Fresh install of XP-pro, issues issues issues...

Discussion in 'Software' started by Trikster, Jun 10, 2006.

Thread Status:
Not open for further replies.
  1. Trikster

    Trikster Private E-2

    I started having some strange and outright weird problems with my laptop. I was already planning on doing a wipe and reinstall so I figured this would be a good time to do it. Wiped the drive, deleted the old partitions (had the drive split in two, that turned out to be a really bad idea last semester) and created a new single partition. Did a full format, not a quick. Installed XP as usual. Installed all the drivers for my laptop... At this point everything is looking good; machine is running fast. Install ZoneAlarm free because I will be going online for Windows Updates. Go to WU and download a ton of updates (with the exception of the .NET updates, I do not use that service and my current issues are the same as my old setup that included the .NET updates). I have every critical update and everything from the optional updates category that I need. Everything appears fine at this time. I go to one of my hobby websites and try to add it as my homepage...no dice. I forgot to mention that after WU, I installed Java from Sun, version 5 something or other (I did this last night, so whatever their most current is). I cannot change my homepage. The boxes are not greyed out, I can manually change the site, it just won't keep. This is a fresh install, so there should not be anything weird on the machine. BitDefender didn't find any problems. Ad-AwareSE found a few tracking cookies, deleted them but the problem remains. Ran the Housecall virus scanner from PC-Cillin, no virus there either. I have no idea what is causing it.

    If this helps, I went into the registry to manually change the homepage and I get an error stating "Cannot edit Start Page: Error writing the value's new contents." Not sure where to go from here. I have been to only two or three sites outside of the WU, Java, Lavasoft, BitDefender and Housecall. I have visited these sites before and never have had a problem with them in the past (MSN, Google and my hobby site).

    Besides the IE6 issues, my laptop goes through these stages where it slows to a crawl during a game. I have not the most current video driver but the one right before current. The current driver has some sort of memory leak issue and since I am on a Dell laptop, I cannot use the regular ATI driver off of their website.

    Help?!
     

    Attached Files:

  2. infoseeker

    infoseeker Master Sergeant

  3. Trikster

    Trikster Private E-2

    I have tried this before. I will try it again on this fresh install... Any other ideas?
     
  4. Trikster

    Trikster Private E-2

    Tried this again. No dice. I think the problem might be with one of the Windows Updates.
     
  5. krit86lr

    krit86lr Corporal

    Ah...you may be correct about that. I did some research and your problem seems to be related to a permissions problem. (I wish I could figure out which update is causing this :mad: ).

    "I somehow got the permission set to deny special access. When I removed that permission, I can make these changes."

    The best advice that I can give you to resolve this issue:
    Download http://www.majorgeeks.com/download.php?det=4899
    Lauch Dial-A-Fix > (click) Tools > (click) Repair Permissions > (click) Go > Reboot

    Let us know if that works! :)


    P.S. I'm not sure that DAF will fix this permission problem, but it's worth a shot. Anyone else who is familiar with the above quote may be able to confirm if DAF will do the trick or not.
     
  6. Trikster

    Trikster Private E-2

    I tried DAF...no avail.

    I was messing with some other settings trying to fix this stupid issue and ended up having to start fresh again. Here is what I did and what I noticed...

    boot from XP disc
    delete primary partition
    create primary partition
    quick format
    install
    ---
    install Zone Alarm (free) set all settings as high as possible
    install laptop drivers
    launch Windows Update
    download all critical updates (didn't do .NET updates)
    tried to change the home page, cannot do it.

    I wish I tried to change the homepage before I did the updates. I am starting to wonder if there is a protected area on the hard drive where something might be hiding. Its either something along those lines or one of the Windows Updates is working like it shouldn't.

    Another thing I just thought of. Before I did my reformat, on my last setup, I was able to change my homepage. I had done updates after the homepage change (just after actually) so whatever update is causing my issue has happened in the last 2 months or less. I cannot remember exactly when I made the change but it was sometime in May.
     
    Last edited: Jun 14, 2006
  7. krit86lr

    krit86lr Corporal

    If I were you I would check for any restrictive policies next. You can use DAF for that as well.

    Launch DAF > Policies (at bottom) > click the Green Check mark if anything appears in the box.

    Other than that I'm not sure. I haven't been able to find exactly what the special denied access is exactly. When I get home I will try to find a bit more information if no one else has replied.

    Good Luck!
     
  8. Trikster

    Trikster Private E-2

    Tried that, nothing came up as restricted. How bloody bizzare on a fresh install with only updates from Microsoft...
     
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Here's my 2 cents ....never have done an install with quick format ....always choose full format for nfts ...:) :)
     
  10. jconstan

    jconstan MajorGeek

    Did you format FAT or NTFS? If FAT, I strongly suggest NTFS.
     
  11. Trikster

    Trikster Private E-2

    TimW, I did a full format in my initial post with the same problem. I am using the NTFS. There has to be either a problem with one of the Updates or there is something lurking in a protected area of the HDD.

    I have done a full reinstall with these disks about 9 months ago (so the disks are not bad). Had bought some RAM to upgrade to 2 gig and the RAM was bad, basically hosing my system. After new RAM and the reinstall, my system was working beautifully. In May is when these problems cropped up. I usually do a reformat between semesters once my machine starts slowing down a bit. It was overdue when these issues cropped up, so I figured I would go ahead and do the reformat. Problems are still here...
     
  12. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I'm going to assume your bios is not virus protected (would have to turn it off to install xp) and therefore wonder if there is a virus in the MBR?
     
  13. Trikster

    Trikster Private E-2

    Hmm... How would I check that? How would one get a virus there?
     
  14. Trikster

    Trikster Private E-2

    I hope I am doing this properly for this forum...

    Hijack This Log:

    Logfile of HijackThis v1.99.1
    Scan saved at 9:17:40 PM, on 6/14/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Kevin\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
     
  15. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Most common way of a MBR virus is from a floppy ....PM one of the guys in the malware section to look at your logs.
     
  16. infoseeker

    infoseeker Master Sergeant

  17. Trikster

    Trikster Private E-2

    How do I do that TimW? I have a floppy drive I can put into my laptop, but what software do I need to put on it to check my bios. I know it will be something run from the command line or DOS, but what?

    Do you guys think this is a malware issue? Unless there is a hidden partition on my HDD (where this malware might be hiding) or the malware is coming from Microsoft, how would I get infected?
     
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds