Windows 2000 SP4 Rollup setup error

Archived from groups: microsoft.public.win2000.security (More info?)

Hi Sandy,

That is a very strange message, as ntdll.dll is (the genuine one) a
fundemental dll of the OS and will always be in use.

Hence, I suspect that something may be amiss with the machine, as
in having virus, malware, root kit code in the way, especially as
you seem to have indicated attempting to minimize running processes
(esp. anti-virus/malware) before the install.
One thing I have at times found of use is to set potentially interfering
services to disabled and then do a fresh reboot just before attempting
the servicing, followed by return of the services to their prior state.

If the problem persists, and all scanning attempts show the
machine is clean (up to the limit of root kit detection at least)
and a fresh download of the post SP4 rollup continues, then
you may want to ask MS at the 1-866-PCSAFETY number,
specifying this is a server which fails rollup application.

--
Roger Abell
Microsoft MVP (Windows Security)

"Sandy Wood" <sandy.wood@nospam.com> wrote in message
news:707D8903-2F9D-44EB-B06C-35C195F679A0@microsoft.com...
> Not sure if this is the right forum, but I'm getting an error attempting
to
> install the SP4 rollup on my Window 2000 server. At about 2% done, it
throws
> an error:
>
> "The file c:\winnt\system32\ntdll.dll is open or in use by another
> application."
>
> I've found it hard to close down every process that uses this .dll. Anyone
> have any ideas?
>
> --
> Sandy Wood
> Orange County District Attorney

Archived from groups: microsoft.public.win2000.security (More info?)

Thanks for the post. I'll scan the server for spyware and run another virus
scan to be as sure as I can about those threats. I'll give the root kits a
shot with the Sysinternals tool and see what it shows.

If all these fail, I've give the MS line a call.
--
Sandy Wood
Orange County District Attorney


"Roger Abell" wrote:

> Hi Sandy,
>
> That is a very strange message, as ntdll.dll is (the genuine one) a
> fundemental dll of the OS and will always be in use.
>
> Hence, I suspect that something may be amiss with the machine, as
> in having virus, malware, root kit code in the way, especially as
> you seem to have indicated attempting to minimize running processes
> (esp. anti-virus/malware) before the install.
> One thing I have at times found of use is to set potentially interfering
> services to disabled and then do a fresh reboot just before attempting
> the servicing, followed by return of the services to their prior state.
>
> If the problem persists, and all scanning attempts show the
> machine is clean (up to the limit of root kit detection at least)
> and a fresh download of the post SP4 rollup continues, then
> you may want to ask MS at the 1-866-PCSAFETY number,
> specifying this is a server which fails rollup application.
>
> --
> Roger Abell
> Microsoft MVP (Windows Security)
>
> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
> news:707D8903-2F9D-44EB-B06C-35C195F679A0@microsoft.com...
> > Not sure if this is the right forum, but I'm getting an error attempting
> to
> > install the SP4 rollup on my Window 2000 server. At about 2% done, it
> throws
> > an error:
> >
> > "The file c:\winnt\system32\ntdll.dll is open or in use by another
> > application."
> >
> > I've found it hard to close down every process that uses this .dll. Anyone
> > have any ideas?
> >
> > --
> > Sandy Wood
> > Orange County District Attorney
>
>
>