Keyboard Locks Up!

[John]

Fred:

Me too... This began happening to me a couple of months ago. It seems
very consistant - every time I log off, the keyboard is hung. With the
mouse, I can shut down, or re-start. Re-starting doesn't clear the
problem, only shutting down. I never had it hang during a login, it's
very stable.

It is my opinion that this began with one of the various Windows
Updates which I generally run whenever they become available. It was a
while before I discovered the pattern however, so I can't pin it on a
particular update.

I have tried another keyboard, no luck... It is a regular old PS2
interface

Have you had any luck solving this yet?

Very frustrating !!!

-Tom

Well that makes three of us and no I have no idea what is causing it but
like 'Fred S' I suspect an XP update. If it happens all the time on your
comp then you are best equipped to trouble shoot. On mine its very
infrequent (like once a week or once every two weeks) so trying to track
it down in my case would be an exercise in futility.

John

 

[Gerry Cornell]

John

What is the status of your computer with regards to
Windows updates? Is SP2 installed?

Download and install the User
Profile Hive Cleanup Service
Download details: User Profile Hive Cleanup Service
http://snipurl.com/5b61

UPHClean v1.5e readme.txt
http://snipurl.com/ko8m

This should fix the Userenv Warning.

Please copies of the Error / Warnings in the System / Application
logs.

You can access Event Viewer by selecting Start, Administrative Tools,
Event Viewer. When researching the meaning of the error, information
regarding Event ID, Source and Description are important.

HOW TO: View and Manage Event Logs in Event Viewer in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;308427&Product=winxp

A tip for posting copies of Error Reports! Run Event Viewer and double
click on the error you want to copy. In the window, which appears is a
button resembling two pages. Double click the button and close Event
Viewer. Now start your message (email) and do a paste into the body of
the message. This will paste the info from the Event Viewer Error Report
complete with links into the message. Make sure this is the first paste
after exiting from Event Viewer.

What version of Zone Alarm do you have?


--

Hope this helps.

Gerry
~~~~
FCA
Stourport, England

Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

 

[John]

John

What is the status of your computer with regards to
Windows updates? Is SP2 installed?

Download and install the User
Profile Hive Cleanup Service
Download details: User Profile Hive Cleanup Service
http://snipurl.com/5b61

UPHClean v1.5e readme.txt
http://snipurl.com/ko8m

This should fix the Userenv Warning.

Thanks I'll try that.

Please copies of the Error / Warnings in the System / Application
logs.

Some common samples are listed at the end of this post.

What version of Zone Alarm do you have?

5.1 ... something. I have tried newer versions but I always go back to
the old standby as it just works and doesn't give me grief or a bunch of
crap I don't want. The true vector errors are meaningless.

---->> NOTE: Actual computer name and usernames have been munged.

***** From 'Applications' ******

1. True Vector error:
Event Type: Error
Event Source: TrueVector Service
Event Category: None
Event ID: 5009
Date: 12/15/2006
Time: 2:30:54 PM
User: N/A
Computer: ComputerName
Description:
TrueVector engine: Timeout on debug mutex

2. userenv warning ...
Event Type: Warning
Event Source: Userenv
Event Category: None
Event ID: 1517
Date: 12/7/2006
Time: 8:56:07 AM
User: NT AUTHORITY\SYSTEM
Computer: ComputerName
Description:

Windows saved user ComputerName\username registry while an application
or service was still using the registry during log off. The memory used
by the user's registry has not been freed. The registry will be unloaded
when it is no longer in use.

This is often caused by services running as a user account, try
configuring the services to run in either the LocalService or
NetworkService account.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

3. The 'rundll.exe error ...
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 12/1/2006
Time: 4:12:01 PM
User: N/A
Computer: ComputerName
Description:
Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0009cf98.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 72 75 6e ure run
0018: 64 6c 6c 33 32 2e 65 78 dll32.ex
0020: 65 20 35 2e 31 2e 32 36 e 5.1.26
0028: 30 30 2e 32 31 38 30 20 00.2180
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 30 30 30 fset 000
0050: 39 63 66 39 38 0d 0a 9cf98..

***** From 'Security' ******

Nothing listed.

***** From 'System' ******

A common 'DCOM' error ...
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 12/14/2006
Time: 9:20:09 PM
User: ComputerName\SomeUserName
Computer: ComputerName
Description:
DCOM got error "The service cannot be started, either because it is
disabled or because it has no enabled devices associated with it. "
attempting to start the service StiSvc with arguments "" in order to run
the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


A 'W32Time' error ...
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 12/8/2006
Time: 11:31:57 AM
User: N/A
Computer: ComputerName
Description:
The time provider NtpClient is configured to acquire time from one or
more time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 15 minutes. NtpClient
has no source of accurate time.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

A 'Gears' warning, evidently the proggie wasn't completely removed, have
to look at this ...
Event Type: Warning
Event Source: Server
Event Category: None
Event ID: 2511
Date: 12/7/2006
Time: 8:46:49 AM
User: N/A
Computer: ComputerName
Description:
The server service was unable to recreate the share Gears because the
directory I:\Icons\Gears no longer exists. Please run "net share Gears
/delete" to delete the share, or recreate the directory I:\Icons\Gears.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

***** Antivirus *****

Typical error ..
Event Type: Error
Event Source: avast!
Event Category: Client
Event ID: 90
Date: 6/4/2006
Time: 8:43:46 AM
User: N/A
Computer: ComputerName
Description:
AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
J:\Hewlett-Packard_G85_Printer_Software\AiO\hp officejet g
series\1124565543\data\1124565543.ini failed, 0000A474.

Typical warning ...
Event Type: Warning
Event Source: avast!
Event Category: Client
Event ID: 90
Date: 12/11/2006
Time: 7:46:51 PM
User: N/A
Computer: ComputerName
Description:
Sign of "Win32:Torvil [Wrm]" has been found in "Incoming news
(comp.os.linux.advocacy) 'Hello, bjoern.wallat, Hi, bjoern.wallat
here´s the document' From:
<[email protected]>\24.DOC.pif#3367981176" file.


SomeUserName

 

[John]

John

What is the status of your computer with regards to
Windows updates? Is SP2 installed?

XP PRO Sp2 w/ 4 updates installed just today as a matter of fact.
I don't use IE so helping to debug V7 is of no interest to me. I also
don't have or want MS's latest WGA, or whatever they are calling it now.

Download and install the User
Profile Hive Cleanup Service
Download details: User Profile Hive Cleanup Service
http://snipurl.com/5b61

I'll look into it.

UPHClean v1.5e readme.txt
http://snipurl.com/ko8m

To many caveats to get rid of a few error log entries, no thanks.

This should fix the Userenv Warning.

See my earlier response for the rest.

John

 

[Gerry Cornell]

John

Replies inline.

Thanks I'll try that.

Wish you would.

1. True Vector error:
Event Type: Error
Event Source: TrueVector Service
Event Category: None
Event ID: 5009
Date: 12/15/2006
Time: 2:30:54 PM
User: N/A
Computer: ComputerName
Description:
TrueVector engine: Timeout on debug mutex

Probably a problem with the logging service.

2. userenv warning ...
Event Type: Warning
Event Source: Userenv
Event Category: None
Event ID: 1517
Date: 12/7/2006
Time: 8:56:07 AM
User: NT AUTHORITY\SYSTEM
Computer: ComputerName
Description:

Installing the User Profile Hive CleanUp Service would
eliminate problem.

3. The 'rundll.exe error ...
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 12/1/2006
Time: 4:12:01 PM
User: N/A
Computer: ComputerName
Description:
Faulting application rundll32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0009cf98.

You need to check for the same date / time to see if there is a
corresponding Event ID: 1001 to gain more information.
Otherwise if an application unexpectly stops you need to
see if this Error appears in the log.

***** From 'System' ******

A common 'DCOM' error ...
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 12/14/2006
Time: 9:20:09 PM
User: ComputerName\SomeUserName
Computer: ComputerName
Description:
DCOM got error "The service cannot be started, either because it is
disabled or because it has no enabled devices associated with it. "
attempting to start the service StiSvc with arguments "" in order to
run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Select Start, Control Panel, Administrative Tools, Services, DCOM
Process Launcher, right click and select Properties and General tab.
What Start Up type has been selected. It should be Automatic.

A 'W32Time' error ...
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 12/8/2006
Time: 11:31:57 AM
User: N/A
Computer: ComputerName
Description:

Of no consequence.

A 'Gears' warning, evidently the proggie wasn't completely removed,
have to look at this ...
Event Type: Warning
Event Source: Server
Event Category: None
Event ID: 2511
Date: 12/7/2006
Time: 8:46:49 AM
User: N/A
Computer: ComputerName
Description:
The server service was unable to recreate the share Gears because the
directory I:\Icons\Gears no longer exists. Please run "net share
Gears /delete" to delete the share, or recreate the directory
I:\Icons\Gears.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Select Start, Run, type "net share Gears /delete" without the quotes and
hit ENTER.

***** Antivirus *****

Typical error ..
Event Type: Error
Event Source: avast!
Event Category: Client
Event ID: 90
Date: 6/4/2006
Time: 8:43:46 AM
User: N/A
Computer: ComputerName
Description:
AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
J:\Hewlett-Packard_G85_Printer_Software\AiO\hp officejet g
series\1124565543\data\1124565543.ini failed, 0000A474.

Needs more research to determine significance.

Typical warning ...
Event Type: Warning
Event Source: avast!
Event Category: Client
Event ID: 90
Date: 12/11/2006
Time: 7:46:51 PM
User: N/A
Computer: ComputerName
Description:
Sign of "Win32:Torvil [Wrm]" has been found in "Incoming news
(comp.os.linux.advocacy) 'Hello, bjoern.wallat, Hi, bjoern.wallat
here´s the document' From:
<[email protected]>\24.DOC.pif#3367981176" file.

A nasty detected by Avant. What version of Avast do you have? Are
definitions automatically updated?

Do you scan incoming mail or does your ISP provide a free service
to protect you from incoming threats?



--

Hope this helps.

Gerry
~~~~
FCA
Stourport, England

Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

 

[Gerry Cornell]

John

Replies inline.

Gerry Cornell wrote:

XP PRO Sp2 w/ 4 updates installed just today as a matter of fact.
I don't use IE so helping to debug V7 is of no interest to me. I also
don't have or want MS's latest WGA, or whatever they are calling it
now.

What setting in Start, Control Panel, Automatic Updates is checked?

i8042prt.sys. In C:\windows\ system32\drivers how is this file now
dated?

I'll look into it.


To many caveats to get rid of a few error log entries, no thanks.

Installing will help prevent delays / problem on Shutdown. Not a
good move on your part not to install.


--

Hope this helps.

Gerry
~~~~
FCA
Stourport, England

Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

 

[John]

John

Replies inline.

What setting in Start, Control Panel, Automatic Updates is checked?

Download but I select what I want installed.

i8042prt.sys. In C:\windows\ system32\drivers how is this file now
dated?

8/4/2004 1:14:36 AM (the same as dllcache)



Perhaps you missed this ...
Too many caveats to get rid of a few error log entries, no thanks.

Installing will help prevent delays / problem on Shutdown. Not a
good move on your part not to install.

There are no delays only the very occasional problem of this thread.
Logon in 20 secs, shutdown in about the same on a P4-2.4

John

 

[John]

John

Replies inline.



Wish you would.


Probably a problem with the logging service.


Installing the User Profile Hive CleanUp Service would

eliminate problem.


You need to check for the same date / time to see if there is a
corresponding Event ID: 1001 to gain more information.
Otherwise if an application unexpectly stops you need to
see if this Error appears in the log.

The only instance of this warning I could find so no 1001's with the
same cause.

Select Start, Control Panel, Administrative Tools, Services, DCOM
Process Launcher, right click and select Properties and General tab.
What Start Up type has been selected. It should be Automatic.



Of no consequence.



Select Start, Run, type "net share Gears /delete" without the quotes and
hit ENTER.

Needs more research to determine significance.

No significance, file is in use and therefor unavailable for reading.

Typical warning ...
Event Type: Warning
Event Source: avast!
Event Category: Client
Event ID: 90
Date: 12/11/2006
Time: 7:46:51 PM
User: N/A
Computer: ComputerName
Description:
Sign of "Win32:Torvil [Wrm]" has been found in "Incoming news
(comp.os.linux.advocacy) 'Hello, bjoern.wallat, Hi, bjoern.wallat
here´s the document' From:
<[email protected]>\24.DOC.pif#3367981176" file.

A nasty detected by Avant. What version of Avast do you have? Are
definitions automatically updated?

The latest free version.

Do you scan incoming mail or does your ISP provide a free service
to protect you from incoming threats?

Avast does email and news groups. My ISP is Verizon and they demand all
their junk software be on hand which only communicates with IE. -- bleh

John

 

[John]

I looked into it.

Validation required, the WGA hassle will *not* be a part of my computing
experience thank you.

John

 

[John]

Gerry Cornell wrote:

On re-reading I forgot to mention a few things:

'DCOM' is set to automatic and is currently running.

Also Avast is set to automatic updates for both definitions and the
program itself.

John

 

[Gerry Cornell]

John

It is a complete waste of my time trying to help.

You obviously do not want to make your system work properly.

--

~~~~

Gerry

~~~~~~~~
Enquire, plan and execute.
Stourport, England
~~~~~~~~~~~~~~~~~

 

[John]

You need to check for the same date / time to see if there is a
corresponding Event ID: 1001 to gain more information.
Otherwise if an application unexpectly stops you need to
see if this Error appears in the log.

Well that was on Dec. 1st so I don't recall if something barfed on that day.

The only error or warning I can find in the same time frame is a DCOM
error # 1005.

John

 

[John]

John

It is a complete waste of my time trying to help.

You obviously do not want to make your system work properly.

I have given you all the information you wanted to the best of my
ability. But I refuse to jump into the WGA thing so if that is a problem
for you then thanks for your efforts.

John

 

[Gerry Cornell]

John

It's your attitude to every other suggestion I make. It's so
dismissive.
Your views come across as having formed around firm convictions
that Microsoft software must be treated with extreme suspicion. So
much so that you are prepared to reject some solutions.
notwithstanding that this could ultimately lead to not being able to
make the software work.

The implementation of WGA is something which rankles with many
users, particularly the way Microsoft intend to take it forward.
However, it is their software and pirating has resulted in a
substantial
loss of income for them. As individuals, however loud we shout, they
are going to use WGA to stop piracy. You need to be pragmatic.

Now Microsoft have over the last 2 years put a lot of effort into
enhancing system security and continue to do so. This has made
our computers noticeably more secure and less susceptible to
malware and viruses. If you reject WGA you will not be able to
download system updates, other than Critical Security updates.
Thus your system will accumulate unresolved bugs, which will
detract from your enjoyment of what your computer has to offer.
If your copy of Windows XP is genuine you have nothing to lose
in validating your copy. It's your choice.

To get a system to perform well one needs to eliminate every
error you discover. Ignoring some errors because you perceive
no significant gain disregards the way they disguise and hide
other problems. It is also very difficult to know what knock on
effects they have because computers are highly complex
machines. There are few errors I will ignore if they occur on
my computer.

Your rejection of the User Profile Hive Cleanup Service is a good
example of a solution which may produce more benefits than
are immediately obvious. Of course your rejection of WGA
means you cannot download this service anyway.

It is these type of decisions you take which make suggesting
solutions a profitless exercise.

Automatic updates. You might be better to check the option to
Notify me of updates but do not download or install. When it is
convenient you then select Start, Help and Support, Keep your
computer up-to-date with Windows Update, Custom etc. This
give you control over the process. It is what I use.


--

Hope this helps.

Gerry
~~~~
FCA
Stourport, England

Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~