Arbitrary error messages and stopped programs

Topic

New Reply

My desktop PC is running on Windows XP. In the last few weeks, I have been getting arbitrary error messages, sometimes requiring the computer to be shut down.

Now, I find that many of the programs I use (Office, Google Earth, Paintshop Pro, Autoroute) have stopped working and require me to use the original disks to re-install missing bits. They have worked again after re-installation.

I have done a System Restore back to two months ago but it says that nothing has changed.

I have AVG free installed and this does a daily scan. It has reported some infected files which it has removed.

My feeling is that I should re-install XP from scratch, but can anyone suggest a less drastic solution?

Thanks

Reply | Quote

Replies

What are some of the error messages? Are there any BSOD’s? Check the Event Viewer Windows Logs – Application and System Logs for critical errors at the time errors arise.

Reply | Quote

The only error I made a note of was headed ‘C:Program filesO2Agentbinbcont_nm.exe’. It said ‘Unable to launch applicatiion. Please restart your computer and try again. Error code: -2147024891.

I was not using this program at the time.

Sorry, I don’t know what a BSOD is. Where can I inspect the Event Viewer Windows Logs?

Thanks for you help.

Reply | Quote

Hi : I feel a “resident” security program like AVG should PRIMARILY be PREVENTING “infections”, NOT detecting them after they have entered your computer !? I feel a good start would be to get a “2nd opinion” on WHAT AVG MAY be missing !? To do that, I recommend you use Malwarebytes Anti-Malware, available for download from http://www.malwarebytes.org/products AND/OR “SUPERAntiSpyware”, available for download from http://www.superantispyware.com . Both come in a FREE Version and after installation and updating, run the longest scan they offer . IF either detects anything other than “Adware/tracking Cookies”, it might be helpful to post their Scan Result(s) !?

Reply | Quote

The only error I made a note of was headed ‘C:Program filesO2Agentbinbcont_nm.exe’. It said ‘Unable to launch applicatiion. Please restart your computer and try again. Error code: -2147024891.

Sorry, I don’t know what a BSOD is. Where can I inspect the Event Viewer Windows Logs?

First, I would follow SpiritWind’s advice to determine if you are infected. As to BSOD, that is an acronym for ‘Blue Screen of Death’, so named because a blue screen filled with text appears with certain errors caught by Windows over the years. If you have not seen the dreaded BSOD yet, you likely will at some point.

To view the logs, you can see them by going to Control Panel>Administrative Tools>Event Viewer>Windows Logs>Applications log and System log (I am working from memory on how to view the logs in XP). Check for any critical errors (marked by red symbol) that may have been logged at the time of the error. If you find any, there will be an error code generated that can be searched online for more information.

Error code: -2147024891 is an ‘Access Denied’ error, and may refer to NTFS security permissions that have been changed. Right click the bcont_nm.exe and check the Security tab to view the permissions. If your user profile is that of Administrator, confirm that you have the Full Control permissions on the executable file. The Security tab is only seen if you are running XP Pro. If you are running XP Home, you can see the Security tab by booting into Safe Mode.

Do you happen to use AT&T DSL for Internet Connectivity? If so, some have found a solution in ”uninstalling the at&t DSL support agent “Fast Access DSL Help Center.”” This information comes from this message board where a user solved the same problem by uninstalling the “Fast Access DSL Help Center”. Just a thought.

Reply | Quote

I ran the Malware program, as advised and found nothing.

However, I discovered today that the AVG program had not been updated since 30 May, but I only got a warning about this today. When I tried to update manually, nothing happened, so I downloaded it again, and then managed to update it.

I then looked at the event history for AVG (something I didn’t know existed until today), and found that a major disaster had occurred around that time. The software was updated at 18.00 on 30 May. During the routine scan starting at 2.00am on the 31st, 2617 infected files were found. Throughout that day, AVG stopped and started several times. Process QGHPOYOA.EXE was detected twice and quarantined. A further 40 infected files were found on 1st June 2.00 am scan. No further scans are reported after that even though I did a manual scan yesterday, and am pretty sure that it said that the 2.00am scan hed been perfromed. It also reported two virus infections, one a Trojan horse today for which the files were quarantined. I have deleted all the quarantined files (Mistake??).

It appears to me that AVG has not been doing its job properly. Should I install a different virus checker?

Will check the logs as suggested.

And no, I don’t use AT&T DSL. I am in the UK, and use O2.

Again, many thanks to everyone for your help and advice

Reply | Quote

I have now looked at the events logs as recommended.

System: There are a large number of ‘red’ messages in early April and May – they seem to be mainly saying “The server was unable to allocate from the system because the pool was empty”. There is only one ‘red’ message on the 31st May at 19.47- it says “The server did not register with DCOM within the required timeout.” There are a lot of warnings and information messages all the time

Applications: This only goes back to the 9th May. The first red error has source BOINC – “The description for event ID(1) in source BOINC cannot be found. The same red error occurs twice on the 31st day. There are lots of red errors after this, but I think they all relate to missing bits of programs which were presumably infected and quarantined during the disaster.

Hope this is useful.

Reply | Quote

Personally, I would remove AVG, and replace it with either MSE (Microsoft Security Essentials), Avast Home Free Edition, or Avira Free. All three are good products. Quite a few users have found AVG to be less than desirable lately.

I have used and continue to use MSE since its first version on two machines, as well as Avast on two others for the last four years, and have had not problems with infections. I am also behind a Linksys router, and use Windows 7 Firewall on all Win7 machines. If you are behind a router firewall, XP SP3 firewall may be all you need, but there are some great free firewalls available, such as Online Armour. Check out the many threads devoted to malware issues in the Security & Backups Forum, which is where your thread will be relocated as it does appear to be a predominantly malware issue.

Also, check post 7 in this thread for the link to a How to Geek tutorial for burning antimalware CDs that are very effective in rooting out infections. No one antimalware solution is 100% effective 100% of the time.

Reply | Quote

Once you have confirmed all malware has been removed from your PC, it would be good to check your system files for integrity. If you have SP3 installed, and you have an XP installation CD that includes SP3, you can run the Command Prompt by right clicking and selecting Run as Administrator. Type in ‘sfc /scannow’ without the quote marks, and noting the space between ‘sfc’ and the ‘/’ mark. This command runs the system file checker and will hopefully replace any corrupted files with fresh copies.

If you have XP SP3 installed on your PC, but your XP installation CD is SP1 or SP2, then sfc will not work. You will then have to slipstream your original XP CD to SP3. Check this tutorial, if needed, for instructions on slipstreaming an XP SP1 or SP2 install CD to SP3. If you do not have an XP installation CD, check with your PC manufacturer to see if you can obtain one.

If sfc /scannow does not fix your files, then an XP repair install may be in order. A repair install can fix Windows problems while leaving your programs, files and data intact.

If your XP installation is from 3 to 5 years old, it would not hurt to wipe the hard drive and do a full fresh XP install. It will be time consuming, but it will provide a fresh start. In any case, having an XP install CD slipstreamed with SP3 will save you some time.

Reply | Quote

I have removed AVG and replaced with MSE – am doing the same on laptop and other PC, which have not had these problems so far.

The PC was sujpplied by a local computer shop who did not give me a Windows disk. However, I may take it to them, and get them to do a windows re-install. The PC has been running slowly, and errors appearing before the virus disaster. Whether this was due to AGV letting stuff in, or was a different problem is hard to say.

Will watch out for new faults, and decide…

Thanks everyone again for your help.

Reply | Quote

Hi : I hope part of the process of removing AVG included use of the appropiate “AVG Remover”, available for download from http://www.avg.com/download-tools !? Failure to do so causes POTENTIAL conflict problems with the new resident protection MSE . You should realize that MSE has very poor online Support Forums if you need a question answered from them.

Reply | Quote

I have learnt to my cost to treat alerts from free virus scanners with some degree of mistrust.

But before I refer to that I must report I sued AVG for several eyars without problem but around the turn of this eyar a new version totally stopped my Mozy home backup from functioning. Removing AVG and it started working again immediately.

I went to MSSE instead at that point.

But i have also used and paid for Prevx for several years. But about a month ago Prevx reported 10 infected files and I stupidly allowed it to delete the infected files. This led to Opera, Superantispyware and SDExplorer all to cease operating and Mozy similarly after reporting a missing Windows dll during boot. Prevx remopved Opera.dll, 2 dlls for SDExplorer and the exe for Superantispyware. Fortunately I still had the current versions of the installs for these available but it continued to zap these every time I booted up and I subsequently found in Prevx logs that every time my laptop booted Prevx was now programmed to delte those files again. With Mozy i find I cnat reinstall it at all and even after removing all Mozy regsitry entries it still wont setup a program folder anymore and their suport line was a fat lot of use in trying to locate the cause.

The moral; of the story is when your antivirus suddenly reports a problem with a file you have had up and running for ages dont delete it. Keep it in quarantine until you either prove with other scanners (send it to those online ones and verify its infected first) that there is something wrong with it or you determine for certain that you can still run without it. then either delete it or reinstate it and add it to your antivirus ignore list until anewer version comes out.

Reply | Quote

jiffy128
Thanks for this. have always assumed that anti-virus programs do good but no harm and realise now that this is not so. Will be more vigilant in future.

Luckily, I have all the disks for the damaged programs, but would have been extremely annoyed if I hadn’t.

Reply | Quote