Laptop problem, after update from MS.

Question

Kraai 56 Senior Poster

15 Years Ago

Laptop, Amilo Pro, operating Windows XP Pro SP2

After the automatic windows update downloaded some security updates from the MS update site, the laptop in question behaved very strange.

1. The internet connection is disabled, and cannot connect.
2. The network connections icon is missing from control panel.
3. The user accounts icon is missing from the control panel
4. The firewall icon is missing from control panel
5. The ad and remove programs icon is missing from control panel.

There may be some other icons also missing, but above are the once I was looking for to see if I could solve this issue.

The laptop keep on getting a pop up messages saying: "Bad ImageThe application dll c:\WINNT\System32\ATL.DLL is not a valid Windows image. Please check this against your installation"

I copied the atl.dll file from my healthy computer over to the laptop system32 folder, overwriting the existing one, and it seems to solve the atl.dll bad image problem. Network connections icon were back in cpanel as wel, but nothing happens when I try to open it.

I cannot run any commands from the start menu > run and the only way I can get the run function is by cntrl alt delete and then new task and run from there.

From above command line, I tried to run sfc /scannow. The little scan window opened, but nothing happend, no movement in it.

I also ran a scan disk, rebooted, and a lot of files and stuff were deleted and replaced, but still, it did not solve anything.

My next step was to try and do a restore. I booted up in safe mode, and tried to restore to a date before the update, but after the laptop boots up again when restore was completed, the restore window comes up to say that it could not restore to that date.

I then downloaded to a removable disk on my healthy pc malwarebites, and install it on the laptop, run it, but it found nothing.

Now I downloaded HJT via my healthy computer, and installed and run it on the laptop. The log follows below.

Please, if there is some Daniweb family member that can help me with this one?

Here is the HJT Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:47 AM, on 12/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Documents and Settings\Hanlie Greenberg\Desktop\Hijackthis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-21-1202660629-1284227242-1417001333-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227714029624
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe

--
End of file - 2642 bytes

windows-virus

2 Contributors
8 Replies
461 Views
1 Day Discussion Span
Latest Post 15 Years Ago Latest Post by Kraai

jbennet 1,618 Most Valuable Poster

15 Years Ago

sounds like somehow the update cirrupted your system files and possibly also the store of backup files on your hard drive which SFC recovers from. To get round this, boot info safe mode, stick in your install CD and go to run. Type sfc /scannow, wait until complete and reboot.

Have you tried a system restore?

If that doesnt work a repair install may be necesarry.

jbennet 1,618 Most Valuable Poster

15 Years Ago

hmm, i have not encountered that one before,

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Kraai 56 Senior Poster Featured Poster · Answer 1 · 2008-12-05T02:13:02+00:00

Hi jbennet

Thanks for responding. Yes, I did try restore. As stated earlier:

My next step was to try and do a restore. I booted up in safe mode, and tried to restore to a date before the update, but after the laptop boots up again when restore was completed, the restore window comes up to say that it could not restore to that date.

I tried your suggestion to do the scf /scannow from safemode with the cd in, and got the following error in the command window:

"The spesific error code is 0x000006ba [The RPC server is unavailable]"

Any thoughts on this error?, I am going to goooogle it now.

Kraai 56 Senior Poster Featured Poster · Answer 2 · 2008-12-05T03:41:27+00:00

Goooooogle is full of other people with the same problems. I tried a couple of the suggested repairs, even the ones from M$ as well, and no luck.

I recon I must do a repair install now. This pisses me off completely, as I have a service pack 1 cd only, and need to update every time to SP2, and this little laptop seems that what ever I do, only lasts a week, and then a new problem start and at the end, guess what, a format or repair install again, until next week, when a new problem will repeat the process.

I am even scared now to do M$ updates, as it seems there is a glitch as well, dating back to April 2007, and still not fixed by the mighty.

I wish I can only use Linux from now on, buy I use too many exe programs in my work to be able to go Linux only.

jbennet 1,618 Most Valuable Poster Team Colleague Featured Poster · Answer 3 · 2008-12-05T03:44:57+00:00

This pisses me off completely, as I have a service pack 1 cd only, and need to update every time to SP2

You can integrate Sp2 (possibly sp3 but dont take my word for it) using a tool called Nlite and burn a new cd

Kraai 56 Senior Poster Featured Poster · Answer 4 · 2008-12-05T03:49:24+00:00

Thanks jbennet, I will look into that tomorrow, it is time for me to go to bed now, 10 to midnight.

jbennet 1,618 Most Valuable Poster Team Colleague Featured Poster · Answer 5 · 2008-12-05T05:34:04+00:00

jbennet 1,618 Most Valuable Poster

15 Years Ago

yeah the process is called slipstreaming

Kraai 56 Senior Poster Featured Poster · Answer 6 · 2008-12-05T16:41:13+00:00

It was a repair install that solved this weird problem, caused by M$. Until next week then, I cannot help to think what is going to go wrong with this laptop by next week.