...still problems

Hi,

trying to repair my wife's PC. XP pro SP2. She apparently caught a nasty maybe 1 week or 2 ago, but since she could use the machine like normal, she didn't complain (mainly OE email + Word + FF browser). I only found out accidentally. Immediate action taken was
+ changing from AVG which seemed to react feebly to
+ Avira Antivirus (free)
Avira caught some stuff, I believe mainly WinAntiSpyware/WinAntiVirus 2006. I did run SuperAntiSpyware too - before I found your place here. Wehen I did, I followed the directions you give on these pages in detail, but I'm still having problems :
* opening the networc-connection dialog works, but normally I can't change a thing there; menues don't work, so I can only close it - which takes minutes.
* often the windows firewall can't be toggled: There's an error popping up telling me the settings can't be shown due to ... ?
* recently I notice that I can't access the CD drive. Green light blinking, but filemanager can't read. It's not shown in the disk management window too.

I'm attaching the logs I gathered.
TVMIA Tilman

 

Hi,

I've done what you suggested,

- replaced java with current version
- ran sfc successfully (at least no error)
- ran C:\MGtools\GetLogs.bat

I'm attaching the required files.

There are still the same problems that I had before (and may be more?):
1. windows firewall gets shut down shortly after bootup, but
2. returns again (ON) after some time. In between I cannot change it's state, not even look at it
3. networkconnections dialog: behaves strangely, takes long time to open or close; can't change a thing, can't show properties etc. and menues on this dialog are there but dead (don't open)

Found under events repeatedly:
Under 'System':
* Error with ....
Ereignisquelle: DCOM
Ereigniskennung: 10010
Datum: 23.5.2009
Zeit: 14:34:41
Benutzer: NT-AUTORITÄT\SYSTEM
Computer: ANDREA-0309
description:
Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
(= server {nnnnnnn ... }couldn't get registered with DCOM within the given interval (my translation))

Under Applications:
* Error 1802 with windows security center: WMI query couldn't be established, necessary for checking 3rd-party firewalls and Antivirus programs (...or similar)

* error 1090 - trying to connect with WMI ... failed.
occured several times on several days.

The CD problem I did report initially was a loose cable only, it's solved!

In general things are much better than before I started running any antimalware progs, machine not so sluggish anymore.

Thanks for your great help!
tibra

 

running sfc /scannow was uneventful, it asked for the CD alright, and finished after quite some time - the CD got accessed pretty often if I judge this from the drive's LED, several times I was asked to repeat or cancel the search for a file. So I would guess that there were lots of files SFC considerd worth of replacing (if I translate correctly what I saw).

As to filesizes with my German version - what could I possibly do to check these?

Otherwise, I *believe* that the firewall has been cured, seems I can always access and toggle it.

My wife btw complained about starnge (unusual ?) behaviour of the updated java jre component, but couldn't tell me WHAT she thought it was. I'll look into this later, if she can tell me about more detailed observations.

Is there any way to set up the network connections from scratch? Maybe removing it from system control panel - hardware and let windows detect it at reboot might help.

Otherwise - I'm starting to ponder the idea of setting things up from scratch ... unless any of you does offer something else.

Thanks
tibra
P.S.: My own PC is acting up meanwhile too, lost internet connectivity, AV program switched off, seem broken, and sunbelt firewall too. We both are sitting behind the same router, btw. I wonder whether there's a connection. Will check the USB stick for malware, which I used to transfer files all these days. ;-(

 

Hi,

Problem is, the original XP SP2 CD is the only one I have. I'm using this one, and AFAIK it never asked for anything else. This wasn't the first time that I've used sfc BTW (on other PCs though), and from that experience at least everything 'looked' fine.

It didn't ask for "the correct disk", but complained it was unable to read the file (or similar). Something like "repeat or cancel" prompts. They IMHO were due to actual reading problems, and clicking on "repeat..." always immediately made the process continue. Was different when I ran it the 1st time with the CD drive still defunct, there I had to CANCEL the request each time it asked for a file from CD.
I could however try and run sfc a second time ... I guess it wouldn't hurt?

The problems this machine shows are pretty much the same as the were when I saw them the 1st time:
- Win firewall is stopped (OFF) after bootup
- comes back to life after some time (could be a service that tries to start, restarts, and finally succeeds?)
- I've looked more closely at the Win Firewall settings: The 3rd tab there says that "the network connections (?) have been corrupted...", and I should reset it to previous settings. Should I do this?

I wonder whether I should maybe get e.g. ZoneAlarm and see whether it might work more reliable? The Win XP firewall not working certainly is an indication of something broken.

- I can open the network connection, but I can't change a thing, like for instance deactivate/activate, open a menu or the context menu. It sit's there, is active and runs just fine.

I'll attach the new log from MGtools.
There was btw an error with "process.dll", which said it couldn't get started, just before MGtools finished.

Thanks for bearing with me

tibra

 

Hi,

I'm going to repeat sfc /scannow later today - I cannot work with this machine every time I want to, and mostly in the night, so things are going a bit sluggish...

I've run the reset.cmd file in order to reset registry and file permissions. I did follow directions by the letter and it worked without any errors. But did not change the behavior of the network connection dialog ;-(

As to the error with MGMtools I experienced, yes, it was the one you mention:
Process DLL.EXE - Application Error The application failed to initialize properly (0xc0000135) Click on any key to terminate.

I'll put installing the .Net Framework on my ToDo list as well.

Did reset the firewall as discussed, sofar nothing seems to have changed.

The reason for using the Windows FW on this machine is that other brands aren't that easy to configure, and my wife isn't really good with system software. I know, it's a uni-directional FW, but thought it would be good enough to keep that PC safe, with the router hardware firewall adding some more protection. But I will look into this later ...

>You did not attach the new log. <

Oops. Awfully sorry, I thought I did! I'll add a new log this time, in case it's still helpful.

I'll come back later after running sfc and adding the .Net Framework

Thanks
tibra

 

Hi,

here is what I did

- I've run sfc/ scannow
There were about 10 instances where I was asked to retry reading a file from the Windows XP CD: "Files that are required for Windows to run properly must be copied to the DLL Cache. Insert your Windows XP Professional CD now" When I clicked on 'Retry' everything proceeded w/o an error. I guess that maybe the CD drive has gathered some dust in it ... SFC finished w/o any further errors or messages.

- I've replaced Windows FW with ZA free version. The Windows FW is still behaving sluggish: At bootup it's OFF and when I try to set it to ON, I get an error: "Due to an unknown error, Windows cannot display Windows Firewall
settings" (these are the English version messages, I get to see the German versions here). Later on the Windows FW changes it's state to ON ... by itself ?? But this won't really bother me now with ZA running. ZA does it's duties pretty well, it appears.

- I've deleted the onboard network adapter from the (hardware) control panel and let Windows find it again on reboot. Everything seems about the same as before. I cannot change any settings most of the time and can't use the menu commands or close the dialog, but usually I'm able to do so at some point lateron. My impression is, that the network dialog will work at times, only with huge delays ...

I really wonder what to do: The PC can be used quite normal, nothing of the problems seems to stop the usual programs from working as expected (MS Word, Powerpoint, OE email, Internet and such). And now with more profound protection through ZA, it should be quite save too.

I'm adding the MGM log again.

Thanks for your help - and your patience, again!

tibra

 

Hi,

(1) yes, the CD was in the drive. (2) It's an original XP Pro CD but still - with 'OEM Software' printed on it's label.
When I bought it it came with SP2 Version 2002 already included. I got it together with the hardware last February at my computer shop. It has passed all MS tests sofar with activation and also later updates including WGA checking. So I think that basically there's nothing wrong with the CD (of course I could be wrong too). You still seem to suspect that it might be a wrong CD ? I won't have a clue in this case on what to do with only this single CD I got as a system (with SP2 included).

The only other thing I can think of is changing the CD drive. As I've mentioned in my last reply, it might be dust that settled inside and prevents it from reading correctly sometimes. The messages I get anyhow IMHO are NOT saying it's the wrong CD, but that it couldn't read a file correctly ...

As far as I can tell, the error message doesn't ask "for the CD" or for a 'correct' or different one, but to repeat reading the latest file. But maybe this has to be translated into asking for a (different?) CD? Thats how I read your message ...

Well, I know that one mustn't use 2 active FWs side by side, and I have no intention to. Just wanted to check things after running sfc ...

Understood.