| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 87656 | 2008-02-29 06:58:00 | Windows XP Service Pack 2 | Andrewk (13361) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 644867 | 2008-02-29 20:52:00 | FWIW: Wainuitech - remember that the Norton Removal Tool is needed to get rid of Nortons - its on the Symantec website . OHHHHH YEAH !!:thumbs: I use it all the time to remove Nortons when it corrupts . The reason for saying remove Nortons is two fold - Some updates or programs will have problems installing if ANY Antiviral is installed, not just Nortons, in fact many programs say to disable the antivirus before installing . And looking at the PC's specks in post 1 Nortons would slow that down quite a bit, I know it would because one of my workshop PC's had the same main spec's "2 . 8Gz Pentium 4 and 512 MB memory" - It wasn't till I added in more RAM that I was anywhere near happy with the performance, and that was running Nod32 . I have also seen many Customers PC's with those spec's, and removing Nortons instantly gave it speed and solved a lot of problems . Not starting ANOTHER Nortons fight - hence I said "Ask just about anyone here . ( note I said just about )" I was think of Trev at that point since he has had no problems . :thumbs: Anyone only has to search the past posts to see what the general feeling of certain brands of Anti viruses are . |
wainuitech (129) | ||
| 644868 | 2008-03-05 01:29:00 | Hello there! I'm having about the same problem and from eventvwr I get that the problem was an Error with NtServicePack and it just says that Windows XP Service Pack 2 installation failed. Access denied. As for hijackthis I got this: (thanks) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:28:05 p.m., on 04/03/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\ARCHIV~1\Grisoft\AVG7\avgamsvr.exe C:\WINDOWS\SOUNDMAN.EXE C:\ARCHIV~1\Grisoft\AVG7\avgcc.exe C:\ARCHIV~1\Grisoft\AVG7\avgupsvc.exe C:\ARCHIV~1\Grisoft\AVG7\avgemc.exe C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Archivos de programa\Winamp\winampa.exe C:\Archivos de programa\Winamp\winamp.exe C:\Archivos de programa\iTunes\iTunesHelper.exe C:\WINDOWS\System32\ctfmon.exe C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe C:\Archivos de programa\BitComet\BitComet.exe C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe C:\Archivos de programa\iPod\bin\iPodService.exe C:\Archivos de programa\palmOne\Hotsync.exe C:\Archivos de programa\OpenOffice.org 2.3\program\soffice.exe C:\Archivos de programa\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\System32\svchost.exe C:\Archivos de programa\MSN Messenger\usnsvc.exe C:\Archivos de programa\Mozilla Firefox\firefox.exe C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Archivos de programa\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Archivos de programa\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Archivos de programa\Winamp\winampa.exe" O4 - HKLM\..\Run: [Winamp] "C:\Archivos de programa\Winamp\winamp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BitComet] "C:\Archivos de programa\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe -m O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARCHIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.LNK = C:\Archivos de programa\palmOne\Hotsync.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Archivos de programa\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: HotSync Manager.lnk = C:\Archivos de programa\palmOne\Hotsync.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Archivos de programa\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Archivos de programa\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Archivos de programa\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Copy to Semagic - C:\Archivos de programa\Semagic\copy.htm O8 - Extra context menu item: Semagic - C:\Archivos de programa\Semagic\link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Archivos de programa\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - catalog.update.microsoft.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - messenger.zone.msn.com O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe -- End of file - 7611 bytes I |
Jerfo (13452) | ||
| 644869 | 2008-03-05 01:40:00 | You should have created another thread. You've got Agobot (www.sophos.com) a worm. Run hijackthis again tick these, then tick fix checked Close browser/s. I would disable system restore as well Safe, but dont have to be in startup O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Archivos de programa\Winamp\winampa.exe" This is Agobot 04 - HKLM\..\Run: [Winamp] "C:\Archivos de programa\Winamp\winamp.exe" Safe O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe" Get rid of Bitcomet, thats probably how you got this worm Uninstall all versions of Sun Java, yours is out of date, its now up to 1.6.0.5. Link is in my sig. Get trojan remover in my sig below. Install it update it then click on scan. If you cant get to the site heres the direct link (www.simplysup.co.uk) It looks like this worm adds entries to the host file. Then select all options under the utilities menu I would also update Windows sometime. |
Speedy Gonzales (78) | ||
| 644870 | 2008-03-05 02:21:00 | hm . . . . . . theres also a possibility that you may have an issue depending on the cpu type: WindowsXP-KB885626-v2-x86-enu . exe This non-security critical update helps resolve an issue where a limited number of systems running a BIOS without production support for Intel Pentium 4 and Intel Celeron D processors based on Prescott C-0 stepping can potentially hang on Windows XP Service Pack 2 installation . After you install this update, you may have to restart your computer . |
drcspy (146) | ||
| 644871 | 2008-03-05 02:22:00 | If i recall correctly you're supposed to install this BEFORE sp2 (if you need it) | drcspy (146) | ||
| 644872 | 2008-03-05 03:11:00 | Well that was fast! Unfortunately despite doing everything that you told me it didn't work, I got the exact same error, it crashed halfway through the installation. As for the BIOS thingie I had already read that on the microsoft website but I'm using an AMD Athlon, not Intel. :( |
Jerfo (13452) | ||
| 644873 | 2008-03-05 03:39:00 | Post another log, we'll see if you ticked everything Did you go to the windowsupdate site, to get SP2? Or download SP2 manually, then install it? Did you get trojan remover as well, and select everything under utilities after u did a scan? |
Speedy Gonzales (78) | ||
| 644874 | 2008-03-05 04:15:00 | Yes, I used trojan remover and selected everything, it didn't find anything. As for the SP2 I downloaded it manually. Here's the log: Scan saved at 10:11:27 p.m., on 04/03/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\ARCHIV~1\Grisoft\AVG7\avgamsvr.exe C:\ARCHIV~1\Grisoft\AVG7\avgupsvc.exe C:\ARCHIV~1\Grisoft\AVG7\avgemc.exe C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Archivos de programa\iTunes\iTunesHelper.exe C:\WINDOWS\System32\ctfmon.exe C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe C:\Archivos de programa\iPod\bin\iPodService.exe C:\Archivos de programa\palmOne\Hotsync.exe C:\Archivos de programa\OpenOffice.org 2.3\program\soffice.exe C:\Archivos de programa\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\System32\svchost.exe C:\Archivos de programa\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Archivos de programa\Winamp\winamp.exe C:\Archivos de programa\Mozilla Firefox\firefox.exe C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Archivos de programa\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Archivos de programa\Trojan Remover\Trjscan.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\ARCHIV~1\COMMON~1\MOBIPO~1\webcomp.exe -m O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARCHIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.LNK = C:\Archivos de programa\palmOne\Hotsync.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Archivos de programa\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: HotSync Manager.lnk = C:\Archivos de programa\palmOne\Hotsync.exe O8 - Extra context menu item: Copy to Semagic - C:\Archivos de programa\Semagic\copy.htm O8 - Extra context menu item: Semagic - C:\Archivos de programa\Semagic\link.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - catalog.update.microsoft.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - messenger.zone.msn.com O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe -- |
Jerfo (13452) | ||
| 644875 | 2008-03-05 04:27:00 | Are these updates on your system? This (www.microsoft.com) This (www.microsoft.com) This (www.microsoft.com) This (www.microsoft.com) If theyre not, install them if you can. Open my computer, highlight C, and right mouse, scan with trojan remover. Let it scan the whole hard drive. Can you install anything without any errors coming up? If you can get rid of AVG and get something better like Avast Home or NOD32 |
Speedy Gonzales (78) | ||
| 644876 | 2008-03-07 02:47:00 | Nope, still not working. I scanned the whole drive and nothing was found, installed all the updates (except for one which was apparently outdated according to what it told me) and it just keeps crashing around midway. | Jerfo (13452) | ||
| 1 2 3 | |||||