Win XP SP3 created problem

I allowed the Microsoft update to install the recommended SP3 yesterday and
now almost nothing will work. It will not allow an uninstall, and because it
is newer than my restore disc from the manufacturer that won't work either.
Once it installed, during the reboot, it changed or removed a huge number of
..dll files. Even on the update page with Microsoft it says it is no longer
registered and recommends clicking to allow, but then says it cannot proceed.
WordPerfect and IE7 are about the only things working now.

The control panel won't populate now, so no way to uninstall or change
anything. Any recommendations on what I can do short of reformating the disk
and reloading everything?

"quietcook" escribió:

> Se me permite la actualización de Microsoft para instalar el SP3 de ayer
y recomendó
> Ahora casi nada de trabajo. No permitirá que una desinstalación, y porque
> Es más reciente que mi disco de restauración del fabricante que no
funciona bien.
> Una vez instalado, durante el reinicio, es modificado o eliminado un gran
número de
>. Dll. Incluso en la página de actualización de Microsoft que dice que ya
no es
> Registradas y recomienda a permitir hacer clic, pero luego dice que no
puede continuar.
> WordPerfect y IE7 son las únicas cosas que trabajan ahora.
>
> El panel de control no se rellenará ahora, asÃ* que no hay forma de
desinstalar o cambiar
> Nada. Las recomendaciones sobre lo que puedo hacer poco transformando los
del disco
> Y todo lo que carga?
>

quietcook wrote:

> I allowed the Microsoft update to install the recommended SP3 yesterday and
> now almost nothing will work. It will not allow an uninstall, and because it
> is newer than my restore disc from the manufacturer that won't work either.
> Once it installed, during the reboot, it changed or removed a huge number of
> .dll files. Even on the update page with Microsoft it says it is no longer
> registered and recommends clicking to allow, but then says it cannot proceed.
> WordPerfect and IE7 are about the only things working now.
>
> The control panel won't populate now, so no way to uninstall or change
> anything. Any recommendations on what I can do short of reformating the disk
> and reloading everything?
>

See if this helps:

How to start the System Restore tool by using the safe mode option with
the Command prompt in Windows XP
http://support.microsoft.com/kb/304449

Suggest you try that before attempting a System Restore in normal
Windows mode.
IF SR brings the system back to life, *please* read these articles prior
to attempting another install of SP3 to save yourself grief:

Windows XP SP3 - Read all prerequisites for a successful installation
http://msmvps.com/blogs/harrywaldron...tallation.aspx

Steps to take before you install Windows XP Service Pack 3
http://support.microsoft.com/kb/950717

If you've disabled System Restore or it doesn't function, then your
other recourse is to show hidden files, folders, and system files:
http://www.bleepingcomputer.com/tuto...l62.html#winxp
and then use Windows Explorer and navigate to
WINDOWS\$NtServicePackUninstall$
Now open the spuninst subfolder and run spuninst.exe, which should
uninstall SP3.

NOTE: IF SP3 did not create an uninstall folder and SP2 was previously
applied, make sure that this file is in the spuninst subfolder prior to
running spuninst.exe .... Service Pack 3.asms <--- this file signifies
that it's the uninstall folder of SP3.


MowGreen
===============
*-343-* FDNY
Never Forgotten
===============

banthecheck.com
"Security updates should *not* have *non-security content* prechecked"

Thank you for the reply. I will certainly attempt these steps. Do not
normally run into these situations where I can't get a system going, but this
install has truly messed things up.

Again, I appreciate the response.

Quietcook

"MowGreen" wrote:

> quietcook wrote:
>
> > I allowed the Microsoft update to install the recommended SP3 yesterday and
> > now almost nothing will work. It will not allow an uninstall, and because it
> > is newer than my restore disc from the manufacturer that won't work either.
> > Once it installed, during the reboot, it changed or removed a huge number of
> > .dll files. Even on the update page with Microsoft it says it is no longer
> > registered and recommends clicking to allow, but then says it cannot proceed.
> > WordPerfect and IE7 are about the only things working now.
> >
> > The control panel won't populate now, so no way to uninstall or change
> > anything. Any recommendations on what I can do short of reformating the disk
> > and reloading everything?
> >
>
> See if this helps:
>
> How to start the System Restore tool by using the safe mode option with
> the Command prompt in Windows XP
> http://support.microsoft.com/kb/304449
>
> Suggest you try that before attempting a System Restore in normal
> Windows mode.
> IF SR brings the system back to life, *please* read these articles prior
> to attempting another install of SP3 to save yourself grief:
>
> Windows XP SP3 - Read all prerequisites for a successful installation
> http://msmvps.com/blogs/harrywaldron...tallation.aspx
>
> Steps to take before you install Windows XP Service Pack 3
> http://support.microsoft.com/kb/950717
>
> If you've disabled System Restore or it doesn't function, then your
> other recourse is to show hidden files, folders, and system files:
> http://www.bleepingcomputer.com/tuto...l62.html#winxp
> and then use Windows Explorer and navigate to
> WINDOWS\$NtServicePackUninstall$
> Now open the spuninst subfolder and run spuninst.exe, which should
> uninstall SP3.
>
> NOTE: IF SP3 did not create an uninstall folder and SP2 was previously
> applied, make sure that this file is in the spuninst subfolder prior to
> running spuninst.exe .... Service Pack 3.asms <--- this file signifies
> that it's the uninstall folder of SP3.
>
>
> MowGreen
> ===============
> *-343-* FDNY
> Never Forgotten
> ===============
>
> banthecheck.com
> "Security updates should *not* have *non-security content* prechecked"
>

There is a very good chance that you are seeing the effects of a hijackware
infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2. [WinXP ONLY!! =>] Run the Windows Live Safety Center's 'Protection' scan
(only!) in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

3. Run a /thorough/ check for hijackware, including posting requested logs
in an appropriate forum, not here.

Checking for/Help with Hijackware:
• http://aumha.net/viewtopic.php?f=30&t=4075

• http://mvps.org/winhelp2002/unwanted.htm
• http://inetexplorer.mvps.org/tshoot.html
• http://www.mvps.org/sramesh2k/Malware_Defence.htm
• http://www.elephantboycomputers.com/...moving_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002


quietcook wrote:
> I allowed the Microsoft update to install the recommended SP3 yesterday
> and
> now almost nothing will work. It will not allow an uninstall, and because
> it is newer than my restore disc from the manufacturer that won't work
> either. Once it installed, during the reboot, it changed or removed a huge
> number of .dll files. Even on the update page with Microsoft it says it
> is
> no longer registered and recommends clicking to allow, but then says it
> cannot proceed. WordPerfect and IE7 are about the only things working now.
>
> The control panel won't populate now, so no way to uninstall or change
> anything. Any recommendations on what I can do short of reformating the
> disk and reloading everything?

Thanks for the reply.

Will keep your info, but we do run anti-virus with daily updates and full
scans every week. Also run anti-spryware and adware programs, as we're on
broadband and I had verified all before doing the update. I'm always a bit
concerned when young ones download tunes, instant messaging, and typical teen
programs.

Being older, we tend to not download except from a limited few sites, or
programs we buy at the store. The younger set want whatever their friends
have talked about and don't think about the site or whether it's been checked
for viruses, etc. Thus we do our best to check and remove things.
Unfortunately, all that went smoothly. It was the SP3 that we allowed to
install after everything else was cleared and the system rebooted that caused
all the problems.

Appreciate the info and will have it handy when I get back on that system
tomorrow.

Quietcook

"PA Bear [MS MVP]" wrote:

> There is a very good chance that you are seeing the effects of a hijackware
> infection!
>
> NB: If you had no anti-virus application installed or the subscription had
> expired *when the machine first got infected* and/or your subscription has
> since expired and/or the machine's not been kept fully-patched at Windows
> Update, don't waste your time with any of the below: Format & reinstall
> Windows. A Repair Install will NOT help!
>
> 1. See if you can download/run the MSRT manually:
> http://www.microsoft.com/security/ma...e/default.mspx
>
> NB: Run the FULL scan, not the QUICK scan! You may need to download the
> MSRT on a non-infected machine, then transfer MRT.EXE to the infected
> machine and rename it to SCAN.EXE before running it.
>
> 2. [WinXP ONLY!! =>] Run the Windows Live Safety Center's 'Protection' scan
> (only!) in Safe Mode with Networking, if need be:
> http://onecare.live.com/site/en-us/center/howsafe.htm
>
> 3. Run a /thorough/ check for hijackware, including posting requested logs
> in an appropriate forum, not here.
>
> Checking for/Help with Hijackware:
> • http://aumha.net/viewtopic.php?f=30&t=4075
>
> • http://mvps.org/winhelp2002/unwanted.htm
> • http://inetexplorer.mvps.org/tshoot.html
> • http://www.mvps.org/sramesh2k/Malware_Defence.htm
> • http://www.elephantboycomputers.com/...moving_Malware
>
> **Chances are you will need to seek expert assistance in
> http://spywarehammer.com/simplemachi...php?board=10.0,
> http://www.spywarewarrior.com/viewforum.php?f=5,
> http://www.dslreports.com/forum/cleanup,
> http://www.bluetack.co.uk/forums/index.php,
> http://aumha.net/viewforum.php?f=30 or other appropriate forums.**
>
> If these procedures look too complex - and there is no shame in admitting
> this isn't your cup of tea - take the machine to a local, reputable and
> independent (i.e., not BigBoxStoreUSA) computer repair shop.
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
>
>
> quietcook wrote:
> > I allowed the Microsoft update to install the recommended SP3 yesterday
> > and
> > now almost nothing will work. It will not allow an uninstall, and because
> > it is newer than my restore disc from the manufacturer that won't work
> > either. Once it installed, during the reboot, it changed or removed a huge
> > number of .dll files. Even on the update page with Microsoft it says it
> > is
> > no longer registered and recommends clicking to allow, but then says it
> > cannot proceed. WordPerfect and IE7 are about the only things working now.
> >
> > The control panel won't populate now, so no way to uninstall or change
> > anything. Any recommendations on what I can do short of reformating the
> > disk and reloading everything?
>
>

No amount of scanning can detect and/or remove all hijackware.

quietcook wrote:
> Thanks for the reply.
>
> Will keep your info, but we do run anti-virus with daily updates and full
> scans every week. Also run anti-spryware and adware programs, as we're on
> broadband and I had verified all before doing the update. I'm always a
> bit
> concerned when young ones download tunes, instant messaging, and typical
> teen programs.
>
> Being older, we tend to not download except from a limited few sites, or
> programs we buy at the store. The younger set want whatever their friends
> have talked about and don't think about the site or whether it's been
> checked for viruses, etc. Thus we do our best to check and remove
> things.
> Unfortunately, all that went smoothly. It was the SP3 that we allowed to
> install after everything else was cleared and the system rebooted that
> caused all the problems.
>
> Appreciate the info and will have it handy when I get back on that system
> tomorrow.
>
> Quietcook
>
> "PA Bear [MS MVP]" wrote:
>
>> There is a very good chance that you are seeing the effects of a
>> hijackware
>> infection!
>>
>> NB: If you had no anti-virus application installed or the subscription
>> had
>> expired *when the machine first got infected* and/or your subscription
>> has
>> since expired and/or the machine's not been kept fully-patched at Windows
>> Update, don't waste your time with any of the below: Format & reinstall
>> Windows. A Repair Install will NOT help!
>>
>> 1. See if you can download/run the MSRT manually:
>> http://www.microsoft.com/security/ma...e/default.mspx
>>
>> NB: Run the FULL scan, not the QUICK scan! You may need to download the
>> MSRT on a non-infected machine, then transfer MRT.EXE to the infected
>> machine and rename it to SCAN.EXE before running it.
>>
>> 2. [WinXP ONLY!! =>] Run the Windows Live Safety Center's 'Protection'
>> scan
>> (only!) in Safe Mode with Networking, if need be:
>> http://onecare.live.com/site/en-us/center/howsafe.htm
>>
>> 3. Run a /thorough/ check for hijackware, including posting requested
>> logs
>> in an appropriate forum, not here.
>>
>> Checking for/Help with Hijackware:
>> • http://aumha.net/viewtopic.php?f=30&t=4075
>>
>> • http://mvps.org/winhelp2002/unwanted.htm
>> • http://inetexplorer.mvps.org/tshoot.html
>> • http://www.mvps.org/sramesh2k/Malware_Defence.htm
>> • http://www.elephantboycomputers.com/...moving_Malware
>>
>> **Chances are you will need to seek expert assistance in
>> http://spywarehammer.com/simplemachi...php?board=10.0,
>> http://www.spywarewarrior.com/viewforum.php?f=5,
>> http://www.dslreports.com/forum/cleanup,
>> http://www.bluetack.co.uk/forums/index.php,
>> http://aumha.net/viewforum.php?f=30 or other appropriate forums.**
>>
>> If these procedures look too complex - and there is no shame in admitting
>> this isn't your cup of tea - take the machine to a local, reputable and
>> independent (i.e., not BigBoxStoreUSA) computer repair shop.
>> --
>> ~Robear Dyer (PA Bear)
>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
>>
>>
>> quietcook wrote:
>>> I allowed the Microsoft update to install the recommended SP3 yesterday
>>> and
>>> now almost nothing will work. It will not allow an uninstall, and
>>> because
>>> it is newer than my restore disc from the manufacturer that won't work
>>> either. Once it installed, during the reboot, it changed or removed a
>>> huge
>>> number of .dll files. Even on the update page with Microsoft it says it
>>> is
>>> no longer registered and recommends clicking to allow, but then says it
>>> cannot proceed. WordPerfect and IE7 are about the only things working
>>> now.
>>>
>>> The control panel won't populate now, so no way to uninstall or change
>>> anything. Any recommendations on what I can do short of reformating the
>>> disk and reloading everything?