Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

Crash when updating windows

Locked

All,

I am new to this so bear with me if I make protocol mistakes. I do repair computers so I know my way around windows.

I am having trouble with what I suspect spyware. I started fixing a system form a friend that had trouble booting. I used Lavasoft Adaware and spybot in safe mode to clean before I started the update. All came up clean and the system was working well so I started the updates. This started after the sp2 install. The system crashes every time it tries to install windows updates. Also the firewall will not allow me to turn it off.

I get a blue screen and and a memory dump of :
*** STOP: 0x0000008E (0xc0000005,0xEFCDD896,0xEEA69A20,0x00000000)
*** system32:hy32.sys -address EFCDD896 base at EFCD8000, DATESTAMP 45E30bb8

I suspected smitfraud so I downloaded and ran smitfraudfix in safe mode with no fix. I also ran HTJ see logs below:

SmitFraudFix v2.147

Scan done at 3:47:27.90, Sun 03/04/2007
Run from C:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] – Windows_NT
The filesystem type is NTFS
Fix run in normal mode

???????????????????????? hosts

???????????????????????? C:\

???????????????????????? C:\WINDOWS

???????????????????????? C:\WINDOWS\system

???????????????????????? C:\WINDOWS\Web

???????????????????????? C:\WINDOWS\system32

???????????????????????? C:\Documents and Settings\Owner

???????????????????????? C:\Documents and Settings\Owner\Application Data

???????????????????????? Start Menu

???????????????????????? C:\DOCUME~1\Owner\FAVORI~1

???????????????????????? Desktop

???????????????????????? C:\Program Files

???????????????????????? Corrupted keys

???????????????????????? Desktop Components

???????????????????????? Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll

???????????????????????? AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLs”=””

???????????????????????? Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“System”=””

???????????????????????? pe386-msguard-lzx32-huy32

huy32 detected, use a Rootkit scanner

???????????????????????? Scanning wininet.dll infection

???????????????????????? End

Here is my HTJ log:

Logfile of HijackThis v1.98.1
Scan saved at 3:40:27 AM, on 3/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BigFix\BigFix.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\system32\wuauclt.exe
J:\Downloads\Utilities\Adaware\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962-6F74-2D53-2644-206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: (no name) – {549B5CA7-4A86-11D7-A4DF-000874180BB3} – (no file)
O2 – BHO: (no name) – {5A07192F-605D-4A12-B5EE-C30F3031C24C} – (no file)
O2 – BHO: NAV Helper – {BDF3E430-B101-42AD-A544-FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 – BHO: Still Image – {E8656DAF-0229-BA16-E97D-31557D631863} – C:\WINDOWS\system\mtstct32.dll
O2 – BHO: (no name) – {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} – (no file)
O3 – Toolbar: AOL Toolbar – {4982D40A-C53B-4615-B15B-B5B5E98D167C} – C:\Program Files\AOL Toolbar\toolbar.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 – HKLM\..\Run: [AOLDialer] “C:\Program Files\Common Files\AOL\ACS\AOLDial.exe”
O4 – HKLM\..\Run: [AOL Spyware Protection] “C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe”
O4 – HKLM\..\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 – HKLM\..\Run: [SunKistEM] “C:\Program Files\Digital Media Reader\shwiconem.exe”
O4 – HKLM\..\Run: [sysdrv] C:\WINDOWS\svchosts.exe
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 – HKCU\..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 – Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 – Extra context menu item: &AOL Toolbar search – res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – (no file)
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – (no file)
O9 – Extra button: AOL Toolbar – {4982D40A-C53B-4615-B15B-B5B5E98D167C} – C:\Program Files\AOL Toolbar\toolbar.dll
O9 – Extra ‘Tools’ menuitem: AOL Toolbar – {4982D40A-C53B-4615-B15B-B5B5E98D167C} – C:\Program Files\AOL Toolbar\toolbar.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Real.com – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – C:\WINDOWS\System32\Shdocvw.dll
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O12 – Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 – Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 – Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O14 – IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 – DPF: {01111F00-3E00-11D2-8470-0060089874ED} – http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
O16 – DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172942335343
O21 – SSODL: KrkgmShzCdjj – {206E1394-8AC4-B93E-232B-376859CD0C9C} – (no file)

Mind you the system still boots and all systems are working except windows update.

Thanks in advance any ideas would be helpful.

Topic

Clarifications

In reply to Crash when updating windows

Clarifications

Well firstly it would be nice to know what hardware is involved

In reply to Crash when updating windows

You can have a Conflict with some hardware that prevents SP2 from working correctly or if you have a P4 you need to Flash the BIOS as every P4 needed this done prior to installing SP2 or the system would crash out after SP2 was installed and anything was possible.

If you have the newest BIOS available loaded on this M’Board you can then set about checking the Windows Update Web Site and tell me at what stage it crashes. Is it after the System runs the confirmation that a Genuine Version of Windows XP is connected? If that’s the case M$ has Blacklisted the Product Key for that particular machine and you’ll need the original Install/Restore CD and ring the makers to get a replacement Product Key.

You can then change the product key over to the newly provided one using Key Finder from Magic Jellybean located here but you’ll need to look for it in FF as IE will not accept this Web Site.

http://tinyurl.com/b01p

If you have a M$ OEM CD or Retail CD you need to ring M$ direct and quote the batch number off the inner ring of the CD and they will within 7 to 10 days E-Mail you a replacement product key which you can use the above utility to change and then reactivate.

After this is done you can try the Windows Update Service again and download any available updates.

However if you are getting to the stage where you are prompted for a choice to download the Express or Custom Updates available and Windows is crashing out here you need to perform a In Place Install of Windows by following the directions here

http://tinyurl.com/g4bv8

Or you may get lucky and just need to repair the Registry by following the directions here

http://tinyurl.com/4y24g

However because of the problems that you are having with this unit I would recommend that you just save all the persons Data and then blow away the Windows Install by wiping the HDD with a wiping utility that writes zero’s to every sector like Boot & Nuke available for download here

http://tinyurl.com/4rfur

Then reinstall the OS from Scratch. The up side of this is that if you have the same CD you don’t need to worry about Product Keys not working as any XP Pro CD will work with any XP Pro Product Key and the same applies to the Home Version so you can just reinstall from any CD of the same version and use the Product Key on the COA.

That way you’ll have a clean install with no problems but I would still urge you to update the BIOS to the newest version available.

Col

Missing Bios update

In reply to Well firstly it would be nice to know what hardware is involved

Thanks for the info.

Here is my hardware info from emachines (sorry I forgot to include it):

Intel? Celeron? D 340 Processor
Operates at 2.93GHz
256KB L2 cache & 533MHz FSB
Operating System: Genuine Microsoft? Windows? XP Home
Chipset: Intel? 845GV chipset
Memory: 512MB DDR (PC 2700)
Expandable to 2GB
Hard Drive: 80GB HDD
Optical Drive: 48x Max. CD-RW Drive; 16x Max. DVD Drive
Media Reader: 8-in-1 digital media manager (USB 2.0, Secure Digital? (SD), Smart Media, Compact Flash, Memory Stick?, Memory Stick PRO, Micro Drive, Multimedia Card)
Video: Intel? Extreme Graphics 3D
64MB Shared memory
Sound: AC ’97 Audio
Network: Intel? PRO 10/100Mbps built-in Ethernet
Modem: 56K ITU v.92-ready Fax/Modem
Peripherals: Standard Multimedia Keyboard, 2-Button Wheel Mouse, Amplified Stereo Speakers
Ports/Other: 5 USB 2.0 ports (1 in Media Manager; 4 in back), 1 Serial, 1 Parallel, 2 PS/2, Audio-In & Out
Dimensions: 7.25″W x 14.125″H x 16″D

Blark advisor reported this info:

Operating System
Windows XP Home Edition Service Pack 2 (build 2600)
Processor a Main Circuit Board
2.93 gigahertz Intel Pentium 4
16 kilobyte primary memory cache
256 kilobyte secondary memory cache Board: Intel Corporation
Serial Number: TGSR43311682
Bus Clock: 133 megahertz
BIOS: Intel Corp. SR84510A.46T.0012.P05.0408182053 08/18/2004
Drives Memory Modules c,d
80.02 Gigabytes Usable Hard Drive Capacity
66.81 Gigabytes Hard Drive Free Space

HL-DT-ST DVD-ROM GDR8163B [CD-ROM drive]
SAMSUNG CD-R/RW SW-252S [CD-ROM drive]

Generic USB CF Reader USB Device [Hard drive] — drive 2
Generic USB MS Reader USB Device [Hard drive] — drive 4
Generic USB SD Reader USB Device [Hard drive] — drive 1
Generic USB SM Reader USB Device [Hard drive] — drive 3
USB Flash Memory USB Device [Hard drive] (1.02 GB) — drive 5
WDC WD800BB-22FJA0 [Hard drive] (80.03 GB) — drive 0, s/n WD-WMAJ95259448, rev 13.03G13, SMART Status: Healthy 504 Megabytes Installed Memory

Slot ‘J6G1’ has 512 MB (serial number FFFF070F)
Slot ‘J6G2’ is Empty
Local Drive Volumes

c: (on drive 0) 80.02 GB 66.81 GB free

I it is a P4 so I wanted to do the Bios update but when I go to emachines there is no bios (or any) downloads for this motherboard. I also went to Intel but they have 3 different boards listed for the 845GV chip set. Intel lists a D845GVSR, D845GVFN and a D845GVAD2. I sent an email to emachines to ask what one I should use or do they have a better idea. Here is their response:

“Thank you for your e-mail. In response to your inquiry about your
eMachines that shutdown after you update the service pack 1 to service
pack 2. You also mentioned that you need an update for BIOS on your
system. I understand your concern, in most cases the only reason to get a BIOS upgrade is to add support for a new form of hardware you are
adding to your system that is not supported by your current BIOS. Some
examples would be a CPU or a larger hard drive. Most Operating Systems
do not use the BIOS once the Operating System is up and running. You
should not upgrade the BIOS in an attempt to fix a software bug unless
the motherboard manufacturer has identified the BIOS as the cause of the problem.

There are currently no recommended BIOS changes or updates listed for
your computer. Changing the default settings in BIOS could cause the
computer to become unbootable and it is not recommended. eMachines does not have or support any changes for the BIOS.

To allow eMachines to ensure customer satisfaction, BIOS updates are not posted on the website until they have been through rigorous testing to
ensure the update is compatible and will not cause any instabilities
with the system. The original BIOS is stable and eMachines can
guarantee that it will work on the system it is sent with. Once an
update has been through the testing to ensure it is needed, compatible
and stable, the update will be posted on the website. Until an update
is needed and available, eMachines will continue to support the original BIOS.

Please be advised that if you choose to update your BIOS with an update
not posted on the eMachines website, the original BIOS flash for your
system will not be available from eMachines.”

I even thought to look at gateway as they are now related and System information listed Gateway as the manufacturer. They had a bios update that seemed to fit i.e.. it had the correct rev numbers but when I made the update CD It stated it was the incorrect mother board.

Thanks for any input.

Crash info

In reply to Well firstly it would be nice to know what hardware is involved

I forgot to include what was updating when the crash happened. I did have the verification software installed and it has passed. It crashes on Security Update for Windows Messenger (KB887472). I don’t know if I can update the others first to see if any of them crash the system. I did not see settings to not do certain updates.

Security Update for Windows XP (KB928255)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB927802)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB924667)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB927779)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Microsoft Data Access Components (MDAC) that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB926436)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Cumulative Security Update for Internet Explorer 6 for Windows XP (KB928090)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
Security issues have been identified that could allow an attacker to compromise a system running Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Update for Windows XP (KB931836)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
Installing this update enables your computer to automatically adjust the computer clock on the correct date in 2007 due to revised Daylight Saving Time laws in many countries. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB929969)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the way Vector Markup Language (VML) is handled that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB923980)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows Media Player 6.4 (KB925398)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Windows Media Player and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB923689)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Windows Media file formats and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Security Update for Windows XP (KB924270)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

MSXML 4.0 SP2 Security Update (KB927978)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A vulnerability exists in the XMLHTTP ActiveX control within Microsoft XML Core Services that could allow for remote code execution Details…

Update for Windows XP (KB922582)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A problem has been identified in Filter Manager that can prevent you from installing updates from Windows update. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Update for Windows XP (KB920872)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
This is a reliability update for Windows XP machines. Install this audio component update to prevent memory corruption issues which may cause an unstable state on a computer that is running Windows XP Service Pack 2. After you install this item, you may have to restart your computer. Details…

Security Update for Windows Messenger (KB887472)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details…

Thanks again

OK first thing is that you are stuck with that BIOS so don’t alter it

In reply to Crash info

Now to your real problem as you have already got the files downloaded the computer all you need do is run through the install process by logging back onto the Windows Live Update Sits Chose Custom Installation and deselected the

[i]Security Update for Windows XP (KB928255)[/i]

By un-ticking the box beside it. As you have already downloaded everything you should then just need to hit the download button and the computer will run through checking the downloads and then begin to install the current updates that you have selected. You may also find some hardware updates that are not available through the [b]Express Option[/b] which may make the system work better.

Sometimes it’s possible to get some Patches that need to be installed separately and using the express option may allow these Patches to be downloaded and cause the system to crash when the system attempts to install one of the patches that required a reboot before it can be safely applied. If you use the Custom Option you will be told about these software conflicts every time that they occur and you can make sure that you [b]Do Not[/b] download any conflicting Patches that cause problems and can cause the computer to crash.

Col

Crash on KB922582

In reply to OK first thing is that you are stuck with that BIOS so don’t alter it

I tried unclicking that update and doing a custom install. I had the same problem so I stated doing them one by one. I got all of the updates to install but KB922582. This must be the one causing the issue.

Now the error report after the blue screen recovery states an issue with the video driver. I updated the video driver to the most current one and I have the same issue. The report even told me to turn off the hardware accelleration but that did not help either. I am now going to remove the drive and scan it again on another system to see if anything (spyware or virus) is still on the drive.

If it still comes up as clean

In reply to Crash on KB922582

Chose the option to disregard that Patch every time that the Computer looks for updates. To do this expand up the explanation of what the patch does and then at the bottom is a box that has beside it don’t use again and you then tick the box and the computer will not look at that patch again. Obviously there is something with the hardware that is causing a problem so just disable that one patch and forget about it.

Col

Still have issues

In reply to If it still comes up as clean

I scanned the drive on my test bench and found over 115 viruses along with a lot of spy-ware, I usually do this first, then try to repair. I figured that I didn’t need to waste the time because the system seemed to be working and it’s antivirus software found nothing at the time. The computer has webroot spySweeper with antivirus and I use AVG on my test bench system. I guess webroot is not a very good antivirus scanner. After I got a good scans with AVG/spybot/adaware I still had the same issue after reinstalling the drive in the system.

I hid the update as you indicated. I went back to windows update and it now wanted to install IE7. I let it do the update and It crashed again. Same issue.

This computer has some software called “BIG FIX” It is a utility provided by emachines (and Gateway) that is suppose to notify you about updating drivers and incompatibility. Early on there was a notification of an issue between Big Fix and IE7. It told me to run some software that would fix the issue. It deleted a .dll file. Could there still be an issue? Should I just try to remove the “BIG FIX” Software?

At a loss.

Thanks

I would remove anything unnecessary

In reply to Still have issues

To the Operation of the system not supplied by either M$ or a well known third party Software house. Quite often a lot of available software supplied with Off the Shelf Machines will work with the initial install and then give problems further down the track as M$ change their was of allowing things to be done within the Windows Kernel.

So I would say dump the Big Fix utility and anything associated with it and try from there.

Have you tried Crap Cleaner to remove rubbish off the HDD it’s available here

http://tinyurl.com/rc2fn

Col

No Fix yet

In reply to Still have issues

for some reason I could not post a reply to your last message.

I installed and removed all unnessary software but I still get the same crash when updating.

OK since you repair computers

In reply to Crash when updating windows

Can you stick another HDD into this unit and load a Volume License Copy of XP Pro onto it?

You should have one of these CD’s around as they are very useful for testing purposes. I would suggest inserting another HDD and loading it with XP Pro and then applying the updates to see if you get the same problems persisting with a Clean Install. If you do you are going to have to start disconnecting things on the Hardware Side of things till you find where the problem is and if it loads and installs Patches/SP OK you’ll know that it’s the Base install of Windows where the problem is.

If this helps all HP Recovery CD are Volume License and you can use one of those to do a Base install then select the necessary drivers to finish off the install. If it’s a HP unit you are just so much better off as you don’t have to worry about activation which is a real nuisance particularly when you are only loading a test Install which you are intending to blow away as soon as you know what is going wrong. If the System load and works properly you’ll need to save the data and reload the system but if it still comes up with the same problems you’ll have to start looking at the available Hardware and see what isn’t compatible.

I wasted close to a week when SP1 came out with a DVD ROM that wasn’t compatible with SP1 and caused the MBR’s to be destroyed when SP1 was applied. Then to add insult to injury about 3 weeks latter Samsung released a Firmware Update to make that model DVD ROM Drive Compatible with XP SP1. It just would have been much easier if Samsung had fessed up to their hardware problem and even better if I wasn’t the first one to hit this problem.

Just to make things even easier it’s also possible that some Software may cause the same problems. 😀

So just try it with a Base install of Windows and if that works then wipe the HDD and reinstall the OS and then the software that is currently being used and try again. If that works it’s possible that the HDD is going faulty or may even not be compatible with that particular version of XP.

Col

Will replace windows eventually

In reply to OK since you repair computers

I found another thread with similar issues

http://techrepublic.com.com/5208-6230-0.html?forumID=101&threadID=205584&start=0

I am going to look at this first and see if I have a rootkit infection.
I just noticed from the orginal smitfraud scan:
??????????????????????? pe386-msguard-lzx32-huy32

huy32 detected, use a Rootkit scanner

If this does not repair using AVG Antirootkit Beta, ADS Spy,F-Secure’s BlackLight, I will test another drive.

thanks

I finally Found a FIX

In reply to Will replace windows eventually

Yes it was a rootkit infection. I used the AVG Antirootkit Beta to find and rename then used ADS Spy to remove. Rescanned with F-secures Black light and rescanned with smithfraud and found nothing also reinstalled the registry keys according to the link in last post.

Ran update and all worked great!

I have not had any experience with these root kit infections before so that is why it threw me for a loop. I will defiantly add this info to my mental tool box.

Thanks for all your help

[Author]

Replies