop).

Having finally got my desktop/laptop configured for networking I thought I'd concentrate on tidying one or two things up on the ME desktop this morning. I was already aware that I had an Eied_57_c_exe virus after running a full Norton scan (NIS 2005) but I think a seach located it to a Killbox directory, so I have a feeling I hadn't completed a process last time I ran Killbox.

I succesfully ran Ad-Aware SE and Spybot search and destroy. I thought I'd be very clever and run a Windows update, despite the fact that Microsoft no longer actively support ME, installing 27 "critical" and a couple of non-critical updates before rebooting the PC.

Since running the update and rebooting the system is shocking. To be more specific I can click on start menu and navigate to all the programs but nothing will open on a double click. None of the desktop items will open on a doubleclick, nor any of the icons stored in the bottom bar (whatever that's called).

IF I do a CTRL+ALT+DEL and end Quick Launch I'm then able to run some applicationsi but it soon freezes up again so though I was able to run a HJT as soon as I tried to save a log to copy into a shared file and post here it freezes again. I did manage to turn off NIS just to see if that had any effect. Also if it is at all relevant, ending quick launch removes NIS from the quick launch toolbar.

I've just about managed to save a HJT log laptop through repeated ending of quick launch - I am more than happy to clean up and get rid of any yahoo/games and unneccesary bits and pieces.

Any suggestions as to what to do next please.

----------- rant mode on -------------

Microsoft GRRRRRRRRRRRRRRRRRR *****

----------- rant mode off -------------

Logfile of HijackThis v1.99.1
Scan saved at 11:30:03, on 01/07/2007
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\SITECOM\C2SLOAD.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\PROGRAM FILES\SITECOM\IFR_SHARE.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\HPZIPM12.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\ADBLOCKING\NSMDTR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.co.uk/iesearch/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\WANADOO\WSBAR\WSBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Click2Share] C:\Program Files\Sitecom\C2SLoad.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\WANADOO\WSBAR\WSBAR.DLL/VSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O12 - Plugin for .interaction=printAndSave_pdf&DateString=1169757980724: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {2F824F9A-F14B-4847-83DE-616D7B589CD0} (Viair Address Book Importer) - https://email.vodafone.net/en_gb/pc/contacts/addrbook2.cab
O16 - DPF: {47CEF84E-92D8-4C4A-86D7-CB982889DCC0} (Oberon Media Network Optimizer) - http://mp1.mplay.oberon-media.com/client/flashnet.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potg_x.cab
O16 - DPF: Yahoo! Cribbage - http://download.games.yahoo.com/games/clients/y/it1_x.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab46704.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelper.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://fortunelounge.microgaming.com/generic/FlashAX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin9x/AvSniff.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab


----------



## Blue Zee (May 18, 2007)

It seems you have a broken EXE association:

http://filext.com/faq/broken_exe_association.php

Skip the WinXP part and scroll down to the Win98 topic.

Hopefully that should help you out.

Zee

P.S.: you *must* update IE to version 6SP1!!


----------



## Tony1966 (Jul 16, 2006)

Ooooooooooooooh - just had a quick read - It's all going to go horribly wrong   

Thanks very much for the response.

I'll do it step by step to the letter including back ups and let you know the results. I'll always mark a solved thread (or continue to pester on here until I get a resolution  ).

Once I can get some stability into the entire networked set up (and some more money !) I will be upgrading to a supported OS. I believe with all the money Microsoft make they should be made to support their systems for a minimum 20 years.


----------



## Tony1966 (Jul 16, 2006)

Just re-read your post and I intend to replace IE with Firefox on the ME system (was on my list of things to do today- unless you can think of any good reasons why not.)


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> Just re-read your post and I intend to replace IE with Firefox on the ME system (was on my list of things to do today- unless you can think of any good reasons why not.)


Regarding the EXE issue, just download the registry patch:

http://filext.com/Win98_EXE_Fix.reg

Right-click the link and select Save as.

After downloading double-click it, if it opens in Notepad, close Notepad, right-click the file and select Merge.

After successfully adding to registry, restart the PC and test.

See if that is enough.

Regarding Firefox, it is an excellent alternative to IE, safer, faster, and I'm posting with it.

My favorite browser.

But do upgrade IE, it's built into Windows and that alone is a good enough reason to do it.

And also... you can only access Windows Update with IE

Listening.

Zee


----------



## Tony1966 (Jul 16, 2006)

I'm glad you posted that because I'm struggling to try the not registry solutions - won't let me open My Computer/My docs either the long or short way, with or without killing quick launches. 

If this solutions freezes will it work just as well in safe mode ?


----------



## Tony1966 (Jul 16, 2006)

Oh and IE 6 update was one of those I ignored from Windows Update - do you think this is Microsoft's revenge


----------



## Blue Zee (May 18, 2007)

It should work in Safe Mode too but you must reboot to Normal Mode so that the new registry entries are applied.

I wouldn't say it's a revenge, just a way MS found to tell us (users) they are in charge.

And wait till you try Vista...:down: 

Zee


----------



## Tony1966 (Jul 16, 2006)

It appears to merged directly from the download - just rebooting now


----------



## Tony1966 (Jul 16, 2006)

Oops forgot to switch off Norton - so this could be fun !

I have Vista on the new laptop - I'm not a techie gury (clearly !) and my usage is limited to light office and surfing, with the odd webgame thrown in. I've learned a lesson from the desktop years ago. Playstations are for games PCs aren't !!!  

I'm going to try that again with Norton Disabled - and disabled on start up as well if I can find the right setting.


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> It appears to merged directly from the download - just rebooting now


Did you see a message similar to "successfully added to registry"?

Now think a little more... if that link was pointing to a malware file and you executed it without knowing what it was (OK, I know you trusted me, but...) you could now be facing a succumbing system, even it seems it was already.

That's why I posted "Right-click the link and select Save as".

Anyway still curious on the end result.

Zee


----------



## Tony1966 (Jul 16, 2006)

I trust all advice from senior members on here - it's worked enough times before  

I've just tried it your way with NIS disabled and set to manual start up only and received the message

just rebooting now so hang tight.


----------



## Tony1966 (Jul 16, 2006)

Waaaaaaaaaaaaaaah - still got the quick launch not responding issue - once I can get it to post a new log I'll post in here -


----------



## Tony1966 (Jul 16, 2006)

Bloody Norton - despite setting it to manual start up on Supervisor I have it defaulted to kids for start up account. Just reconfigured and will give it one more shot before posting HJT if it fails or big flags if it works


----------



## Tony1966 (Jul 16, 2006)

Nope !!!!

Norton is disabled correctly. I'm going to physically uninstall all the freeware virus/spyware progrs. Re-run the fix and reboot


----------



## Tony1966 (Jul 16, 2006)

Nope - I can't even get into control panel or right click to delete icons and use that route into add/remove programs.

Here's the latest HJT

Logfile of HijackThis v1.99.1
Scan saved at 14:59:55, on 01/07/2007
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\SITECOM\C2SLOAD.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\SITECOM\IFR_SHARE.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\HPZIPM12.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\AUPDATE.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\LUCOMSERVER_3_0.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.co.uk/iesearch/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\WANADOO\WSBAR\WSBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Click2Share] C:\Program Files\Sitecom\C2SLoad.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\WANADOO\WSBAR\WSBAR.DLL/VSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O12 - Plugin for .interaction=printAndSave_pdf&DateString=1169757980724: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {2F824F9A-F14B-4847-83DE-616D7B589CD0} (Viair Address Book Importer) - https://email.vodafone.net/en_gb/pc/contacts/addrbook2.cab
O16 - DPF: {47CEF84E-92D8-4C4A-86D7-CB982889DCC0} (Oberon Media Network Optimizer) - http://mp1.mplay.oberon-media.com/client/flashnet.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potg_x.cab
O16 - DPF: Yahoo! Cribbage - http://download.games.yahoo.com/games/clients/y/it1_x.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab46704.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelper.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://fortunelounge.microgaming.com/generic/FlashAX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin9x/AvSniff.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab

HELP !!!!!!!!!!!!!!!!!!!!!!!!!!

Norton is disabled. I'm more than happy to uninstall this and all the freebies apps if I can get into the remove program screen


----------



## Blue Zee (May 18, 2007)

Let's refresh the thread.

You start your PC and what happens exactly? Error messages, if any, post them here please.

Then what can you or can't you do.

Zee


Edit:

Don't run HJT from the desktop. Create its own folder and run it from there.


----------



## Tony1966 (Jul 16, 2006)

OK here's the latest and I think we've made some progress. I have disabled Norton and managed to uninstall all the other spyware protections etc through safe mode. I've also removed the quick launch desktop (though I'm pretty sure this doesn't achieve much). 

When I reboot in full mode I receive NO error messages apart from Active Desktop Recovery - if I click on Recover Active Desktop it just hangs but I can kill it by CTRL ALT DEL (Explorer Not Responding), but I won't be able to access anything unless I kill Explorer Not Responding again which brings me back to the Recover Active Desktop - if I ignore that I can I appear to be a able to open and operate a few apps simulteneously both from the start menu and desktop. I can open and pick up new emails in Outlook 2000 (it may be old but its never let me down with half a dozen POP/SMTP accounts !!). 

If I open IE it just freezes and I need to kill it in CTRL ALT DEL. However I have another football manager application which interfaces correctly. 

Some of the apps won't disappear from the screen though they're not on the programme options on CTRL ALT DEL - again if I kill explorer I get what I expect (i.e. a clean desktop page except for the restore my active desktop prompt). 

is another HJT any use ?


----------



## Tony1966 (Jul 16, 2006)

NOTE - I still cannot seem to get into things like Control Panel, my computer etc from either the start menu or desktop


----------



## Blue Zee (May 18, 2007)

Right-click an empty spot of your desktop and select Properties.

Click the Web tab in the Display Properties window and make sure that "Show Web content on my Active Desktop" is unchecked.

Click OK and restart the PC.

Tell me what happens now, please.

Have you tried System Restore to go back to a date when the PC was running OK?

HJT shows some entries I wouldn't run (microgaming, fortunelounge), but TSG rules don't allow me to comment much further and leave that for the security people to handle.

But I don't see anything particularly wrong that could be the source or the reason for your troubles.

Try disabling Active Desktop and see what happens next.

Zee

P.S.
If the above don't help, including System Restore, do you have a valid WinME CD and product key to reinstall if necessary?


----------



## Tony1966 (Jul 16, 2006)

Hmmmmmmm, I was rather hoping you weren't going to mention System Restore - not sure when it would go back to - is there a way I can check when the last system restore was. I've done clean re-installs a couple of times in the past so there must be a couple of restore points. (he says hopefully) - 

Rebooting now - update to follow


----------



## Tony1966 (Jul 16, 2006)

Still the same EXCEPT that those desktop applications I can access open much quicker (Word being the most obvious example). Can't access certain programs either from desktop or start menu. 

OK if we look at system restore options these are the questions I have

1) How can I tell when the last restore was (either way I'll go back to it !!!)

2) The only hardware I seem to remember adding is a replacement rewriteable CD/DVD - will I need a disc for this because I don't think I have one, or will it just recognise it from the restore. Will I need to check the make/model and update new drivers ? 

3) Should I leave all devices connected - printers etc

4) The desktop is connected via Ethernet and is networked via Router with the laptop. Will I need to rebuild all of this ?


----------



## Blue Zee (May 18, 2007)

To start SR directly, navigate to

C:\windows\system\restore\

Locate the file *rstrui.exe* and double click it.

This should launch SR, select *Restore my computer to an earlier date* and click Next.

It will open with a calendar in July, click on the left arrow to go back to June.

The days in *bold* will be restore points created by the system and you will probably have one just before those Windows Updates were installed.

Select that one and click Next.

Let it do its thing and reboot.

See if that works for you.

Zee


----------



## Tony1966 (Jul 16, 2006)

OK lets go !!!!!!!!!


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> Can't access certain programs either from desktop or start menu.


Could it be that the shortcuts are corrupted?

Right-click them select Properties and confirm they are correctly pointing to the applications.

Test also by creating a new shortcut for one of those applications that don't run now and see if the new one works.

Test also by navigating to the application folder and launching it by running the EXE file directly.

Still listening.

Zee


----------



## Tony1966 (Jul 16, 2006)

Gonna have to be in safe mode - cant access in full - is this OK - pls confirm


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> Gonna have to be in safe mode - cant access in full - is this OK - pls confirm


Why, you can't see it or it doesn't run?

If you can't see the file, try this:

Go to My Computer - Tools - Folder Options - View:
- Select "Show hidden files and folders", click Apply - OK

Try now.

And yes, you can run it in Safe Mode.

Zee


----------



## Tony1966 (Jul 16, 2006)

My Computer is one of the apps I can't run either from desktop or via Start - every derivative I can think of - find files or folders etc has the same issue (i.e. nothing happens) - they seem to be pointing correctly btw -note that they all work in safe mode - I'll try Start - Run- Explorer in full mode but I suspect the system restore in safe is going to be the only solution


----------



## Blue Zee (May 18, 2007)

Go for it in Safe Mode:

Start > Programs > Accessories > System Tools > System restore.

Zee


----------



## Tony1966 (Jul 16, 2006)

Yea - will do - even Start Run Explorer in full doesn't work - ok report to follow - after banging head against wall and another 400 ciggies !!!


----------



## Tony1966 (Jul 16, 2006)

This just gets worse and worse - In SAFE mode it won't let me go back to a restore date and time beyond 10.14am this morning - which is probably about the time I did the Windows update -

Oh God !!!!!! next idea ?


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> ... won't let me go back to a restore date and time beyond 10.14am this morning - which is probably about the time I did the Windows update -...


If that is true use it, hopefully it was created *just before the updates*.

Go for it, there is very little to lose at this point, and it may be the safe point you needed.

Zee


----------



## Tony1966 (Jul 16, 2006)

OK - managed to access this in live and currently running - when I got the new laptop last week I went through the process of burning all my important files from desktop before networking so worst case scenario here is a full reinstall of ME - report to follow


----------



## Blue Zee (May 18, 2007)

Waiting for that report.

Read your post "Yea Thanks Microsoft" at the windowsme.setup NG...

Curious on this: did you reboot the system when you were asked to or did you try to install everything in one go?

Zee


----------



## Tony1966 (Jul 16, 2006)

B******

It's after Windows Update - call me picky but the thought of creating a restore point before taking something from Microsofts own system never crossed my mind and I've just checked - I have no previous restore points - jeeeeeeeeeez I guess we're onto an OS reinstall as the system is as bad as already described.

I have a recovery disk - I've looked at the ME reinstall thread at the top of the page and I'm slightlly confused as to the exact link I should be using for instructions on a full reinstall (including pre-install preparations and recommendations) any thoughts ?


----------



## Tony1966 (Jul 16, 2006)

I might try the register merge thing again first just to see how we get on


----------



## Tony1966 (Jul 16, 2006)

Will be an hour or so before I report back - wife complaining about food - off to take away shortly


----------



## Blue Zee (May 18, 2007)

Did you reboot when asked to during the updates?

So you have a *Recovery CD* not a Windows ME CD, correct?

And that *Recovery CD* is specific to that system, right?

If the above is true you will lose everything in that PC as it will be restored to factory settings.

Just place the Recovery CD in the drive and restart the PC.

It should load to the recovery menu that varies according to supplier/manufacturer but should be self explanatory.

If it doesn't boot from the CD, press DEL at startup to enter Bios setup.

Make sure the boot order is CD-ROM first.

Zee


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> Will be an hour or so before I report back - wife complaining about food - off to take away shortly


Bon appétit!

Enjoy your meal and meanwhile forget WinME and MS.

Zee


----------



## Blue Zee (May 18, 2007)

And one other thing to try from the initial link I posted:

_"Sometimes the LNK association will come back when you fix the EXE association but sometimes it does not. If not, open the folder options as before: Open the File Types dialog from any Explorer window -- use My Documents or My Computer (Tools | Folder Options | File Types Tab). Scroll down to where .LNK would be in the alphabetical order and see if it's there (it should not be). As above, make a new association, name it LNK and in the association box select Shortcut. That should fix the LNK association."
_

You will probably need to try this in Safe Mode too.

Zee


----------



## Tony1966 (Jul 16, 2006)

Well thats interesting - if I access Folder options in Safe Mode I can add EXE and LNK and associate them as per suggestion but I can't see a restore button, the Apply button is greyed out so if I exit and go back in the changes I have added aren't saved - any bright ideas ?


----------



## Blue Zee (May 18, 2007)

You didn't answer one question, it's just me trying to understand why this happened: did you reboot when you were asked to during the updates, or just went for them all in one go, and reboot in the end?

I see you are being helped by Mike Maltby at that windowsme.setup NG.

If someone knows WinME inside out and vice-versa you found him.

My next step would be the restore disk, but before that follow-up the NG dialog with Mike.

I'll be reading hidden on the background shadows...
 

Zee


----------



## Tony1966 (Jul 16, 2006)

Oh dear - I have mistakenly associated EXE with the wrong thing - ie. in File Types having created the EXE and associated it with application I've clicked the open with button in error (meant to escape) and changed it to something else. 

Trouble is I can't open any apps on the machine at all now. as i've changed all the exe associations - so running any command with EXE isn't going to work. What a freaking disaster this is turning into


----------



## Tony1966 (Jul 16, 2006)

Thanks - I've seen your post in there too - that was borne out of pure frustration but if I've found someone as good as and as patient as you then I'm delighted


----------



## Tony1966 (Jul 16, 2006)

Would this be any good ? and if so how would I get it to work in the absence of a working browser ?

http://www.dougknox.com/xp/file_assoc.htm


----------



## Blue Zee (May 18, 2007)

Reapply the registry patch you downloaded earlier.

Those are for WinXP.

Zee


----------



## Tony1966 (Jul 16, 2006)

I'm unable to do anythin until I find some way of fixing the mistake I've made on EXE files.


----------



## Blue Zee (May 18, 2007)

What happens now exactly please, when you try starting in Normal Mode and in Safe Mode.


----------



## Tony1966 (Jul 16, 2006)

Normal mode freezes -

Safe mode is OK but in both applications because I have changed the EXE file association by mistake I cannot run any command or open any application with and EXE extension. I might be able to drop the registry file onto a shared network drive we have and try mergeing


----------



## Blue Zee (May 18, 2007)

Perhaps placing it on the Desktop and running it from there?


----------



## Blue Zee (May 18, 2007)

Can you navigate the system in Safe Mode?

If you can, rename REGEDIT.*EXE* to REGEDIT.*COM*

If you manage that, locate AUTOEXEC.BAT in the root directory C:\, right-click it select Edit.

Add this line:

C:\windows\regedit.com C:\*(fill in this space)*\Win98_EXE_Fix.reg

Fill the space so that it points to the exact location of that REG file.

Save the edited AUTOEXEC.BAT file and reboot.

See if that restores the EXE file association.

Zee


----------



## Tony1966 (Jul 16, 2006)

I've run the first fix but I still need to know what an EXE file should open with - preferably with the file extension eg C:\windows\nnnnnn

I need to change what EXE files open with and I can access the place to do it in SAFE mode


Right now I'll try your fix on the previous post


----------



## Blue Zee (May 18, 2007)

You can also try in safe Mode renaming REGEDIT.EXE to REGEDIT.COM.

Launch after renaming and try File > Import > point to Win98_EXE_Fix.reg you downloaded.

It should import the patch.

Restart and test.

If it works rename REGEDIT.COM back to EXE.

Zee


----------



## Tony1966 (Jul 16, 2006)

so the new line at the end of AUTOEXEC.BET looks exactly like this - ie with the space between com and C too ???

C:\windows\regedit.com C:\Shared\Win98_EXE_Fix.reg 

If so it doesn't appear to have worked however if you can point be to what EXE files should be opened with I will be able to change it in SAFE mode under 

Tools
Folder Options

If I click New - EXE - Advanced - Application then OK I can go onto a box that says Details for EXE extension CHANGE - quite appropriately I have set this by mistake to DUMMY  if I click other I can see my entire computer - somewhere there is the correct open with association for exe files.

Hopefully you've understood the garbled explanation


----------



## Tony1966 (Jul 16, 2006)

Can you also explain more clearly your instructions after the first line in post 53


Bollocks shall we just go for a restore ?????????


----------



## Blue Zee (May 18, 2007)

You managed to rename REGEDIT.*EXE* to REGEDIT.*COM*?

If you did locate the renamed file and double-click it.

It should launch the Registry Editor.

If it works (it should) go File > Import > navigate to C:\Shared\ and point it to Win98_EXE_Fix.reg and click Open.

The patch should be imported to the registry and problem solved upon reboot.

Test that.

Zee


----------



## Tony1966 (Jul 16, 2006)

I can rename it to Regedit.com but it is still an exe file and therefore I cannot do anything with it. 

The answer lies in the correct setting for an EXE file to open with - I;ve been trawling the web with no success


----------



## Tony1966 (Jul 16, 2006)

Thanks for your patience but I've decided to go for a full reinstall via the recovery CD - a bit drastic I know but given the time I've wasted already today (some of it self inflicted) it's the only way. All the important data is backed up and on a CD. 

I've done it before so it's not the end of the world. No doubt I'll end up with separate problems afterwards but we'll see

Thanks again - Recovery Disc already underway


----------



## Blue Zee (May 18, 2007)

Sorry a COM file is not an EXE file, if it doesn't run the rename was incorrect.

Try this:

Go to My Computer - Tools - Folder Options - View:
- DEselect or untick "Hide extensions for know file types", click Apply - OK

If you now locate REGEDIT.EXE (or now more probably REGEDIT.COM.EXE) rename it to REGEDIT.COM and try again launching it.

The association for EXE files is Application but I don't have any Win9x system today to tell you the exact settings.

I can do that tomorrow, bit maybe the above will help.

Zee


Edit:

Posted above without refreshing the page.
Good luck with your restore.


----------



## Blue Zee (May 18, 2007)

One more comment:

Sorry nothing worked out and no need to thank me, we tried and we prbably could keep on trying and end up at the same spot, a reinstall.

Too many times that is the easiest and fastest way out. 

Cheers,
:up: 

Zee


----------



## Tony1966 (Jul 16, 2006)

LOL - It'll be fine


----------



## aarhus2004 (Jan 10, 2004)

So what are we waiting for?

Why hasn't the scanreg /restore been tried? Or has it? 

Ben.


----------



## Tony1966 (Jul 16, 2006)

Looking good - most apps reinstalled - just the printer, LAN connection, network configuration and Norton to do now


----------



## Tony1966 (Jul 16, 2006)

aarhus2004 said:


> So what are we waiting for?
> 
> Why hasn't the scanreg /restore been tried? Or has it?
> 
> Ben.


Restore was tried *ahem* - there appears to have been a lack of restore dates. 

We may have found a fix if I hadn't gone playing around in error with EXE configurations - it's looking quite fast now after the reinstall thanks - that's OK Norton will slow it right down soon enough


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> ... and Norton to do now


Are you sure you want to reinstall Norton...??


Tremendous system hog.

There are free AV applications like AVG Free and Avast Home Edition.

But if you were happy with it, what can I say?

Zee


----------



## aarhus2004 (Jan 10, 2004)

Tony1966 said:


> Looking good - most apps reinstalled - just the printer, LAN connection, network configuration and *Norton* to do now


Tony, I see you are using your laptop

There are many, well several, MVPs who suggest that Norton and WinME do NOT belong together on a hard disk.

I would delay the installation of Norton pro tem.

Ben.

Edit: I wish I could type as fast as you can, Zee.


----------



## Blue Zee (May 18, 2007)

aarhus2004 said:


> ...There are many, well several, MVPs who suggest that Norton and WinME do NOT belong together on a hard disk...
> 
> Ben.


Probably the reason why there were no restore points to use.

Zee

Ben,
Nice to read we agree on that too.:up:


----------



## Tony1966 (Jul 16, 2006)

Perhaps the only reason is because I fully understand how to configure it properly and safely (i.e. not out of the box) - I have enough on my plate getting the new laptop configured the way I want it (that's running Mcafee    ). 

Long term plan is to convert desktop to XP and get one protection covering both. The trouble with Internet Security is everyone has their own opinions. For everyone that recommends one there are 3 that will say no way !

Before Norton I used to use Kerio Personal Firewall together with a few free Spy/Ad/Virus aps that. Pretty impressed with it. 

I know Norton slows me down but the desktop is predominantly intended for the kids - parental control in Norton works a treat.


----------



## Tony1966 (Jul 16, 2006)

I'm a list freak and everything I need to do gets written down on a list. Having just read your latest posts I'll install Norton for now but I've noted replacements down as a to do on the list.


----------



## Blue Zee (May 18, 2007)

Gotcha!

Edit: logging off... past midnight around here.
Hope everything runs smoothly from now on.
Cheers.

Zee


----------



## aarhus2004 (Jan 10, 2004)

Blue Zee said:


> Probably the reason why there were no restore points to use.
> 
> Zee
> 
> ...


Zee, I put two and two together recently, about Zee and Blue Zee, I grow slow in my ageing 

Here is what Noel Paton MVP had to say (in part) on the matter of Norton and WinME :

"Remove Norton - "Remove Norton?" I hear you say "Why should I do that, it's my protection!" - No it isn't!! It's one of the most damaging pieces of software known to users of Windows Millennium Edition. It WILL kill your system sooner or later, I promise you!! The biggest problem is that all Norton Software comes with LiveUpdate attached, and this utility at some stage is likely to prevent System Restore working properly. I routinely remove all traces I can find of Norton software on my clients' machines - replacing the necessary bits with more ME-friendly apps - and I've never had a complaint (yet!). To uninstall all things Norton, use the Add/Remove Programs wizard, and then follow up with the appropriate cleaning tools from this list, and/or follow the instructions here... "

Cheers, Zee.

Ben.


----------



## Tony1966 (Jul 16, 2006)

I like that Aarhus - I think I'll quote in when my wife asks me what the hell I'm wasting another day on the computer for  

1am here - 5 nights with less than 5 hours sleep - I gotta get the shuteye but thanks for your observations


----------



## aarhus2004 (Jan 10, 2004)

Tony1966 said:


> Restore was tried *ahem* - there appears to have been a lack of restore dates


Tony, I wasn't referring to a System Restore but a Registry Restore which is a separate thing.

WinME backs up the registry by default for the last five days. You can practice this:

Go to Start > Run. 
Type in scanreg /restore (note the space between g-/).
Press OK
Press Yes (on the notification window and see those dates.) Press Cancel to escape.

It is recommended that any of the dates be used EXCEPT the oldest (don't understand this - have ignored it on many occasions to no ill-effect but suggest if you ever use this feature you don't ignore - it just in case  .

Then there are the folders which can be looked at too.

If you un-hide in Folder Options > View tab 
All hidden files and folders (two un-checks needed and one dot moved - called bulleting)
And in Search>For Files and Folders enter rb0 and you will see the 5 .cab files containing the registry backups for the last five days

I actually prefer using this (scanreg /restore) rather than System Restore - for starters anyway.

Thought I would share that with you.

And children love to be trusted or trust to be loved!

Does a recovery disc just install WinME over itself? i.e. no formatting?

Good luck, Tony.:up:

Ben.


----------



## Blue Zee (May 18, 2007)

Ben,

That was probably my "blonde" moment of the day. 

We never tried the registry restore and it could certainly have worked.

And yes, it was our dialog in the NG and your link that led me to TSG. 

Zee


----------



## aarhus2004 (Jan 10, 2004)

Blue Zee said:


> And yes, it was our dialog in the NG and your link that led me to TSG. Zee


Hello Zee,

I actually didn't know that, although I recall giving the link to the particular thread just in case you were wondering what the heck I was getting at. That was a very lucky chance for TSG. Now all we need to do is get Mike M over here!

I wonder if you remember NG's "Koldbear", Zee? He was a lovely man. Graciousness itself with me and patience personified with a rank newbie. As he got older (and perhaps learned of his illness) he became a little grumpy.But he was posting until a couple of weeks before he died. All of us who were regulars there were pretty devastated. I searched for his final post. It was brief. "Chris! Buzz off" and, as a footnote, "Get the free ScanDefrag." This was Chris Quirke whose posts often raised the hackles in several MVPs. Chris is still posting and he gave me, a few days ago, this insight into the logic behind defragmentation. *Here*.
and quoted.

My question:

"I would like to know, and I will be specific, is it likely that the 
re-ordering of files on the hard disk, as occurs during the defrag process, 
will differ from one tool to another?"

*Chris Quirke's *response:

"Yes - or with the same tool, if different options are applied.

However...

MS Disk Defrag. and ScanDefrag

...are likely to work the same way, because (as I understand it)
ScanDefrag is just a wrapper for the same MS defrag.

Up until Win98, the defrag logic was pretty simple:
- files split into multiple scattered pieces are Bad
- all files should be close to the start of the volume

With Win98, a new logic (credited to Intel) was added:
- commonly-used code should come first
- if that breaks up large files with only parts commonly used, OK

A tool that applies the first logic, will consider a volume
"defragged" using the second logic to be badly fragmented. This issue
caused a lot of "defrag wars", i.e. very slow and protracted
defragging sessions, when uses would alternate between logics, e.g.
use a pre-98-logic version of Norton Speed Disk one day, and Win98's
native defragger the next. In addition, you could disable Win98's new
defrag logic and have it operate like the old days.

That issue is most likely to cause significant differences, but
there's more "detail" too. In the DOS era, some tools let you select
and order "favorite" directories to be moved to the front of the
volume, while other options were to place all dirs before files, order
directory entries in different ways, only strive to defrag free space.
etc. There's a school of thought that leaving some "loose" space for
temp work is a good idea, else you force heads to travcel from FAT and
first-installed OS code to the other end of the file mass to create
temp files or grow swap space and registry hives.

The other issue that is particular to the new logic, is on what basis
files (or parts thereof) will be considered to be "commonly used".
This is normally derived from usage information that is gathered by an
underfootware process (i.e. is active all the time, not just when
defragging). Win98's defragger stores this in AppLog; other
defraggers may use this or run their own usage tracking service.

'My experience seems to suggest that these two tools do not, in fact, agree 
on the optimum placement of files. Does it matter? Am I correct in thinking 
that one should be used only (no matter which) and consistently so?'

It may not matter much - if anything, ScanDefrag would prolly be the
one to "believe". Differences may also arise with the same tool, as
the AppLog data changes with time.

For example, you defrag, install MS Office, and defrag again. At this
point. none of the MS Office code has been run, so it's not in the
AppLog, and doesn't get special treatment; most likely it will be
"optimized" as non-fragmented files on the far side of the file mass,
just before an (ideally?) unbroken strech of free space.

Then you defrag again, a day after heavy use of MS Office. If some
parts of some files have been tracked as often used, then these
fragments will be located nearer the front of the volume for speed.

What ScanDefrag does, is ensure there's as few files locked by being
"in use" as possible, so that they can be moved by defrag, and so that
writes to the file system do not restart either Scandisk or Defrag
from the beginning again (the main problem it was designed to fix).

The problem arises because (quite properly) neither Scandisk nor
Defrag will continue if the file system contents have been changed,
for fear of corrupting data. I know that XP doesn't seem to have this
problem, presumably because it uses a finer-grained way to tell
whether a file system write will invalidate the programs' assumptions."

He is a very interesting thinker. My thanks to him.

If apologies are necessary, I make them, for tagging this post on the end of a great thread - to you, Zee, and to Tony.

Cheers.

Ben.


----------



## Blue Zee (May 18, 2007)

aarhus2004 said:


> Hello Zee,
> 
> I actually didn't know that, although I recall giving the link to the particular thread just in case you were wondering what the heck I was getting at. That was a very lucky chance for TSG. Now all we need to do is get Mike M over here!


That "lucky chance for TSG" is a bit excessive. I just enjoy sharing my experience with Win9x systems and the thank you notes do make feel great, even when so many times we fail and the only way out is a reinstall.

Unfortunately Mike doesn't "do" forums.

See his comments here when Tony posted about his problems (on this thread).
http://www.microsoft.com/communitie...c0f0-47de-9c5d-7de64377b9b6&lang=en&cr=us&p=1

As soon as I pointed him here, he was gone.

I'm now quite used to his "moods", too many times a bit harsh, but he really knows WinME.



aarhus2004 said:


> I wonder if you remember NG's "Koldbear", Zee? He was a lovely man. Graciousness itself with me and patience personified with a rank newbie. As he got older (and perhaps learned of his illness) he became a little grumpy.But he was posting until a couple of weeks before he died. All of us who were regulars there were pretty devastated. I searched for his final post. It was brief. "Use ScanDefrag" and, as a footnote, "Bugger off Chris" This was Chris Quirke whose posts often raised the hackles in several MVPs. Chris is still posting and he gave me, a few days ago, this insight into the logic behind defragmentation.


Remember both of them quite well and no doubt "Koldbear" was someone really really special.

Chris is no ignorant, we both know that, and even if some MVPs tried to claim that, they were surely reacting to his provocations.

You posted a proof of what we mean.



aarhus2004 said:


> If apologies are necessary, I make them, for tagging this post on the end of a great thread - to you, Zee, and to Tony.
> 
> Cheers.
> 
> Ben.


I don't think apologies are necessary, but will let Tony comment on that.

I'm sure he agrees with me.

Cheers,

Zee


----------



## Tony1966 (Jul 16, 2006)

As far as I can tell (and remember I'm no expert) the Recovery Disk I have restores the system to the way it was provided and packaged from the factory. The process itself didn't take a great deal of time (I'd already backed up and burnt all important stuff I had onto a CD/R (now copied onto the laptop for double security) and I didn't perform any pre-recovery clean-ups.

I've done the recovery process before so all the *important* software discs were in one place, and a logical order. The advice (and patience) I've received from TSG was invaluable particularly on the restore/printer issues I was having.

Now that I'm finally working (and networking) properly I've secured the network in line with recommendations from another TSG thread I raised earlier.

The desktop is beautifully fast but I'm limiting usage until I've configured firewalls/virus protection etc. I'm convinced that Ad-Aware SE was causing the EXE/LNK problems I had in the first place - there's plenty of discussion on the www on this issue, so I'm discounting that in the new set up. Before finally abandoning installing Norton on the desktop I'm now searching the web to see whether anyone has resolved the issues it creates with Windows restore. All avenues so far point to "avoid Norton like the plague"  

As to your friend in Microsoft forums I think I'll send him a PM through there. Maybe he took exception to the style of the thread - I had two choices - kick the Cat or whinge publicly . If he is a ME whizz it won't pay to be on the wrong side of him (if TSG happens to be down  )


----------



## Blue Zee (May 18, 2007)

Tony1966 said:


> ...If he is a ME whizz it won't pay to be on the wrong side of him (if TSG happens to be down )


That was funny.

He is surely the best around for WinME, and do post there.

Just don't expect too much of a reply, I'm sure he will read it but will not comment.

But knowing him, he'll probably just prove me wrong (again!)... 

Zee


----------



## aarhus2004 (Jan 10, 2004)

Tony, Thanks for the "how you do it" re the Recovery Disc. Of course it raises questions as to how, precisely, you do do it but I guess I had better explore those via Google. I am very glad you are up and running. WinME has 'done me proud' but I enjoy maintenance and that, I believe, is the key to its smooth running. The thread I started in Tips and Tricks has some useful stuff to offer - when I do my version of recovery I refer to it!

Zee, your modesty is commendable but the fact is you post in a manner which points to care and know-how. And your post style sets a fine example. I come across Mike in several other forums and, as the traffic in NGs has fallen off, that is to be expected.

Regards to you both.

Ben.


----------



## Blue Zee (May 18, 2007)

Blue Zee said:


> But knowing him, he'll probably just prove me wrong (again!)...
> 
> Zee


Didn't I tell you...??


----------

