Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SP2 installation experiment


  • Please log in to reply
38 replies to this topic

#16 Grinler

Grinler

    Bleep Bleep!


  • Admin
  • 40,094 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:18 AM

Posted 06 September 2004 - 10:58 PM

Love your posts phawgg :thumbsup:

Btw, I removed brunts message on slipstreaming and slimming SP2 as it was not created by him. Thanks for pointing it out to me.

BC AdBot (Login to Remove)

 


#17 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 21 September 2004 - 02:02 AM

9-20-04

Its been a little while longer. I've continued to use the PC. Time to update the progress.

System Restore

9-07-04
2:19:54am..spybot
2:26:36am..spybot
2:31:47am..spybot
2:33:12am..spybot
2:37:57am..spybot
11:31:39am..spybot
11:32:04am..spybot

9-09-04
9:59:06am..spybot
9:59:25am..spybot

9-13-04
9:54:41am..spybot

9-17-04
9:09:16am..spybot

9-18-04
11:29:29am..system checkpoint

9-20-04
11:16:50am..spybot
5:01:30pm..spybot
5:26:09pm..Software Distribution (new critical update)
6:08:40pm..Software Distribution (windows media player 10)

Event Viewer Application 643 events to date

9-06-04.....9:23:30pm..MsiInstaller..warn..code 1001
.................9:25:03pm..the same
...............10:08:11pm..the same
...............10:08:11pm..the same

9-07-04......1:46:41am..application hang..warn (101) 1002
.................2:10:45am..Userenv..warn..code 1517

9-14-04...12:05:19am..Userenv..warn..code 1517
9-19-04.....2:38:47am..Userenv..warn..code 1517
9-20-04...12:42:45am..Userenv..warn..code 1517

Event Viewer System 2503 events to date

9-07-04......1:47:25am..cdrom..warn..51
.................1:47:26am..cdrom..warn..51
.................1:47:27am..cdrom..warn..51 (15x) An error on the device Device\cdrom during a paging operation. An input/output device (I/O) request to a memory-mapped file failed & the operation was retired.
.................2:02:07am..cdrom..warn..51
.................2:02:08am..cdrom..warn..51

9-11-04......6:22:53pm..User32..warn..1073
9-13-04.....12:04:56am..W32Time..warn..36
................11:16:00pm..W32Time..warn..36
9-14-04......8:44:31pm..W32Time..warn..36
9-19-04.....12:18:31am..W32Time..warn..36
................11:04:12pm..W32Time..warn..36
9-20-04......2:34:34pm ..Service Contol Manager..(5X)..error.. 7001 (4x) 7026 (1x)
.................2:40:22pm..DCOM..error..(2x) system (2x) administrator

I've been staying quite busy, offline and online the last couple weeeks. Still taking my trainee status seriously. Still reading posts, following links, trying to apply logic to learning. Improving the techniques and setups, developing a database, basically running the computer constantly. I'm still not loading it up with all my stuff, since I'm
soaking up other experiences.

The first critical update since installing SP2 on 8-22-04 was waiting for me at Windows update today. I d/ld the wmp 10 while I was there. (Software Distribution to the system restore)

The C:\ has 6.1GB used now. I have any and all programs & data on the other drive. Its expensive to run the OS this way, huh? I'm still reluctant to draw conclusions definitively, rather I'm sorta mullin' it over before I act.

It runs well, despite the data documented above. I guess I'll eventually figure those glitches in the larger scheme of things. Till then I won't sweat it..
:thumbsup: BTW, the add/remove programs still has only the SP2 showing. The critical update must not be considered a "hotfix" like the 24 that showed between SP1 & SP2.

Edited by phawgg, 21 September 2004 - 02:36 AM.

patiently patrolling, plenty of persisant pests n' problems ...

#18 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 21 September 2004 - 03:34 AM

9-20-04 corrections

The first critical update since installing SP2 on 8-22-04 was waiting for me at Windows update today. I d/ld the wmp 10 while I was there. (Software Distribution to the system restore)


EDIT: I installed SP2 on 8-25-04
Add/Remove Programs listed at that time: all installed on C:\
* HSP Modem Drivers
* Microsoft Office 2000 SR-1 Professional (98 MB)
* nVidia Display Drivers
* nVidia nForce Drivers
* Windows XP Service Pack 2 (.13 MB)
Since then these appear on the list:

*Ad-Aware SE Personal 2.48 MB
AVG 6.0 Anti-virus- Free 14.16 MB
BHA's Recorder Gold 5.2 32.01 MB
Google Toolbar for IE .68 MB
Hijack This 1.98.2 .18 MB
*Hot Keyboard Pro 2.5 1.61 MB
Java Runtime Environment SE v 1.4.2_05 108.00 MB
Mozilla Firefox (0.9.2) 14.81 MB
*Registrar Lite 2.0 3.46 MB
Spybot S&D 1.3 9.64 MB
*SpywareBlaster v3.2 2.46 MB
Sygate Personal Firewall 11.04 MB

*installed on D:\

The C:\ has 6.1GB used now. I have any and all programs & data on the other drive.



any and all?? Since about 9-5-04 I've tried to not install on the C:\ is all I meant to say. :thumbsup:
patiently patrolling, plenty of persisant pests n' problems ...

#19 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 01 October 2004 - 10:21 PM

*warning...long post, read at your own risk* lol

This will be the last post of the installation of SP2 experience. (yawn) Its been 'bout 5 weeks, adequate (I guess) to demonstrate some things related to it. I'm learnin'. In all fairness, remaining problems are probably mine at this point, primarily in system & service configurations. I have not trimmed down the OS. Things aren't as neat as I'd like, but hey...I'm a beginner. I don't understand it all.

Plus, a CWS infection ran into it a couple days ago. Searchin' HJT info, a IE window opened for some reason at some site and next thing I know..it's slower, and intermittant timed out connections in firefox. Enough to alert me. Sygate firewall record, avg record & now pest patrol all agree. A more recent varient. Start page hijack, CWS.GoogleMS 3, one not in Merijyn's CWShedder. (I sure wish he could continue the work, but as he states in the article link, they're gettin' complex. Links below to see screenshots. HJT log & the trend micro sysclean record, as well, follow the final facts of whats been goin' on at a single PC on dial-up in daily use as described in previous post. A mile and a half of data. At least I've got some mp3's back on for entertainment......

article

firewall report
anti-virus report
anti-trojan report


10-01-04

Add/Remove programs additional or changes:

c:\ drive:
abby fine reader 5.0 sprint 101MB
lexmark x5100 47.02MB
pest patrol (not shownin list, but it is in c:\Program files)

d:\Program Files\
adobe download manager (remove only)
adobe photoshop album 2.0 se 15.12MB
HJT hotkey 2.7.4 1.73MB
irfanview (remove only) 5.46MB
mozilla firefox 1.0pr 94.15MB
pawsoft fass .27MB

System Restore

9-21-04
6:05:49pm..printer driver Lexmark X5100 series Install

9-23-04
1:27:41pm.. system checkpoint
9:13:35pm..adobe photoshop album 2.0 starter edition Install
9:15:23pm..adobe reader 6.0.1 Install

9-25-04
9:14:15am.. system checkpoint

9-26-04
8:38:27am.. spyboy s&d spyware removal
6:55:29pm.. spybot s&d spyware removal

9-28-04
2:43:00am..spybpt s&d spyware removal

Event viewer Application 744 events since beginning

Pretty unremarkable for for 10 days. Three warns among 101 more events:

9-25-04
11:40:37am..Userenv..warn..code 1517

9-27-04
. 1:59:08am..Userenv..warn..code 1517

10-01-04
. 2:15:33am..Userenv..warn..code 1517

Event viewer System 2,474 events (maximum 512 kb retained...now 8-30-04 through 10-01-04)

9-21-04
6:05:43pm.. Print..warn..code 20

9-24-04
10:18:48pm..W32Time..warn..code 36
11:24:13pm..Service Control Manager..error (4x)..code 7001
11:25:16pm..Service Control Manager..error (1x)..code 7026
11:26:16pm..DCOM..error..code 10005
11:36:26pm..atapi..error..code 9
11:39:10pm to 11:45:21pm..DCOM (5x)..error..code 10005

9-28-04
11:18:37pm..W32Time..warn..code 36

9-29-04
11:12:57am..Print..error..code 6161

HJT log

Logfile of HijackThis v1.98.2
Scan saved at 9:48:35 AM, on 10/1/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
c:\Program Files\PestPatrol\ppcontrol.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
D:\Downloads\HJT\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bleepingcomputer.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Assign &hot key - D:\Program Files\Hot Keyboard Pro\IEScript.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1093426737046
O17 - HKLM\System\CCS\Services\Tcpip\..\{0ABCF782-1941-4C73-A431-6DC8E6229255}: NameServer = 64.40.40.53 66.54.140.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{0ABCF782-1941-4C73-A431-6DC8E6229255}: NameServer = 64.40.40.53 66.54.140.10

-----------------------------------------------------------------------------
Trend Micro
New Virus Pattern Release
-----------------------------------------------------------------------------

Pattern Version: 2.186.00
Release Type: Pattern Enhancement
Notes: WORM_BAGLE.AM

September 30, 2004, 11:28:37 (GMT -08:00)

---------------------
New Viruses Detected:
---------------------

There are [94] new viruses detected by the pattern file.
All detail virus names please refer to the list below.

BAT_PARAQ.A
BKDR_AGOBOT.UP
BKDR_CGZ.B
BKDR_GRAYBIRD.BE
BKDR_HAXDOOR.AI
BKDR_HAXDOOR.T
BKDR_PEEPVIEWR.M
BKDR_PEEPVIEWR.Q
BKDR_REDKOD.G
BKDR_SDBOT.KY
BKDR_SDBOT.MW
BKDR_SDBOT.NW
BKDR_SDBOT.TR
BKDR_TONEROK.B
BKDR_VB.CF
BKDR_ZALIV.C
EXPL_JPGSHELL.A
HTML_PARAQ.A
HTML_TSUNAMI.A
JS_MHTREDIR.C
NE_DELF.H
TROJ_ADEX.A
TROJ_ADEX.B
TROJ_ADEX.C
TROJ_AGENT.FM
TROJ_ANIMAC.A
TROJ_BANCBAN.BA
TROJ_BANCBAN.BK
TROJ_BANCOS.CP
TROJ_BANCOS.CQ
TROJ_BANCOS.CR
TROJ_COREFLOOD.F
TROJ_DELF.EK
TROJ_DELF.EM
TROJ_DELF.EZ
TROJ_DIALER.CP
TROJ_DONN.R
TROJ_DRACOR.A
TROJ_DUSBUNN.A
TROJ_FANTADOR.C
TROJ_HAXDOOR.K
TROJ_HAXDOOR.L
TROJ_ISTBAR.FS
TROJ_KREPPER.AC
TROJ_KREPPER.O
TROJ_LADDER.D
TROJ_LANFILTR.H
TROJ_LDPINCH.EP
TROJ_LDPINCH.EQ
TROJ_LMIR.E
TROJ_LOWZONES.D
TROJ_RBOT.U
TROJ_REDBIND.A
TROJ_SMALL.GH
TROJ_SMALL.GI
TROJ_SMALL.GQ
TROJ_SMALL.KD
TROJ_SMALL.WF
TROJ_STARTPAG.KJ
TROJ_STARTPGE.KF
TROJ_STAWIN.A
TROJ_SWIZZOR.Y
TROJ_SWIZZOR.Z
TROJ_TOFGER.AA
TROJ_TOFGER.AB
TROJ_YBAD.A
VBS_INDRA.B
VBS_TSUNAMI.A
VBS_VABIAN.A
WORM_AGOBOT.XW
WORM_AGOBOT.YA
WORM_BANCODOR.Z
WORM_DEDLER.P
WORM_EVAMAN.F
WORM_FORBOT.E
WORM_GAOBOT.XK
WORM_NOOMY.A
WORM_PARAQ.A
WORM_RBOT.ZM
WORM_SDBOT.XU
WORM_SDBOT.XV
WORM_SDBOT.XW
WORM_SDBOT.XY
WORM_SDBOT.XZ
WORM_SDBOT.YB
WORM_SDBOT.YC
WORM_SDBOT.YD
WORM_SPYBOT.FO
WORM_SPYBOT.FP
WORM_SPYBOT.UV
WORM_WOOTBOT.AI
WORM_WOOTBOT.AJ
WORM_WOOTBOT.AK
WORM_WOOTBOT.AL


-------------------
Virus Name Changed:
-------------------
Old Virus Name New Virus Name
-------------- --------------

BKDR_WINSHOW.A TROJ_WINSHOW.E
TROJ_AGENT.FO TROJ_DLOADER.F

-------------------------
Virus Signature Modified:
-------------------------

IRC_TINY.I
O97M_AINESEY.C
TROJ_SLIME.DAM
VBS_ZULU.I
WORM_BAGLE.AM
WORM_BLUEWORM.C
WORM_SDBOT.BL
WORM_SDBOT.UA
WORM_SPYBOT.EV


------------------------
Virus Signature Dropped:
------------------------


-----------------------------------------------------------------------------
Copyright 1989-2004 Trend Micro, Inc. All rights reserved.
-----------------------------------------------------------------------------



/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/


2004-10-01, 12:36:36, Running scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\TSC.BIN"...
2004-10-01, 12:36:41, Scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\TSC.BIN" has finished running.
2004-10-01, 12:36:41, TSC Log:

Damage Cleanup Engine (DCE) 3.6(Build 1120)
Windows XP(Build 2600: Service Pack 2)

Start time : Fri Oct 01 2004 12:36:36

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\tsc.ptn" (version 426) [success]

Complete time : Fri Oct 01 2004 12:36:41
Execute pattern count(1255), Virus found count(0), Virus clean count(0), Clean failed count(0)

2004-10-01, 12:37:07, An error occurred while scanning file "C:\Documents and Settings\j. martin jensen\NTUSER.DAT": Access is denied.
2004-10-01, 12:37:07, An error occurred while scanning file "C:\Documents and Settings\j. martin jensen\ntuser.dat.LOG": Access is denied.
2004-10-01, 12:37:34, An error occurred while scanning file "C:\Documents and Settings\j. martin jensen\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2004-10-01, 12:37:34, An error occurred while scanning file "C:\Documents and Settings\j. martin jensen\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\LocalService\NTUSER.DAT": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\LocalService\ntuser.dat.LOG": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\NetworkService\NTUSER.DAT": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\NetworkService\ntuser.dat.LOG": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2004-10-01, 12:38:35, An error occurred while scanning file "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2004-10-01, 12:39:31, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\ACRORD32.EXE-388A5C32.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\AD-AWARE.EXE-1853B83A.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\AVGCC32.EXE-2F8E34C8.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\AVGINET.EXE-00383A2D.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\AVGW.EXE-132EA28D.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\CHOICE.EXE-30BFAA9F.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\CLEANMGR.EXE-1F86EA8E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\EVEREST.BIN-0E7072EF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\EVEREST.EXE-16600816.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\EXCEL.EXE-1C75F8D6.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\FASS.EXE-0026F2B6.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX SETUP 1.0PR.EXE-23E9BE33.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-03D1BBB4.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-080BC3AA.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\FIREFOX.EXE-17EE503B.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\GDIPLUS.EXE-223F234B.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\GDIPLUS_DNLD.EXE-2796BC9C.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\GDISCAN.EXE-1B9A1B9E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-27E722FF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\HOMECD.EXE-38D2A491.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\IE-SPYAD.EXE-0F138CF8.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\I_VIEW32.EXE-061E54A9.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\Layout.ini": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LXBAAIOX.EXE-2FA9C0F1.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LXBABMGR.EXE-13A9C2E3.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LXBABMON.EXE-03E436BA.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LXBAJSWX.EXE-12075319.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LXBAPSWX.EXE-20BDB753.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\LXBAVB.EXE-0439778E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\MMC.EXE-0A5AF4A1.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\MMC.EXE-3D93B3AE.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\MSOHELP.EXE-079DA48B.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\NCDSTART.EXE-037664FC.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\NUCD.EXE-02CB91BF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\PESTPATROL.EXE-00FAA8B7.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\POWERMGR.EXE-05D65C3E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\PPCONT~1.EXE-059B7270.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\PPUPDA~1.EXE-2F1BE713.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\REGLITE.EXE-278ED55D.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RL.EXE-0CBA5D4F.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RSTRUI.EXE-03C49A96.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A310F76.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-1B5303FF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-1E2E04D6.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-1EAD11E0.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-2303C05A.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-2CC748FF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-2CFDEB4C.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-2F735CBF.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-40FDA39C.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-44A0B4BC.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-46915F77.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-48740845.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SBAUTOUPDATE.EXE-277B23CD.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-31B140D4.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-393E66AE.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD7.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBDC.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SPYBOTSD.EXE-1344276B.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SPYWAREBLASTER.EXE-12DBC93E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN-1.COM-06EBF3AA.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.COM-29E8F70E.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.COM-300177DC.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.EXE-1D454312.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.EXE-282CE724.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\TSC.BIN-2300FC6B.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\UNINSTALL.EXE-0C36CEA3.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\UNINSTALLFIREFOX.EXE-12AAD7CD.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\UNREGMP2.EXE-07CACB61.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WINDOC.EXE-04A40A5C.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WINHLP32.EXE-27E3937B.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WINWORD.EXE-10D55173.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9D.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA2.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WORDPAD.EXE-24533991.pf": Access is denied.
2004-10-01, 12:41:50, Could not set file for reading on "C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\default": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\default.LOG": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM.LOG": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY.LOG": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\software": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\software.LOG": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\system": Access is denied.
2004-10-01, 12:43:06, An error occurred while scanning file "C:\WINDOWS\system32\config\system.LOG": Access is denied.
2004-10-01, 12:44:01, Running scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN"...
2004-10-01, 12:53:14, Files Detected:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:44:01
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

20072 files have been read.
20072 files have been checked.
17447 files have been scanned.
38426 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:53:14
---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:53:14, Files Clean:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:44:01
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

20072 files have been read.
20072 files have been checked.
17447 files have been scanned.
38426 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:53:14 9 minutes 13 seconds (552.94 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:53:14, Clean Fail:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:44:01
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB C:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

20072 files have been read.
20072 files have been checked.
17447 files have been scanned.
38426 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:53:14 9 minutes 13 seconds (552.94 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:53:14, Scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN" has finished running.
2004-10-01, 12:54:20, An error was detected on "D:\System Volume Information\*.*": Access is denied.
2004-10-01, 12:54:20, Running scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN"...
2004-10-01, 12:55:28, Files Detected:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:54:20
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

4872 files have been read.
4872 files have been checked.
3858 files have been scanned.
5923 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:55:28
---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:55:28, Files Clean:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:54:20
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

4872 files have been read.
4872 files have been checked.
3858 files have been scanned.
5923 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:55:28 1 minute 7 seconds (67.02 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:55:28, Clean Fail:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:54:20
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB D:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

4872 files have been read.
4872 files have been checked.
3858 files have been scanned.
5923 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:55:28 1 minute 7 seconds (67.02 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:55:28, Scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN" has finished running.
2004-10-01, 12:55:43, An error was detected on "E:\System Volume Information\*.*": Access is denied.
2004-10-01, 12:55:43, Running scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN"...
2004-10-01, 12:55:45, Files Detected:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:55:43
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB E:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

211 files have been read.
211 files have been checked.
65 files have been scanned.
65 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:55:45
---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:55:45, Files Clean:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:55:43
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB E:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

211 files have been read.
211 files have been checked.
65 files have been scanned.
65 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:55:45 1 second (1.25 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:55:45, Clean Fail:
Copyright 1990 - 2004 Trend Micro Inc.
Report Date : 10/1/2004 12:55:43
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 186 (72337 Patterns) (2004/09/30) (218600)
Command Line: C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB E:\*.* /P=C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen

211 files have been read.
211 files have been checked.
65 files have been scanned.
65 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 10/1/2004 12:55:45 1 second (1.25 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-10-01, 12:55:45, Scanner "C:\Documents and Settings\j. martin jensen\Desktop\trendmicro sysclen\VSCANTM.BIN" has finished running.
  • avg has the 3 virus files in quarentine
  • sygate's still on the job
  • pest patrol did it's fix
  • I'll probably a2, ad-aware & spybot s&d scan in a few hours
  • It is running normally through several boots & my typical action
ba-dee ba-dee ba-dee ba-dee that's all folks!!
:thumbsup:

Edited by phawgg, 01 October 2004 - 10:28 PM.

patiently patrolling, plenty of persisant pests n' problems ...

#20 sunsnail

sunsnail

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 05 November 2004 - 06:11 PM

I would like to ask a question. during the install it says it couldn't find the atapi.sys in a directory but i searched for it and it is there. Can you tell me the reason?
Thank you very much

#21 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 06 November 2004 - 12:13 AM

I wish I could, sunsnail and I'm sure in time I will be able to. I have re-installed the OS and immediately followed by installing SP2. This time I used the CD Microsoft sent. I've been spending hours documenting the exact changes it makes to the basic winXPpro install. It takes a lot of time to commit the information that thousands of files hitting the hard drives generates... I think that might be why I can't find definate information anywhere on the internet that states clearly exactly what the cumulative patches that are SP2 do to the basic installation I bought originally. Sorry, but stick around, I may have an answer within a week or so. :thumbsup:

BTW, it's in the atapi & CD burning files that I'm finding some screwy things, personally. The non-critical update called "Update for Windows XP HighMat Support in CD Writing Wizard" (KB831240) added onto SP2 might be at fault. Something is making my CD-RW fail to burn disks in any program that used to be able to do it fine. (B's Recorder Gold5, Gold 5.5, Apple iTunes, dbPoweramp Cd Writing app, or Nero 5.5.9.9)

Edited by phawgg, 06 November 2004 - 12:28 AM.

patiently patrolling, plenty of persisant pests n' problems ...

#22 Grinler

Grinler

    Bleep Bleep!


  • Admin
  • 40,094 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:18 AM

Posted 06 November 2004 - 01:13 AM

Does it say it could not find atapi.sys or it could write to atapi.sys?

Do you use any virtual cdrom tools like daemon tools or alcohol? If so, uninstalling those is said to fix this problem

You may also be able to rename atapi.sys in the c:\windows\system32\drivers folder to atapi.old and try installing again

#23 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 07 November 2004 - 02:13 AM

YES, I installed the SP2 again. This time off the CD. I'm having issues with it. My OS suggests that I see the Help & Support Center.

If you get an error message and want more information, or right-click anything in the Event Viewer logs, you will link to the Microsoft Help & Support Center. I've been there often enough, trying to figure out problems. I thought you might like some pointers using it. IMO, having used the Library for some 40 odd years, this method of transfering information is a mixture of good and bad. The information I might need may be hard to find. It may be right in front of me and I don't see it, too. In all fairness to the authors of the operating system that is designed to send me there when problems occur, at least it is there. Please keep in mind I read English in books, magazines and papers... I start at the top left and read down any given page.

Following the standard set by them, I have prepared screenshots that you can link to as you read about using this valuable service.

A problem occurs, in this case my PC just crashed. (auto-rebooted inexplicably). While posting here, the screen just suddenly goes *black* and a minute or so later I see my desktop again with this dialog box appearing. All programs that were open are of course not any longer and I'm not online anymore.

I have options. I can see details. additional info at another post, optional reading not necessarily recommended

If you clicked on that link (remember, I told you it's optional), you might have thought "hey, what the heck. I'm trying to find out something and that's a bunch of b*@#sh*t... I can't see how it relates." I agree. There is some information relating to the problem, but OMG it's... hard to find. I will sincerely try to make using the Microsoft Help & Support Center easier. I am not an IT Professional, and I am a System Administrator only because Windows XP Professional says I am having put it on my machine.

This is what I didn't understand about the report sent to Microsoft regarding the "Your system has just recovered from a serious error" message.
Posted Image

Also, this line appears in the Event Viewer and roughly corresponds to the time of the crash.
11/3/2004 2:18:24 PM System Error Error (102) 1003 N/A GRAYCASE9 Error code 100000d1, parameter1 ff910335, parameter2 00000005, parameter3 00000000, parameter4 f81485fb.
It is not exactly the same as the message that is stated when clicking the option "see details" of the report that I could send to Microsoft about the "recovering from a serious error", but it is something I can get information about.
Posted Image

I simply click on the blue words and IE automatically opens, taking me to the Help & Support Center. (Since I use Firefox nearly all the time now, this is one of only a couple reasons I must keep IE up & running, with it's all updates and all the right settings...)
Details, full page

Since I read from upper left I must kinda ignore quite a bit to see the info I'm seeking. For that reason and to help you understand better what is there to decypher, I will zero-in on just what is important while we are at the Help & Support Center.

This detail, you'll notice is "generic" and covers problems similar to, but not exactly, the one I have. It states the message as being:
Error code %1, parameter1 %2, parameter2 %3, parameter3 %4, parameter4 %5. My message stated:
Error code 100000d1, parameter1 ff910335, parameter2 00000005, parameter3 00000000, parameter4 f81485fb
I learn it has a "symbolic name" which is: ER_KRNLCRASH_LOG
The explanation is, well, not precise. At least I know now it's a BLUE SCREEN or a STOP ERROR
The user action is none required

Posted Image

Below the detail message are blue words.
Click on Related Knowledge Base Articles. I guess I'll have to. I read, and the one that is most appropriate to my needs is shown next. Please keep in mind that Microsoft sells a dozen different operating systems. Many share problems, so should always make sure the information applies to the OS you use.

Posted Image

Even though everything between the word STOP and PAGE is a mystery to me, the rest applies perfectly. Maybe by now you've noticed that nothing fits exactly my problem (with a system of 17,000+ files, the lack of a single one, addition of a single wrong one, renaming one, or misspelling one leading to a fatal error?). Further information is therefore practically demanded if I am to resolve this problem.

The Next Page

This page is a Knowledge Base Article Page. I hope you didn't read everything before you came back to this page at bleepingcomputer.com because I'd like to make it simpler to understand.

Knowledge Base Articles follow a pattern, or format if you like. I think its important to know that. They all share this:
  • They are numbered in a six decimal number.
  • They are updated, or reviewed and changed now and then. Sometimes re-numbered.
  • They start with a summary, and finish with a "go to top of page". The format looks like this:
  • SYMPTOMS (or summary in some cases)
  • CAUSE
  • RESOLUTION
  • STATUS
  • MORE INFORMATION
  • APPLIES TO
  • Keywords:
Each of the "sections" ends with an invitation to "go to top of page" and most of these sections provide links to other pages. You might imagine it's possible to get lost searching for the answer in this way. I have. I've also had a dozen browser pages open and experienced the problem that I've been trying to resolve. *black*, excuse me... BLUE SCREEN. That hurts. Its because of that I continue to try to inform others of my travails, to save them some hours and possibly a nervous breakdown. smilie face inserted here.

Symptoms It is the "may be similar to" part that gets me. Otherwise, so far so good.
Symptoms, notes. Plus the rest What I'd really like to know at this point is ...since those parameters may vary, can I find a place where the ones I have are explained? I'd like a translation guide for tourists: Microsoft-to-English, please. It's on my Christmas Wish List and in my prayers. It's probably at the Help & Support Center, too. I keep looking for it.

OK, doing the best I can, I see I may be able to Configure System Failure and Recovery Options in Windows This may help, perhaps not solve the problem, but at least make the OS do something different when it fails and recovers. That is what I worry about... doing something to cover up something else that already is hidden from me. Before I go to that page, however, I naturally look for the cause. It says: Lexar Media, Inc. is at fault. Well, that may be the case considering the exact parameters of this example I think: Does Lexar Media have a file on my PC? That thought leads me to the resolution where it shows me how to link to three more pages to find what seems would cover everything that is not microsoft on my PC. Hardware & Software. My eyes roll back up to the cause again. "because the driver is not compatible with..." one that I have on my PC, probably.

While pondering this I must decide what to do about further information. Read about Configurations first? Jump into the Third-Party Vendors lists?
I'm also trying to identify the way you might have to consider problems of your own when facing getting help at this Help Center, not at a forum. In my situation, I have reloaded the OS nine times. Each time I do it, the OS alerts me to the "fact" that the drivers supplied by the motherboard manufacturer are "not digitally signed" as compatible with Microsoft. The Wizard tells me so. Each time I must choose to "find my own files" in order to install using my manufacturer supplied CD. As soon as I do this, instead of the "recommended" manner, they are found to be "signed" and I can load them. The same thing always happens with the little modem drivers CD. I must "get around" the automatic Wizard. They are not found eventually to be signed, but the modem has always worked. Seems the OS puts me between a rock and a hard spot. Same thing with the Lexmark Multi-peripheral & the Sony CD-RW. So at least I'm armed with some names to look up on the list. So, I'll look there first, since all the controversy over SP2 and compatibility issues. This is also why I suggest using the Everest Home Edition application that is free at snapfiles downloads, so you know who those third-party vendors are.

60781 Hardware and Software Third-Party Vendor Contact list, L-P

Here again we see the format, only Summary and More Information though. Not whether or not the software/hardware is compatible. I see it as an elegant way to pass the buck to another corporation and increase the stress on a Windows user, but thats just me I guess. BTW I certainly welcome any comments you as a reader may have, and can only wish that I could have read somewhere a how-to-do the Help Center myself. A "Help and Support Center for Dummies" book might have helped me. As it stands, we only get CLUES when tackling problems. They seem to be spread out like crums in a trail leading to a trap. Like little bits of those fragmented files on our hard drives, that if we recover them somehow, it'll be all better. Unfortunately, we must follow them to learn.

Once again, I've edited the pages for clarity ... and to rid oneself of 12-15 opportunities to "go to top of page".

Configuring System Failure and Recovery Options in Windows - Summary
more about configuration

By default, the error code that provided me with the clues that led me this far is written into the Event Viewer log. OK, I like that. Also, I can modify the admin alerts. That is a definate maybe in my case, but not now, it wouldn't help solve my problem... TY

still more about configuration

In this section, Auto Restart is discussed. Default ON is OK for me, otherwise, I'd face a machine that was simply OFF when it crashed. The Write Debugging Information gets my attention. It too has a default setting that points , like another clue, to a file on my hard drive. I saw this line attached to one of the exact times that the PC crashed.
11/3/2004 2:44:14 AM Save Dump Information None 1001 N/A GRAYCASE9 The computer has rebooted from a bugcheck. The bugcheck was: 0x100000d1 (0x04cd00ef, 0x00000005, 0x00000000, 0xf81485fb). A dump was saved in: C:\WINDOWS\Minidump\Mini110304-01.dmp. (It did it)
The system apparently chose to debug itself, at least 4 of the eight times on the day after Election Day, while I was at BC and The Help Center. It differed from the first incidence, and others that I wondered about it when I inspected the Event Viewer log - system for 11-03-04.
The effect was the same for all of the events documented, though. The system crashes. "The computer has rebooted from a bugcheck."

Theres more. Kernal Memory Dump. I'm only a sargeant, I don't know what kernal memory is. It states "this option stores more information than a small memory dump file, but is quicker doing it than a complete memory dump." The file is stores in the DumpFilebox. otherwise known as %SystemRoot%\Memory.dmp... by default, to be precise. So, is it or isn't it now in operation on my OS? Maybe not, since "If you set this option..." ... and any previous kernal or complete memory dump files are overwritten if the "Overwrite any existing files" check box is selected. Where is this checkbox? Before I can feel guilty about overwriting a post here at bleepingcomputer, it goes on to say that I'll need a big enough paging file on my C:\ I see. [I see, yes, since I don't have a 64-bit thing goin' on. Making my maximum available precisely 2GB plus 16MB. That's clear enough, huh?]
I have to modify my registry to do it. I think. Well, I'm also led to believe I must be very careful about that. Meaning at least I should be sure of exactly WHY before I try. Hmmm. At this point I'm about to do that with the proverbial 10 foot pole. I'm thinkin' maybe I should unplug my computer's phone line and make a toll-free call to Customer Service. Quiet, calm reason returns for the moment.

I haven't checked my PC for this before. Of course it hasn't pre-arranged random crashes to debug itself before either, one of which may occur any moment if recent history is to be repeated. Are we havin' fun yet?
I try:
  • opening C:\WINDOWS\System\Memory.dmp
  • nope
  • Run-->%SystemRoot\Memory.dmp
  • nope
  • Run-->Memory.dmp
  • nope
  • Start-->Search-->with every file unhidden not case-sensitive Memory.dmp
  • nope
  • I take my glasses off & clean them, muttering "Well I'll be GaulDarned, dagnabbit!"
  • open C:\WINDOWS\System32\anything that remotely looks like memory.dmp
  • nope
  • I wipe beads of perspiration off my forehead with trembling fingers and stare at my screen...
At last, I remember "It's in the error code, I think" C:\WINDOWS\Minidump\Mini110304-01.dmp
YUP, here it is!

PAGEDUMP (
P_  U VL     AGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE AGE`T       PAGEPAGE  0 # # ) 
 !  PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE   AGEPAGE -
477PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE     h  x $ (' )  4 k T  A L 82  (c   4   E    p r o c e s s r . s y s `k k  C d a u d i o . S Y S  0  S f l o p p y . S Y S & 2 2  
Filp  0g; C  p 1-pw q5'     8;     
NtFs \$     {"!p5  
Fil  0g;  @ V  p 1-^^F#   B@ < x fS       
Fil  0g;  @ V  p 1-P8Y _DX"   B@ < x fS   ,,  <<  
VadS   r " 

MmCa@p   X p`   P~  H 

MmCiQd        Rd  (1   $Rd  HQ   ,Rd  h   0Rd     4Rd    {"  
Ntfr@   ]"JH 
Io  ( d  D e v i c e D e s c N V I D I A G e F o r c e 2 M X / M X 4 0 0
( M i c r o s o f t C o r p o r a t i o n )  #
MmCiPh %    _   h  1  h    h  @Q H h  `Q 8  8h   @ Vad  ؁ P @V @  Vadl0` ȹ S(N X w/w   Vad @ @"@gFSfm dTx  =
MmCa{ u    `  >x  PX 

Fil  0g;  @

 PCI2
  PCI3
  PCI4
   AGP
  n|US|iso8859-1 n|US|iso8859-1 r|CA|iso8859-1 a|JP|unicode        A0 Bank0/1 None None     A1 Bank2/3 None None    A2 Bank4/5
None        !     "    # $ 
~ M H z    , C o m p o n e n t I n f o r m a t i o n  Co n f i g u r a t i o n D a t a   I d e n t i f i e r  @ x 8 6 F a m i l y 6 M o d e l 8 S t e p p i n g 1 ( P r o c e s s o r N a m e S t r i n g  0 A M D A t h l o n ( t m ) X P 2 1 0 0 +  U p d a t e S t a t u s    " V e n d o r I d e n t i f i e r   A u t h e n t i c A M D CPI1.0BAWRD....

Well, that certainly explains it more or (a lot) less... and rather colorfully if I do so myself.

OK, I apologize. I will continue to be sincere about this help with help to help you.
Lets leave the kernal dump explanation for a bit, take a big deep breath, get a good night's sleep and get back to it in the morning.

Complete Memory Dump Well, it looks like the thing to do, after reading this, is to click on one of those "for more information" links. Microsoft may need to see the contents of a file to help me.
I think it's safe to say, I would, too.

In fact, I edited one of seven of these .dmp files that now reside on my PC. The colorful one above represents about 5% of it. Here's one with most anything non-english deleted. Just for the sake of experimentation.
It does appear as though everything that was in the memory at the time of the crash is there.

@< WU A  AuthenticAMD   41 @  D |A1 n t o s k r n l . e x e  h a l . d l l k d c o m . d l l
B O O T V I D . d l l Fil A C P I . s y s @
W M I L I B . S Y S gd! p c i . s y s b@
i s a p n p . s y s  
p c i i d e . s y s 
P C I I D E X . S Y S Ntfn M o u n t M g r . s y s
f t d i s k . s y s
d m l o a d . s y s  d m i o . s y s 
P a r t M g r . s y s 
V o l S n a p . s y s   a t a p i . s y s  d i s k . s y s @ C L A S S P N P . S Y S 
f l t m g r . s y s x x s r . s y s  
K S e c D D . s y s   N t f s . s y s  N D I S . s y s  M u p . s y s  a m d k 7 . s y s
u s b o h c i . s y s
U S B P O R T . S Y S
v v o i c e . s y s
v p c t c o m . s y s
v m o d e m . s y s  p t s e r i a l . s y s  M o d e m . S Y S I m a p i . S Y S c d r o m . s y s
r e d b o o k . s y s Fil k s . s y s ;  @ n v 4 _ m i n i . s y s  V I D E O P R T . S Y S x f d c . s y s  
s e r i a l . s y s 
s e r e n u m . s y s
p a r p o r t . s y s   i 8 0 4 2 p r t . s y s  k b d c l a s s . s y s
a u d s t u b . s y s NtFs
r a s l 2 t p . s y s i n d i s t a p i . s y s 
n d i s w a n . s y s r a s p p p o e . s y s
r a s p p t p . s y s T D I . S Y S <(
p s c h e d . s y s # m s g p c . s y s
p t i l i n k . s y s 
r a s p t i . s y s r d p d r . s y s
t e r m d d . s y s m o u c l a s s . s y s
s w e n u m . s y s -(i
u p d a t e . s y s  @@ m s s m b i o s . s y s
N D P r o x y . S Y S
u s b h u b . s y s <  U S B D . S Y S  M O D E M C S A . s y s f l p y d i s k . s y s
F s _ R e c . S Y S    N u l l . S Y S   B e e p . S Y S  v g a . s y s m n m d d . S Y S
R D P C D D . s y s  M s f s . S Y S  N p f s . S Y S
r a s a c d . s y s D
i p s e c . s y s t c p i p . s y s n e t b t . s y s i p n a t . s y s
w a n a r p . s y s a f d . s y s
n e t b i o s . s y s   r d b s s . s y s
m r x s m b . s y s | F i p s . S Y S 
u s b c c g p . s y s 
h i d u s b . s y s 0U H I D C L A S S . S Y S H I D P A R S E . S Y S u s b p r i n t . s y s 
m o u h i d . s y s  C d f s . S Y S e d u m p _ a t a p i . s y s 8 d u m p _ W M I L I B . S Y S
w i n 3 2 k . s y s \ $ w a t c h d o g . s y s e D x a p i . s y s d x g . s y s Eve
d x g t h k . s y s  n v 4 _ d i s p . d l l \
n d i s u i o . s y s t
m r x d a v . s y s
P a r V d m . S Y S s r v . s y s \ H T T P . s y s a s y n c m a c . s y s v  p 

Eve  p~<  IRQ status=%lx, pctlIRQ status=%lx, Write=%lx, Read=%lx,gInMissingIRQ=%x, out=%x Daa Intstatus=%lx, LineStatus=%lx ****Missing Interrupt found****,cx=%lx, cpt=%lx@@ f(^] Power Down U InitializeAclinkCodec
Set PCI Config 0x48 bit 3 to 0
CRYSTAL Audio Codec
REALTEK Audio Codec
ADI Audio Codec
Detect: Modem is primary
Unknow Audio Codec
Do Cold Reset
Do Warm Reset
Audio don't exist, do cold reset
Primary CODEC isn't ready
SIGMATEL Audio Codec
Secondary EXMID(%x) = %x
Primary EXMID(%x) = %x
No modem Codec
Primary EXMID(%x) = %x
Secondary EXMID(%x) = %x
No modem Codec
VendorID == %x, ProductID == %x
SILLICON LAB codec
SILLICON LAB new codec
SILLICON LAB codec
SILLICON LAB Stinger codec
DELTA codec
PCTEL DELTA codec
DICustomerReg = %d DELTA codec
TRITECH codec
Unknwon codec
AudioVendorID = %x, AudioProductID = %x
L1RATE(%x) = %x
L1RATE(%x) = %x
L1MUTE(%x) = %x
EXMSTATUS(%x) = %x
EXMSTATUS(%x) = %x
No modem cod ( )
FSfm dTx   dCdC=\l 
FSfm $Qx   CC=  
FSfm $Qx   CC=   CcSc 
NtFs \ $  
Fil  0g; Keyboard  PS/2 Mouse

  PCI0  USB
  PCI1
  PCI2
  PCI3
 PCI4 AGP US|iso8859-1 n|US|iso8859-1 r|CA|iso8859-1 a|JP|unicode Bank0/1 A1 Bank2/3 Bank4/5, C o m p o n e n t I n f o r m a t i o n  Co n f i g u r a t i o n D a t a  I d e n t i f i e r  @ x 8 6 F a m i l y 6 M o d e l 8 S t e p p i n g 1 ( P r o c e s s o r N a m e S t r i n g  0 A M D A t h l o n ( t m ) X P 2 1 0 0 +  U p d a t e S t a t u s    " V e n d o r I d e n t i f i e r   A u t h e n t i c A M D CPI1.0BAWRD

About those links that are provided along the way to discovering what you will when searching the Knowledge Bases...
Maybe we should back-up and click on them in a logical order. First ones first?
Additional Information for IT Professionals
Here we have a rather simple answer to the gooble-de-gook I demonstrated above.

type WMIC RECOVEROS at the command prompt. So, I did that.
WMIC RECOVEROS 1
WMIC RECOVEROS 2
It's getting clearer, but notice the way it must be read. Words cut in half. True & False what? We're obviously not out of the darkness quite yet. At least we have a new tool, or utility to use. Windows Management Instrument Command-Line complete with a command to use, which I presume is short for: Recover the Operating System. Again, for the sake of experimentation, I "selected all" and pasted to a wordpad where I played with the organization of the command window view. At this point, what else can I do? It's waiting for another command. (kinda like I'm still waiting to know who's Governor.)
C:\Documents and Settings\phawgg>WMIC RECOVEROS
AutoReboot Caption DebugFilePath
DebugInfoType Description Expanded DebugFilePath
ExpandedMiniDumpDirectory KernelDumpOnly MiniDumpDirectory Name
OverwriteExistingDebugFile SendAdminAlert SettingID WriteDebugInfo
WriteToSystemLog TRUE %SystemRoot%\MEMORY.DMP 3
C:\WINDOWS\MEMORY.DMP C:\WINDOWS\Minidump FALSE
%SystemRoot%\Minidump Microsoft Windows XP Professional|
C:\WINDOWS|\Device\Harddisk0\Partition1 TRUE TRUE TRUE TRUE

I'd say it's time to click another link, even though I have my reservations about whether this will solve my problem.
Applies to:
The importance of this is two-fold. First, it points out the information does indeed apply to winXPpro. It also points out, in an off-hand way, why these things aren't easy. It's because there are so darn many permutations of what started out to be a graphical user interface means of contolling coded factors needed to allow the fundamentals of computing to use the fundamentals of computing hardware. IMO. Of course it's a proprietory system, also. The Corporation has a vested interest in keeping it secret. "You are forewarned at dialog boxes" to cringe at the thought of trying to fully comprehend the way it works, because you're not supposed to... apparently, or at least not entirely. Frankly, that pisses me off.

Excuse me while I scratch a flea and suddenly get an overwhelming urge to get up and chase my tail for a little while before I face the next link and the awesome potential to learn from the Masters how to fix my machine when it decides to debug itself.
290216 A Description of the Windows Management Instrumentation Command-Line Utility

Well, I think this is as good a time as any to take a break. As I have said before, it's to be continued. We've made some progress, huh? I like to summarize at the end of something rather than the beginning, so since this isn't done yet... no summary. I will say that on a hunch provided by clue-gathering, I'm not troubled by the debugging exercises at present. Thats another long story, but in essence, it involved drivers. Don't jump to conclusions, though.
patiently patrolling, plenty of persisant pests n' problems ...

#24 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 07 November 2004 - 01:36 PM

Another day, another dolla deeper into the mysteries. You probably noticed I made mistakes.

... and any previous kernal or complete memory dump files are overwritten if the "Overwrite any existing files" check box is selected. Where is this checkbox?

It is easy to find that checkbox. Remember? Right-click My Computer -->Properties-->Advanced-->Startup & Recovery Settings Button. I plead this: "It's not unusual to jump to a conclusion that you find at one of the links and blissfully ignore something else while doing so."

For instance: Back to the first page, right beyond the Applies to: section is the keyword: I saw it there. I wondered what kinda reaction I'd get if I posted it in our Word Association thread . lol. I figured if you make as much money as Microsoft you'd coin new words, too. Abizwo. OSfetchy. What ever. I also noticed that it wasn't a linky blue word, and thought "that's unusual considering the link-happiness that is typical of the service provided to us there."

THE ANSWER slowly dawned on me (having awoken at that hour to continue mein kampft.) Copy the funny-looking keyword and go directly upwards in a 81% angle to the right. Paste it in to the Search field that says "Brazil" and try that. Yup, sure enough, it takes me back to that first page, reminding me "I musta missed a link".
Search Articles excuse me, Article Translations...
whoops, googled & got there in Firefox
Still sorta rattled by the sheer volume and intensity of it all, I pause and think, drop the six-digit number and try again. A reminder to go a bit further up and try the Microsoft Search.com field, too. At least I think I've translated the keyword. It probably means: KnowledgeBaseProblemKnowledgeBaseErrorMessage...number. wheww, I'm proud of myself. I think translation got easier. Just had to click highlight "Brazil" and paste.
Kbprb Kberrmsg KB817197 now without the KB817197...
Kbprb Kberrmsg
1
2
3
4
5
6
7
8
9
10
I'm wondering when the problems associated with error messages might end. I wish those involving only winXPpro were segregated. I'm watching the "results" numbers in the lower left, too. Looking for something that might match more closely my problem than page fault in non-paged area
11
12
13
14
15
16
17
18
19
20
At this point it ends, thankfully. My guess is any others beyond exactly 100 are archived somewhere. Why show these results, you ask? My motives are simple:
  • I wanted you to waste a fraction of the time I have viewing such info
  • I wanted you to know it's there
  • I like to play with photobucket and read their banners while loadin' pictures
  • I developed a strange obsession for problems and couldn't quit
  • I mistakenly thought I'd stumble onto THE ANSWER, but was wrong
  • I like to show trial & error as an option to accepting questionable performance out of my OS
In all honesty I'm fightin' sado-masochistic tendencies provoked by long-term exposure to Help and Support Microsoft-style. I urge you to overcome whatever psychological burdens you may have encountered operating Windows yourself, and seek help if you too are developing an unhealthy love-hate affair with your constantly patch-improved version. Longhorn looms on the horizon and decisions about the 64-bit adaptation are already phawggin' the picture unless we understand how to interpret the language of computing to some degree.

On with the show.

Remember my reluctance to touch the registry even with a ten-foot pole? Well, I simply hadn't absorbed the information contained at those "missing links". They in fact were included at page one after all. Yup, you guessed it. That's next as we learn to resolve problems rationally.

BTW, my problem? I went to MSI.com because the "optional" hardware update at Windows Update would download 12.8MB of driver update and consistantly (3X) inform me after 1 hour & some odd minutes that it wouldn't/couldn't install it.
I downloaded what is called v61.77 from the manufacturer which was interestingly enough exactly 12.8MB. Same time-investment. Saved to disk. It loaded with no problem. That was done before I had the debugging blackouts. So, I considered "rolling back" to previous state, but instead I put the CD of the old driver install in and opted for the "system drivers install" and ignored the "VGA' drivers install" because for some reason my device manager kept indicating "ethernet drivers" with a question mark. I usually have to disable the LAN adapter because of the constant popup telling me that I have a cable disconnected when in fact I never use the networking. It doesn't complain now that the action was taken. The nVidia display properties were operating well, also. I haven't had any further problems since acting on that hunch. Part of the reason I'm doing this series of posts is testing the system under all the same circumstances that I was operating under when it was causing problems. Trial & error 101.

Yet to be done are the needed Services modifications that I usually rely on information at Black Viper's site for guidance. That will eliminate some of the warns & errors reported in my Event Viewer log. Finally, the registry editing will prevent useless startups that will occur when the modem & multi-peripheral unit drivers are installed. Even after they have done the job they want to be able to call home for whatever reason on a daily basis, eatting into my available RAM resources constantly. The Lexmark in particular likes to keep track of everything done in scan/print/copy or fax. Ridiculous, I say. So stay tuned if you like. Eventually I'll get back to analyzing your HJT logs now that mine is improving slowly with Help and Support where ever I can find a reliable source. :thumbsup:

Next: The Registry. :flowers:
patiently patrolling, plenty of persisant pests n' problems ...

#25 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 08 November 2004 - 03:30 PM

While pausing at the task, I took the time to read Demystifying the Windows Registry and a visit to Black Viper's website proved informative, as sp2 changes are dealt with (some conclusions are still pending however.)
Naturally I can say the same about my own conclusions. :thumbsup: I'm not givin' up yet.
patiently patrolling, plenty of persisant pests n' problems ...

#26 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 17 November 2004 - 11:14 PM

"who's governor" is still a legitimate question. 99% of the votes are counted. One leads the Other by 261 votes. Outta many millions of votes. Maybe by the time they finish re-countin' I'll have a handle on the visiting the Wizard enough to continue this & I will have more experience with the Registry, too. I guess Voter Registration is an issue that is :trumpet: but one way or another I intend to illuminate the OS, it's patches & how it all fits together. Heck, I put 1.63GB's of sequential screenshots into 4 folders doin' this...
  • Documents and Settings
  • Program Files
  • WINDOWS
  • and finally WINDOWS after SP2 was installed
  • all taken exactly like you will see them if you open every file (hidden & system files included) on the C:\ immediately after reloadin' the OS & then doin' all again after loadin' it's infamous ServicePackTwo. Then I loaded the drivers, and the fun begins again when the stuff I've been griping about starts to happen whenever loading my previously fine workin' programs that are not MS-made in the Evergreen State USA.
:thumbsup: Ironic. isn't it? 1.63GB's is just about exactly what the OS with SP2 takes on the hard drive to do that which it does, whether I want it to or not.

BTW, Start-->all programs-->accessories-->command prompt-->type c:\dir.txt-->enter-->and surprise, then...file-->save as:--> "big list"-->in my documents. Close everything, and navigate back to where it is and read it. It's free. 892KB of this information (unfortunately I did this after I spent 14 hours or more doing the sceenshots. :inlove: Had to edit it 'cause the post gives me an ERROR: you can't put 892KB in a gad-blasted post, you dummie.

I'd do this next time:

c:\AUTOEXEC.BAT
c:\AVG7QT.DAT
c:\CONFIG.SYS
c:\dir.txt
c:\Documents and Settings
c:\HJT
c:\NVIDIA
c:\Program Files
c:\Trial Program Files
c:\WINDOWS
c:\Documents and Settings\Administrator
c:\Documents and Settings\All Users
c:\Documents and Settings\phawgg
c:\Documents and Settings\Administrator\Desktop
c:\Documents and Settings\Administrator\Favorites
c:\Documents and Settings\Administrator\My Documents
c:\Documents and Settings\Administrator\NTUSER.DAT
c:\Documents and Settings\Administrator\Start Menu
c:\Documents and Settings\Administrator\Application Data\Mozilla
c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer
c:\Documents and Settings\Administrator\Application Data\Microsoft\MMC
c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak
c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.txt
c:\Documents and Settings\Administrator\Cookies\index.dat
c:\Documents and Settings\Administrator\Local Settings\Temp
c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CD Burning
c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer
c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows
c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
c:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat
c:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012004110320041104\index.dat
seriously edited
c:\Program Files\Windows NT\Pinball\SOUND9.WAV
c:\Program Files\Windows NT\Pinball\SOUND999.WAV
c:\Program Files\Windows NT\Pinball\table.bmp
c:\Program Files\Windows NT\Pinball\wavemix.inf
c:\Program Files\xerox\nwwia
c:\RECYCLER\S-1-5-21-1177238915-1220945662-725345543-1003\Dc1.html
c:\RECYCLER\S-1-5-21-1177238915-1220945662-725345543-1003\Dc2.LOG
seriously edited
c:\WINDOWS\0.log
c:\WINDOWS\002236_.tmp
c:\WINDOWS\addins
c:\WINDOWS\AppPatch
c:\WINDOWS\Blue Lace 16.bmp
seriously edited
c:\WINDOWS\system32\config\default.LOG
c:\WINDOWS\system32\config\default.sav
c:\WINDOWS\system32\config\SAM
many thousands of files missin' here
c:\WINDOWS\system32\dllcache\imkrinst.exe
c:\WINDOWS\system32\dllcache\imlang.dll
c:\WINDOWS\system32\dllcache\imscinst.exe
many thousands of files missin' here
c:\WINDOWS\system32\drivers\wadv07nt.sys
c:\WINDOWS\system32\drivers\wadv08nt.sys
and here, too.
c:\WINDOWS\system32\oobe\images\intro.wmv
c:\WINDOWS\system32\oobe\images\magnify.gif
c:\WINDOWS\system32\oobe\images\merlin.gif
c:\WINDOWS\system32\oobe\images\monitor.gif
c:\WINDOWS\system32\oobe\images\monitor2.gif
c:\WINDOWS\system32\oobe\images\mouse.gif
c:\WINDOWS\system32\oobe\images\mousewn1.gif
c:\WINDOWS\system32\oobe\images\mslogo.jpg
and here, too.
c:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
and here, too.
c:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144
and I had to cut that last file in half, too.. I think ya' get the idea, though. You may view the whole nine yards this way. What a sight for sore-eyes.......

What you see is about 1% of the list you will create by typin'
c:\dir.txt
into your cmd prompt and savin' that 800+ KB file. :flowers:
patiently patrolling, plenty of persisant pests n' problems ...

#27 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 27 November 2004 - 03:48 PM

...improving slowly with Help and Support where ever I can find a reliable source. Next: The Registry.

I was tracking down an answer to a problem at Windows Help & Support Center. I found that the resolutions offered came with strings attached. The side track links suggested to help me invariably led to articles about the Registry and warnings about using it. I can only think the folks want me to be careful fixin' the OS. I agree.
The first KB Article page links we've already visited. The one called KB 322756 was the last one mentioned. (KB322755 would have been right for me if using win2000). Well, I'm dealing with Windows XP, more precisely Professional version, with SP2 installed. A little reading of that article and I'm convinced I should start with KB 256986 with a brief aside of KB 141377 over easy. and a cup o' hot coffee, I have time... The governor's race probably won't be over 'til after the second recount anyway. Early December. Seems I found a governor of sorts in windows, though....

Microsoft presents the definitions, outlines the required steps to make modifications and explains the programs they have used to enact the changes to the registry... since Windows version 3.x... in 19 full screen "pages". Six for definitions, three for regedit.exe & a precursor to it, and ten more about changing any reg entry, backing them up & restoring them. I can handle that.
1. Description of the Microsoft Windows Registry
2. Information about Editing the Registry
3. Describing Folder & Predefined Keys
4. Names, Datatypes & Descriptions
5. Registry Hive & Supporting Files
6. Applies to 24 versions since win95 & Keyword Links

7. Differences between regedit.exe & regedt32.exe - winNT 3.x
8. Differences between regedit.exe & regedt32.exe - winNT 4.0 & win2000
9. Differences between regedit.exe & regedt32.exe - winXP & winServer2003

10. How to backup, edit & restore in winXP
11. Backup the registry & Export registry subkeys
12. Backup whole registry, Edit it using Windows user interface & use Registry Editor
13. Locating a subtree, key, subkey or value
14. Adding a Key & Adding a Value
15. Changing a value & renaming a key or value
16. Deleting a key or value & using Group Policy
17. Using: Registration Entry Files (.reg), Scripting Host and windows management instrumentation (WMI).
18. Using Console Registry Tool, restoring the registry, registry keys & the whole registry
19. This applies to 24 versions of Windows Oh, and yes, some more links. Ones you can't click on. Sorry, these are .jpg's

I realize you can get this information by simply visiting the Help & Support Center, but nobody's offering any comments there about what you find.
patiently patrolling, plenty of persisant pests n' problems ...

#28 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 01 December 2004 - 10:58 PM

The State Auditor announced that after two recounts the governor is the Republican candidate. The Democrats are raising funds to challenge the decision here in Washington & I still haven't got it all figured out about the Registry yet. What does that have to do with anything? :thumbsup:

Well, the registry governs the actions of the operating system & the Help & Support is written by those who govern the operating system's design. We must know how to use both if we want to know how our problems happen. How to fix them depends on knowing about these two resources. :flowers:
patiently patrolling, plenty of persisant pests n' problems ...

#29 phawgg

phawgg

    Learning Daily

  • Topic Starter

  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:18 PM

Posted 05 December 2004 - 09:56 PM

Philip Brampton raised a question over at the Internet & Networking -> Web Browsing/Email and Other Internet Applications Forum just the other day. Sorta reminded me of the 26 vote "splittin' hairs Gubernatorial Race" ... called the topic: Knowledge Base. With all the talk of 'em spread throughout the least of any concern that might arise while operating Windows, seems there is now a page at microsoff.com called: KBHOWTO and it's a good one. :thumbsup:

There is no excuse for not understanding it all now. I was goin' blame myself for a missing link on the way to figuring out the answer, which BTW was found long before all the Registry Instructions. It was a driver issue.

It would be nice if the SP2 Installation, my experiences with it would simply end there, huh? It's kinda funny how one system must work for it all, even though half the ppl want it one way, and the other half want it another... just exactly like I do, too. :flowers:
patiently patrolling, plenty of persisant pests n' problems ...

#30 DiamondDave

DiamondDave

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 06 December 2004 - 02:18 PM

I removed SP2 from my computer and now have NO access to the internet




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users