Windows 7 Corrupted?

I have a PC with Windows 7 Pro.  It runs Simply Accounting 2011 and ACT 2009.

This morning no one could network to it.  There were error messages referring to WMI (and other things) in Eventvwr.

I did a system restore to 24 hours ago.  Machine came up, but both ACT and Simply Accounting Connection Manager fail to run.  

When I run Eventvwr, it gives an error, saying MMC Could Not Create The Snap-in.  Running MMC and adding the snap-in results in an error too.

I ran a repair on .net framework 4 Client Profile (the only .net stuff that was there) and no difference.

Suggestions?
LVL 1
DaveWWWAsked:
Who is Participating?
 
nobusConnect With a Mentor Commented:
try running mbam first - quick scan, to see what it turns up - seems malware
http://www.malwarebytes.org/mbam.php       
0
 
Sushant GulatiConsultantCommented:
When you go to start > run > wmimgmt.msc > right click > properties .. what is the error do you see?

Or

Services.msc right click on any service and go to Dependency.... What is the error?

Good Luck..!!
~SG~
0
 
johnb6767Commented:
Click start, and type cmd>rt click "Run as Administrator".....

chkdsk
(NO switches yet)

If it reports that it cannot continue in Read Only mode, enter 'chkdsk /f /r', and hit 'Y', and reboot to allow the scan to complete. The log is in the Application log, source "Winlogon".
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
DaveWWWAuthor Commented:
Susquperf, When I run wmimgmnt and right-click WMI Control (local), and select properties, I get "Successfully connected to local computer". Is this what you meant?

Johnb6767, Chkdsk says Windows found no problems.

I ran SFC /scannow, and at the end it wanted to restart to implement some changes, which I did, but no difference in performance.

When I try to add the event viewer snap in, the exact error is:
MMC cannot create the snap-in.  The snap-in might not have been installed correctly.
CLSID: FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510}
0
 
nobusCommented:
no errors in device manager?
can you access other PC's from yours?
can you ping yahoo.com from a dos box
0
 
DaveWWWAuthor Commented:
All networking functions work outgoing.  However no one can ping the machine, nor can they access shred folders.

When I ping -t the machine from another, and restart the affected machine, the ping is retuened as the machine is starting.  As soon as the Windows logon screen shows up on the affected machine, the pings are no longer returned.  So some service or virus is preventing networking from running correctly.

Late last night discovered hundreds of added <file.sys> references in various place in the registry (very random file names).  For example, in HKLM, System, CurrentControlSet, Services, I see a key called kzbkarwo, which calls kzbkarwo.sys from the Windows\System32\drivers folder.  And there are hundreds of others just like it.

 This in combination with the event log filled with errors of suspicious services unable to start due to missing modules, *and* the fact that there was a service called WindowsLon (not even present in a Google search!) tells me that the best thing for me to do is reinstall the OS.

Thanks.
0
 
Sushant GulatiConsultantCommented:
Safe mode network behaves in the same way? Get the autoruns tools from Sysinternals and go to into the drivers tab and deselect all the driver suspicious drivers and third party drivers on the server. And disable the third party services. Reboot the machine and see if you are able to fetch some performance back.

Good Luck..!!
~SG~
0
 
DaveWWWAuthor Commented:
Mbam found the virus.  Unfortunately, removing it did not solve the access problem.  I therefore ran my Win7 install DVD and selected "upgrade" and it basically did an in-place install, which restored networking fine.
0
 
nobusCommented:
good to hear you're back in business..
0
 
Sushant GulatiConsultantCommented:
Nice to hear.. that was unfortunate though... Good Luck..!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.