Archived from groups: microsoft.public.win2000.security (
More info?)
Thanks for the post. I'll scan the server for spyware and run another virus
scan to be as sure as I can about those threats. I'll give the root kits a
shot with the Sysinternals tool and see what it shows.
If all these fail, I've give the MS line a call.
--
Sandy Wood
Orange County District Attorney
"Roger Abell" wrote:
> Hi Sandy,
>
> That is a very strange message, as ntdll.dll is (the genuine one) a
> fundemental dll of the OS and will always be in use.
>
> Hence, I suspect that something may be amiss with the machine, as
> in having virus, malware, root kit code in the way, especially as
> you seem to have indicated attempting to minimize running processes
> (esp. anti-virus/malware) before the install.
> One thing I have at times found of use is to set potentially interfering
> services to disabled and then do a fresh reboot just before attempting
> the servicing, followed by return of the services to their prior state.
>
> If the problem persists, and all scanning attempts show the
> machine is clean (up to the limit of root kit detection at least)
> and a fresh download of the post SP4 rollup continues, then
> you may want to ask MS at the 1-866-PCSAFETY number,
> specifying this is a server which fails rollup application.
>
> --
> Roger Abell
> Microsoft MVP (Windows Security)
>
> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
> news:707D8903-2F9D-44EB-B06C-35C195F679A0@microsoft.com...
> > Not sure if this is the right forum, but I'm getting an error attempting
> to
> > install the SP4 rollup on my Window 2000 server. At about 2% done, it
> throws
> > an error:
> >
> > "The file c:\winnt\system32\ntdll.dll is open or in use by another
> > application."
> >
> > I've found it hard to close down every process that uses this .dll. Anyone
> > have any ideas?
> >
> > --
> > Sandy Wood
> > Orange County District Attorney
>
>
>