SP2 installation failure

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

dell pc with windows xp pro, pentium 4 2.8, 512 mb DDR SDram.
After recovery from a new trojan virus, several functions would not work ,
internet explorer browser for one. I then used the mfg installation disk
which contained my copy of windows xp pro and used the repair an xp
installation feature, not the console, and everything seems to function, but
SP2 installation fails either from download or from the disk, I get an error
message (access denied}. In using an information diasgnostic tool it say's
that SP2 is installed, but it is not evident in the add/remove programs list.
Is there a documentation for manually removing all traces of SP2 so that it
can then be reinstalled, Or is it possible that there is a backup of the
virus in system restore? I have not disabled the system restore feature.
--
just learning the hard way
3 answers Last reply
More about installation failure
  1. Archived from groups: microsoft.public.windowsxp.newusers (More info?)

    It is likely that System Restore contains the virus. For that reason it
    should be disabled and enabled again to purge all Restore Points. However
    that is likely not what is causing your problem.
    See this item
    http://support.microsoft.com/default.aspx?scid=kb;en-us;873148&Product=windowsxpsp2
    You may also wish to look at the info here
    http://www3.telus.net/dandemar/spackins.htm

    Have you tried installing SP2 from the full download package? If you have a
    fast connection you can get it here
    http://www.microsoft.com/downloads/details.aspx?familyid=049c9dbe-3b8e-4f30-8245-9e368d3cdb5a&displaylang=en

    or it can be had on CD by either ordering it from Microsoft
    http://www.microsoft.com/windowsxp/downloads/updates/sp2/cdorder/en_us/default.mspx
    or by finding a copy at your favourite big box Software Seller.

    --

    Harry Ohrn MS-MVP [Shell/User]
    www.webtree.ca/windowsxp


    "ra42grif" <ra42griffin(removethis)@hot.rr.com> wrote in message
    news:DB5753E6-BE50-4225-9E80-64EEBFA3170F@microsoft.com...
    > dell pc with windows xp pro, pentium 4 2.8, 512 mb DDR SDram.
    > After recovery from a new trojan virus, several functions would not work ,
    > internet explorer browser for one. I then used the mfg installation disk
    > which contained my copy of windows xp pro and used the repair an xp
    > installation feature, not the console, and everything seems to function,
    > but
    > SP2 installation fails either from download or from the disk, I get an
    > error
    > message (access denied}. In using an information diasgnostic tool it
    > say's
    > that SP2 is installed, but it is not evident in the add/remove programs
    > list.
    > Is there a documentation for manually removing all traces of SP2 so that
    > it
    > can then be reinstalled, Or is it possible that there is a backup of the
    > virus in system restore? I have not disabled the system restore feature.
    > --
    > just learning the hard way
  2. Archived from groups: microsoft.public.windowsxp.newusers (More info?)

    "ra42grif" <ra42griffin(removethis)@hot.rr.com> wrote in message
    news:DB5753E6-BE50-4225-9E80-64EEBFA3170F@microsoft.com...
    > dell pc with windows xp pro, pentium 4 2.8, 512 mb DDR SDram.
    > After recovery from a new trojan virus, several functions would not
    > work ,
    > internet explorer browser for one. I then used the mfg installation
    > disk
    > which contained my copy of windows xp pro and used the repair an xp
    > installation feature, not the console, and everything seems to
    > function, but
    > SP2 installation fails either from download or from the disk, I get an
    > error
    > message (access denied}. In using an information diasgnostic tool it
    > say's
    > that SP2 is installed, but it is not evident in the add/remove
    > programs list.
    > Is there a documentation for manually removing all traces of SP2 so
    > that it
    > can then be reinstalled, Or is it possible that there is a backup of
    > the
    > virus in system restore? I have not disabled the system restore
    > feature.
    > --
    > just learning the hard way


    Which trojan did you get hit with and what did you do or use to remove
    it? Some anti-spyware programs keep a backup snapshot which lets you
    undo their changes. You end up with what you had before (you're
    infected again) but the system works again and you can attempt more
    research on the infection before trying to eradicate it again. However,
    since you have tried to using the Repair from the Mfr's install CD, the
    system may not be in a state that the restore from the anti-spyware
    program can return into a working state. You never said what you used
    to eradicate the trojan, or even if it was a trojan, virus, spyware,
    adware, or what. The eradicator tool you used might only know what is
    the trojan and not everything else it changed. For example (but not of
    a virus or trojan, in this case), when you install Norton AntiVirus
    (NAV), it will change the registry entries for scripting to point at its
    module and the registry entry for its module will then point at the
    modules for scripting. This is how NAV does its script blocking. If
    you remove NAV using something else than its uninstall program, these
    registry entries may not get unchained and so you're left with scripting
    that won't work.

    You didn't mention what "functions" no longer worked. If the problem is
    with connectivity, it could be that removing the trojan resulted in a
    corrupted chaining of LSPs (layered service providers) which prevents
    proper operation of TCP; see http://www.cexx.org/lspfix.htm. Be sure to
    read the readme.txt file that comes with it on how to use it. Like
    using regedit, this is digging into your system and can be hazardous.
    If you put this on your system, do NOT put a shortcut to it in the Start
    menu that anyone can see (i.e., only put it in admin profile's Start
    menu) and put its file in a path that requires admin priviliges to read
    it, like under the Administrator's %userprofile% path, or change
    permissions on the folder containing it so only administrators can run
    this program.

    You had Service Pack 2 installed in your instance of Windows XP. You
    did a repair using the Mfr install CD. It doesn't sound like it was a
    drive image because that would have overwritten and wiped out everything
    in the OS partition to the same state as how the Mfr delivers the system
    (I'm presuming all your data is there and anything else you installed
    after getting the computer). That probably did not have Service Pack 2
    slipstreamed into it, so you might've been using a SP-1 version of
    Windows to repair a SP-2 instance of Windows. Because the
    manufacturer-customized version of Windows that comes with Dell (and
    other brands) is not a Microsoft-standard installation CD, I'm not sure
    that you can slipstream a service pack into it. You could make a copy
    of the CD and try slipstreaming SP-2 into the copy
    (http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp).
    Then try the Repair again now with the SP-2 version of Windows on the
    CD-R[W] to repair your SP-2 patched instance of Windows XP. If trying
    to slipstream in SP-2 into the Mfr-customized version of Windows doesn't
    work, you might see if you can remove SP-2 from your installed instance
    of Windows XP; see http://support.microsoft.com/?id=875350.

    If nothing works to get you into a working state for the instance of
    Windows that is installed, trojaned, had the trojan removed somehow but
    broke some "functions", and a Repair was performed but which might not
    have matched on the service pack level, you might end up having to save
    all your data and do a fresh install of Windows XP. Unless using the
    trojan extractor tool's restore, reapplying SP-2, or LSPfix gives you a
    quick fix, often it takes less time to save your data and wipe the
    partition to do a fresh install of the OS and your applications than to
    repair your system from a poor trojan eradication.

    You might also try asking in newsgroups more focused on trojans and
    malware, like:

    alt.comp.virus
    alt.comp.anti-virus.
    alt.privacy.spyware

    --
    _________________________________________________________________
    Post your replies to the newsgroup. Share with others.
    E-mail: vanguard_help AT yahoo.com (append "#NEWS#" to Subject)
    _________________________________________________________________
  3. Archived from groups: microsoft.public.windowsxp.newusers (More info?)

    Bloodhound.W32.E.P. and 4 variations. I had Norton 2004 Norton quaranteened
    and then I used AVG Premium to clean it. I then uninstalled Norton but did
    not remove all symantec files. Thanks for the response both of you I now have
    enough to keep me busy a while, I will as a last resort reinstall a clean
    copy of Windows. By the way when I did the repair of the existing windows
    installation it saved my files and you are right it repaired with a built in
    sp1 while sp2 had not been cleanly removed. Everything else works so I will
    try to remove the system restore files and see what happens, I will keep
    updat ing this response until I/we get it resolved. ra42grif

    "Vanguard" wrote:

    > "ra42grif" <ra42griffin(removethis)@hot.rr.com> wrote in message
    > news:DB5753E6-BE50-4225-9E80-64EEBFA3170F@microsoft.com...
    > > dell pc with windows xp pro, pentium 4 2.8, 512 mb DDR SDram.
    > > After recovery from a new trojan virus, several functions would not
    > > work ,
    > > internet explorer browser for one. I then used the mfg installation
    > > disk
    > > which contained my copy of windows xp pro and used the repair an xp
    > > installation feature, not the console, and everything seems to
    > > function, but
    > > SP2 installation fails either from download or from the disk, I get an
    > > error
    > > message (access denied}. In using an information diasgnostic tool it
    > > say's
    > > that SP2 is installed, but it is not evident in the add/remove
    > > programs list.
    > > Is there a documentation for manually removing all traces of SP2 so
    > > that it
    > > can then be reinstalled, Or is it possible that there is a backup of
    > > the
    > > virus in system restore? I have not disabled the system restore
    > > feature.
    > > --
    > > just learning the hard way
    >
    >
    > Which trojan did you get hit with and what did you do or use to remove
    > it? Some anti-spyware programs keep a backup snapshot which lets you
    > undo their changes. You end up with what you had before (you're
    > infected again) but the system works again and you can attempt more
    > research on the infection before trying to eradicate it again. However,
    > since you have tried to using the Repair from the Mfr's install CD, the
    > system may not be in a state that the restore from the anti-spyware
    > program can return into a working state. You never said what you used
    > to eradicate the trojan, or even if it was a trojan, virus, spyware,
    > adware, or what. The eradicator tool you used might only know what is
    > the trojan and not everything else it changed. For example (but not of
    > a virus or trojan, in this case), when you install Norton AntiVirus
    > (NAV), it will change the registry entries for scripting to point at its
    > module and the registry entry for its module will then point at the
    > modules for scripting. This is how NAV does its script blocking. If
    > you remove NAV using something else than its uninstall program, these
    > registry entries may not get unchained and so you're left with scripting
    > that won't work.
    >
    > You didn't mention what "functions" no longer worked. If the problem is
    > with connectivity, it could be that removing the trojan resulted in a
    > corrupted chaining of LSPs (layered service providers) which prevents
    > proper operation of TCP; see http://www.cexx.org/lspfix.htm. Be sure to
    > read the readme.txt file that comes with it on how to use it. Like
    > using regedit, this is digging into your system and can be hazardous.
    > If you put this on your system, do NOT put a shortcut to it in the Start
    > menu that anyone can see (i.e., only put it in admin profile's Start
    > menu) and put its file in a path that requires admin priviliges to read
    > it, like under the Administrator's %userprofile% path, or change
    > permissions on the folder containing it so only administrators can run
    > this program.
    >
    > You had Service Pack 2 installed in your instance of Windows XP. You
    > did a repair using the Mfr install CD. It doesn't sound like it was a
    > drive image because that would have overwritten and wiped out everything
    > in the OS partition to the same state as how the Mfr delivers the system
    > (I'm presuming all your data is there and anything else you installed
    > after getting the computer). That probably did not have Service Pack 2
    > slipstreamed into it, so you might've been using a SP-1 version of
    > Windows to repair a SP-2 instance of Windows. Because the
    > manufacturer-customized version of Windows that comes with Dell (and
    > other brands) is not a Microsoft-standard installation CD, I'm not sure
    > that you can slipstream a service pack into it. You could make a copy
    > of the CD and try slipstreaming SP-2 into the copy
    > (http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp).
    > Then try the Repair again now with the SP-2 version of Windows on the
    > CD-R[W] to repair your SP-2 patched instance of Windows XP. If trying
    > to slipstream in SP-2 into the Mfr-customized version of Windows doesn't
    > work, you might see if you can remove SP-2 from your installed instance
    > of Windows XP; see http://support.microsoft.com/?id=875350.
    >
    > If nothing works to get you into a working state for the instance of
    > Windows that is installed, trojaned, had the trojan removed somehow but
    > broke some "functions", and a Repair was performed but which might not
    > have matched on the service pack level, you might end up having to save
    > all your data and do a fresh install of Windows XP. Unless using the
    > trojan extractor tool's restore, reapplying SP-2, or LSPfix gives you a
    > quick fix, often it takes less time to save your data and wipe the
    > partition to do a fresh install of the OS and your applications than to
    > repair your system from a poor trojan eradication.
    >
    > You might also try asking in newsgroups more focused on trojans and
    > malware, like:
    >
    > alt.comp.virus
    > alt.comp.anti-virus.
    > alt.privacy.spyware
    >
    > --
    > _________________________________________________________________
    > Post your replies to the newsgroup. Share with others.
    > E-mail: vanguard_help AT yahoo.com (append "#NEWS#" to Subject)
    > _________________________________________________________________
    >
    >
Ask a new question

Read More

Windows XP