fellowsheep
IS-IT--Management
Hi folks, I've encountered quite a mess with a SOHO client that I just had to share. Advice is of course welcomed...
Client had attempted to install SP2 on a Dell Dimension 4300s running XP Pro, and had encountered an error which resulted in uninstall, but she didn't remember the error specifically and didn't think the uninstall was complete. This machine had nearly everything installed; no less than four spyware programs (Spybot, Adware, Counterspy, Pest Patrol, maybe another); Norton IS 2004; Norton System Works 2002; tons of other apps. There was at one time an indication of the ucsearch.ocx Trojan, but I found no evidence of it upon inspection. Then the "fun" began...
Disabled all startup processes & attempted to install SP2 from disk. Seemed near completion when the "Access Denied" failure was encountered. Retried from safe mode & got the same thing. I found the link and the next day reset permissions to default with secedit (from safe mode w/networking), and got SP2 to install (from safe mode w/nw). Note that the permissions reset also removed a couple of other user accounts, but not the main one which has Admin priveledges. I've probably left something out because it took a while to get to this point...but here is where it got ugly...
Upon restart in normal mode w/SP2 installed, Norton autoprotect generates an "Access Denied C:\" error. Some log indicated that the OS had exclusive rights to C:\! I did get the initial Norton caution about Windows Firewall vs. Norton's & dual alerts, but dismissed it leaving both active (have done so without issues on several machines). To make a long story a bit shorter, here's the current situation:
Windows firewall now disabled, all startup processes disabled (same result with selective & all enabled BTW), on boot NIS generates the Access Denied error which hangs NIS so I can't bring it up to disable it's firewall. Browsers are not able to access any IP (even local router
W6000, and local AP:LinksysWAP54G), but ping works for any local IP, Yahoo, Google, etc. Uninstall NIS hangs...and get this: No Network Connections are displayed (the "window can't obtain a list...make sure Network Connections service is running"...and it is running). Even the LAN adapter cannot be displayed (wanted to check & change properties).
Tried System Restore to prior SP1 date & it failed with a Norton autoprotect access denied. Then disabled Norton services & was able to boot without Norton access denied error, but still couldn't uninstall NIS. From that point I initiated another Restore attempt (since autoprotect isn't running) & had to go home for the day. If it succeeded, I plan to uninstall NIS if possible, then repeat the SP2 install, followed by NIS reinstall. At least that's the plan for day three...wish me luck!
Also can't get the WPC54G card in her Win2k laptop to obtain an IP from the DW6000 if WEP is enabled (still talks to the access point), but that's another post...
Chris
Client had attempted to install SP2 on a Dell Dimension 4300s running XP Pro, and had encountered an error which resulted in uninstall, but she didn't remember the error specifically and didn't think the uninstall was complete. This machine had nearly everything installed; no less than four spyware programs (Spybot, Adware, Counterspy, Pest Patrol, maybe another); Norton IS 2004; Norton System Works 2002; tons of other apps. There was at one time an indication of the ucsearch.ocx Trojan, but I found no evidence of it upon inspection. Then the "fun" began...
Disabled all startup processes & attempted to install SP2 from disk. Seemed near completion when the "Access Denied" failure was encountered. Retried from safe mode & got the same thing. I found the link and the next day reset permissions to default with secedit (from safe mode w/networking), and got SP2 to install (from safe mode w/nw). Note that the permissions reset also removed a couple of other user accounts, but not the main one which has Admin priveledges. I've probably left something out because it took a while to get to this point...but here is where it got ugly...
Upon restart in normal mode w/SP2 installed, Norton autoprotect generates an "Access Denied C:\" error. Some log indicated that the OS had exclusive rights to C:\! I did get the initial Norton caution about Windows Firewall vs. Norton's & dual alerts, but dismissed it leaving both active (have done so without issues on several machines). To make a long story a bit shorter, here's the current situation:
Windows firewall now disabled, all startup processes disabled (same result with selective & all enabled BTW), on boot NIS generates the Access Denied error which hangs NIS so I can't bring it up to disable it's firewall. Browsers are not able to access any IP (even local router
W6000, and local AP:LinksysWAP54G), but ping works for any local IP, Yahoo, Google, etc. Uninstall NIS hangs...and get this: No Network Connections are displayed (the "window can't obtain a list...make sure Network Connections service is running"...and it is running). Even the LAN adapter cannot be displayed (wanted to check & change properties).Tried System Restore to prior SP1 date & it failed with a Norton autoprotect access denied. Then disabled Norton services & was able to boot without Norton access denied error, but still couldn't uninstall NIS. From that point I initiated another Restore attempt (since autoprotect isn't running) & had to go home for the day. If it succeeded, I plan to uninstall NIS if possible, then repeat the SP2 install, followed by NIS reinstall. At least that's the plan for day three...wish me luck!
Also can't get the WPC54G card in her Win2k laptop to obtain an IP from the DW6000 if WEP is enabled (still talks to the access point), but that's another post...
Chris