Botched installation PE Demo

During installation of PE Demo, the computer froze at a certain point, forcing a reboot which took a long time. First sign of trouble was an error message of ProcessGuard 1.1 Full which couldn't attach to the kernel driver, next was NAV stating there was no TCP/IP installed, while TDS-3 only contacts Dr. Watson but fails to start, the other startup programs do, such as NAV, DCPP, Adsubtract etc.

The USB ADSL modem opens up a connection normally and has all protocols (TCP/IP) regularly installed. However, all internet programs can't communicate e.g. Opera (Network problem) TheBat (can't open socks) and PE (which I reinstalled) states that it can't load winsock 2.2.dll.

What gives and how can I resolve this as, due to lack of space, WinXP Pro didn't have the possibility to return to an earlier configuration

Your help is appreciated.

eternalbeta

 

It happend to me on a Win2k box without any DCS products installed, just a NAV bug

 

gkweb, the only problem at this time is that it is for real, no NAV bug, as nothing can get out of my box to the internet, TDS-3 and who knows yet what else doesn't work, while bootup takes forever.



eternalbeta

 

Hello eternalbeta, Sorry to read about your problem. Did you shutdown all of your security programmes whilst installing PE?
Many problems can be caused if you do not do this especially anti Virus systems such as NAV.

 

Hello Pilli,

If I remember correctly, NAV was shut down. However, TDS-3 exec protection was inadvertently left running while TPF was given a go ahead in installmode.

The important thing now is how to get the box up and running again without a reformat while safeguarding the data on the disk.

Now I have these problems I've read this forum also more attentatively and noticed these kind of problems also when someone uninstalled PE? Didn't imagine beforehand that this program delved that deep and with these potential consequences. Should have been more mindful before installing a demo on a whim.

Any suggestions on how to resolve the issue?

eternalbeta

 

You could start your pc and press F8 quickly before XP starts which will bring up the DOS like boot menu. Then select "Last good configuration" It may work as I do not think it relies on system restore points found within XP.

If it does not work boot into safe mode try uninstalling PE from there, if that does not work delete any refs to PE in the registry & PE's directory

 

Can you check IF your TCP is working, like ping localhost
Dolf

 

Eternalbeta, Can I sk what other security software you have installed such as firewall, sandbox etc?

 

maybe lspfixx can help - can you post results (but don't change anything yet)?

 

Do i remember an issue with the TPF or was it TTT which needed some configuration correction to work properly together?
On some systems it is even better to uninstall the firewall (at least close it completely) and install PE first, and after the other programs as mentioned.

 

For what its worth, I use TPF 5.1 (build 1242) with all modules enabled and have had no problem installing, uninstalling, upgrading etc Port Explorer using TPF's install mode. That being said, if a problem is encountered with any install it is always advisable to stop all security software for the next install.

I agree with Andreas that this may prove to be an LSP issue so the output of lspfix would definitely be worthwhile to review.

 

As far as security programs is concerned I've got TPF5.1 (build 1242), NAV 2004, TDS-3 and Process Guard 1.1 installed.

I've tried the F8, last good configuration, but no luck, probably this was suspended due to the lack of space on the disk. And to think that the new 120 MB disk was already installed last week but I didn't have the time yet to migrate (talking about Murphy's law) I'll try to ping and use lspfixx as has been suggested and i'll keep my fingers crossed, but I'm afraid I'll have to do a migration with a fresh install starting from scratch after the Christmas holidays, in any case I will try to post the results before leaving.

At least I'll be returning to the land of Jooske tomorrow for 2 weeks which keeps my smile on my face during these troubles.

Jooske, it might be a good idea to put this up on PE's download page in bold to warn people like me which decide to install the demo on a whim after having had a very good experience with TDS-3 and PG. Indeed, I have to admit that my enthousiasm for PE has cooled down considerably.

cheers,

eternalbeta

 

Hmm hope you'll have a good time in the Netherlands then, taking the "come to say Hi!" very literary

I don't think the PE is the problem child, maybe others can tell if it could have been a wise idea to close (?) PG for a while during that PE install.

Guess for the other it might have been TTT then and not the TPF on some system then, was several months ago somebody had to review his settings to get it all fine again.

I'm sure you'll get it all working properly; PE does go all into the bottom of the system, so does PG so my logical thinking ...... the LSPfix can show and if necessary fix things maybe..... i hope... so you feel happy again!

 

Thanks Jooske, it'll be nice to indulge myself again with "zoute drop" after so much time.

Tonight I'll try out LSPfixx and will keep my fingers crossed, this is the time for miracles so maybe.....

Strange though that TDS-3 doesn't work anymore. Does it have something in common with PE perhaps which caused it fold?

eternalbeta

 

I can't really see how PE could cause a machine which is 100% ok to lock up during installation causing a reboot. What it does is very simple, a few registry entries, etc.

So I doubt the problem is with PE in of itself. Maybe a hardware issue or another program. When you get your computer locking up it is usually a sign of a hardware problem. Because it did lock up during the PE install, it might have corrupted your LSP stack, using LSP fix might be able to solve the problem, otherwise just reinstall your network protocols.

-Jason-

 

Jason, that's properly something I do not understand. If I look at the ADSL connection I can see that the USB modem established a normal connection etc. No problem immediatly visible there. Also, on the respctive tab one sees the TCP/IP protocol installed, so far so good. Nevertheless, no program is able to connect. Any suggestion as to where exactly I should reinstall the network protocolls if lspfix fails to solve the problem?

Also, can I just reinstall TDS-3 without aggravating the problem. At the moment I can see in TPF's activity monitor that it is just contacting Dr. Watson and then stops.

eternalbeta

 

One other thing: PG is v1.150 currently. I'm not sure if you should try to uninstall/upgrade with your system in the current state, but you could already download the new version and install it if everything's back normal or if all other approaches didn't yield anything.
(http://www.wilderssecurity.com/showthread.php?t=17323)

Andreas

 

Hi Andreas,

Good that you mentioned this. As I noticed also that strangely enough ProcessGuard is not mentioned at this stage in the application add/remove tab of the control panel nor did I see an uninstall tab at the program start tabs. I forgot though to check the install folder to see if there is an uninstall possibility there, otherwise I may have to do it manually as Jason described in a sticky.

One puzzle after the other I'm afraid.

eternalbeta

 

& dont forget to turn off exec protection before you install.

 

Alright, back from holidays and back from trying to revive my internet connection and still a Happy New Year to everybody even though January is already several days old.

Back to the problem; during the holidays I've tried to solve the issue with lspfix which yielded the following results:

Keep: mswsock.dll, winrnr.dll
Remove: P?| (protocolhandler), dcsws2.dll (protocolhandler)

As I was without internet connection to ask for guidance I crossed my fingers and let it do its thing during which it removed 13 protocol provider entries and remembered 13 of those. However, the problem persists.

Reinstalled TCP/IP via the add/remove feature on the control panel. No result. Reinstalled PE and it gives the following error message: Couldn't load winsock.dll v2.2.
Also other programs report that windows socket initialisation failed. Lspfix keeps pointing at 8?|(protocolhandler) as an item to remove (a corrupted file I suppose?) but can't resolve the problem. As I said before, due to lack of space on the drive, systemrestore is currently not available in my WinXp Pro.

Also, I noticed in the eventviewer under system the following errormessage: The simple TCP/IP service terminated with the following error: Either the application has not called WSAStartup, or WSAStartup failed.

Please help as I'm out of ideas

 

Looks like something is corrupted. You only have one protocol handler DCSWS2.DLL when you should have another one, usually rsvpsp.dll or msafd.dll .

It is probably just a registry entry which is corrupted, which shows as the weird characters you see. You could try a REPAIR, put the XP cd in and then do a repair install. Otherwise it would require manual hacking of the registry to change those weird characters back into rsvpsp.dll or whatever.

There may be another way but I am not sure at this moment.

-Jason-

 

Jason,

I've checked and found rsvpsp.dll in C:\windows\system32, size 88kb. However, I can't seem to find the (corrupted) reference in the registry and unfortunately lspfix doesn't show you the path where it found this entry.

I could find entries to both mswsock.dll and winrnr.dll in the catalog-entries in HKEY_LOCAL_MACHINE\system\controlset002\services\winsock2 but nothing at all points to rsvpsp.dll nor elsewhere.

I'm careful with using a repair CD as I'm running Drive Crypt Plus Pack which encrypts also the boot drive and even though it currently works fine, when I tried to launch its console to decrypt this drive it refused to do so as it couldn't find winsock. Murphy's law again I'm afraid.

Therefore my hope is in finding the registry entry which was corrupted by PE and correct this. Could you please help and show me where I can find this entry in WinXP Pro so I can get the system up and running again?

 

Finally, victory!!

On the download page of lspfix they mentioned another program to fix these kind of problems, called WinsockXPfix. This app permits to create backups of the registry, repairs the winsock section and..........it worked!!! The box is up and running again and lo and behold ....... the first sign of revival was TDS-3 coming to live again and starting its scan at startup.

Scary experience but fortunately with a happy end thanks to WinsockXPfix.

 

Thanks for the good tip, and congratulations with this solution!
Now you know how to fix it, are you going to try it again, trying if it now installs ok with all the other scanners and reg protection etc down during that?

 

Hi eternalbeta, Nice that you have it sorted.
For those that are interested by this WinsockFix programme here is some info' and a download link: BTW I have not used it so take all the usual precautions

WinSock XP Fix "WinsockXPFix.exe" by shaw.ca
On an XP machine, after uninstalling a personal firewall product (such as McAfee Personal Firewall) and having your network settings destroyed there is a nifty little application to fix the winsock settings. "You can download it at":http://members.shaw.ca/techcd/WinsockXPFix.exe to replace the registry settings that are causing the problem. It even backs up your registry before it performs the fix.