Page 4 of 4 FirstFirst ... 234
Results 46 to 57 of 57
  1. #46
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    Thank you so very much for all of your invaluable assistance here.

    1) I have been working off of Hiren's Mini-XP for a day or two, including its ancient Opera browser, without any BSOD or frozen pointers. If I have hardware issues, why don't they show up here?

    2) Not 100% sure about this: "Disable every port/channel/device in the BIOS that you don't need...for testing". You lose me when you say "...in the BIOS..." Also, I don't have a firewire. I have a regular connection to the cable company-supplied modem. I have an installed graphics card that came with the computer.

    3) I've vacuumed inside the box a few times, checked the caps, and the other items mentioned but not for awhile. I will do so again noting the precautions you stated.

    4) If this helps you assess my issues, I finally ran Malwarebytes (free version, v2017.09.02.08) successfully (in Safe Mode). The 9th time was the charm. The first 8 times I ran it, it ran anywhere from 6 seconds to 2 minutes 15 seconds before it crashed, i.e., frozen pointer, forcing a cold reboot. I had 26 of these error messages: pup.optional.malware protection and pup.optional browser extension. I deleted them and clicked on "re-start" and it tried to take me to normal mode and I got the same result I got every time I tried to boot up in normal mode as described in my previous posts.

    Thank you again.

  2. #47
    Administrator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    5,091
    Thanks
    442
    Thanked 681 Times in 572 Posts
    Compared to Windows OS and drivers, generic/boot/live CDs such as Hiren's don't use the hardware to their full capacity, they may not enable all hardware attached either. They will bypass most malware infections though, so get the PC cleaned of all malware/adware, etc. before going any further. Attach the Malwarebytes log, we might be able to gain some clues from it.

    To access the BIOS: http://www.makeuseof.com/tag/enter-bios-computer/ An explanation of the BIOS and how to make some basic changes and navigate around in it: http://www.makeuseof.com/tag/the-bio...m-defaults-si/
    1394/Firewire is enabled in the BIOS, drivers are loaded and resources are being used for it in Windows. Similar for the Floppy drive, Serial and Parallel ports, etc. If you don't use them or have anything connected to them, disable them and free up some resources for hardware that you do need, it should also cut the time taken to boot into Windows.

    I'm unsure which good anti-malware tools will still work on XP but I'd start by using Hitman Pro, AdwCleaner and
    Junkware Removal Tool (the last two are from Malwarebytes) and please attach the resulting logs from them.

  3. The Following User Says Thank You to satrow For This Useful Post:

    BlueNumber (2017-09-11)

  4. #48
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    Here is the Malwarebytes log. Thank you.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 9/2/2017
    Scan Time: 6:40:15 PM
    Logfile: MB.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2017.09.02.08
    Rootkit Database: v2017.08.02.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows XP Service Pack 3
    CPU: x86
    File System: NTFS
    User: Administrator

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 262676
    Time Elapsed: 7 min, 51 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 3
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\quarantine, , [0f918c23e0c9a6902c04f58b9868956b],

    Files: 23
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\MalwareProtectionClien t.exe, , [c3dd2f801e8bd85e18f96c25a15f9e62],
    PUP.Optional.MalwareProtection, C:\WINDOWS\Tasks\MPLClient.job, , [217f3679faafb87e8059dd9c3bc515eb],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\Uninstall.exe, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\BEHelper.exe, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\Button.exe, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\Button64.exe, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\ButtonWrap.dll, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\ButtonWrap64.dll, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\Coupons.dll, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.BrowserExtensions, C:\Documents and Settings\Owner\Application Data\BrowserExtensions\Coupons64.dll, , [4759713e66437eb8f2ec8212887aad53],
    PUP.Optional.MalwareProtection, C:\Documents and Settings\Owner\Start Menu\Programs\Malware Protection Live.lnk, , [8a167e31dfcaa591aa0a4275e71b32ce],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\domains, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\DotNetCheck.exe, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\DotNetCheck.exe.config , , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\MalwareProtectionClien t.exe.config, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\MPLSettings.dll, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\uninstall.exe, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\userinfo.dat, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\x86helper.dll, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.MalwareProtection, C:\Program Files\MalwareProtectionLive\x86inject.dll, , [0f918c23e0c9a6902c04f58b9868956b],
    PUP.Optional.Spigot, C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nha7bzmf.default-1492835834687\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://imp.ytdwld.com/impression.do?source=395337&sub_id=20170612&user_i d=220&traffic_source=update&event=ro_adr_search&im plementation_id=ytdau&redir=https%3A,[cbd5377882279e98f55d0208b84b0df3]F,[cbd5377882279e98f55d0208b84b0df3]Fsearch.yahoo.com,[cbd5377882279e98f55d0208b84b0df3]Fsearch%3Ffr%3Dgreentree_ff1%26ei%3Dutf-8%26ilc%3D12%26type%3D395337%26p%3D&st="), %5
    PUP.Optional.Spigot, C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yu2c9lnu.default-1412296388296\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://imp.ytdwld.com/impression.do?source=395337&sub_id=20170612&user_i d=220&traffic_source=update&event=ro_adr_search&im plementation_id=ytdau&redir=https%3A,[bee2af00b4f5fb3b7dd532d8a2614cb4]F,[bee2af00b4f5fb3b7dd532d8a2614cb4]Fsearch.yahoo.com,[bee2af00b4f5fb3b7dd532d8a2614cb4]Fsearch%3Ffr%3Dgreentree_ff1%26ei%3Dutf-8%26ilc%3D12%26type%3D395337%26p%3D&st="), %5
    PUP.Optional.Spigot, C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yu2c9lnu.default-1412296388296\prefs.js, Good: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Bad: (user_pref("browser.startup.homepage", "http://imp.ytdwld.com/impression.do?source=395337&sub_id=20170612&user_i d=220&traffic_source=update&event=ro_homepage&impl ementation_id=ytdau&redir=https%3A,[eab68e2142672115b71498769b6830d0]F,[eab68e2142672115b71498769b6830d0]Fsearch.yahoo.com,[eab68e2142672115b71498769b6830d0]F%3Ftype%3D395337%26fr%3Dspigot-), %5

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  5. #49
    Administrator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    5,091
    Thanks
    442
    Thanked 681 Times in 572 Posts
    Not so bad, run the other tools and see if they pick up anything else.

  6. #50
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    Here is the Junk Removal Tool log:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Microsoft Windows XP x86
    Ran by (Limited) on 2017-10-08 at 11:08:28.79
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
    File System: 1

    Successfully deleted: X:\Documents and Settings\All Users\Start Menu\Programs\ytd video downloader (Folder)
    Registry: 0
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
    Scan was completed on 2017-10-08 at 11:08:54.62
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~


    Here is HitmanPro log:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
    HitmanPro 3.7.20.286
    www.hitmanpro.com

    Computer name . . . . : MiniXP-566
    Windows . . . . . . . : 5.1.0.2600.X86/1
    User name . . . . . . : NT AUTHORITY\SYSTEM
    License . . . . . . . : Free

    Scan date . . . . . . : 2017-10-08 11:24:39
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 26s
    Disk access mode . . : Direct disk access (FsdHigh)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 0
    Traces . . . . . . . : 3

    Objects scanned . . . : 55,149
    Files scanned . . . . : 448
    Remnants scanned . . : 0 files / 54,701 keys

    Suspicious files __________________________________________________ __________

    X:\i386\system32\keybtray.exe
    Size . . . . . . . : 10,064 bytes
    Age . . . . . . . : 1796.5 days (2012-11-07 00:00:00)
    Entropy . . . . . : 7.9
    SHA-256 . . . . . : A6803C7B00FF3CFAFB371FAC53344DA905FE6174219CFE8CFA 605661628B4924
    Running processes : 1792
    Fuzzy . . . . . . : 34.0
    Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
    Program contains PE structure anomalies. This is not typical for most programs.
    Program is running but currently exposes no human-computer interface (GUI).
    Authors name is missing in version info. This is not common to most programs.
    Version control is missing. This file is probably created by an individual. This is not typical for most programs.
    The file is in use by one or more active processes.
    The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.


    Repairs __________________________________________________ ___________________

    Repair Winsock
    HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Pa rameters\Protocol_Catalog9

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~

    Please note that these activities were run on MiniXP on a Hiren's disk using an old version of Opera.
    Thank you very much for your assistance.
    Last edited by BlueNumber; 2017-10-09 at 15:10.

  7. #51
    Administrator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    5,091
    Thanks
    442
    Thanked 681 Times in 572 Posts
    Have you tried a repair install of XP yet?

  8. The Following User Says Thank You to satrow For This Useful Post:

    BlueNumber (2017-10-20)

  9. #52
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    No, I have not tried a repair install of XP yet. I've done it a few times years ago and it was a nightmare, especially having to download all the Microsoft updates and then getting the BSOD in the middle of the Microsoft updating and then having to do the repair install over again. I don't even know if the Microsoft updates are still available. Before I do that again, I would really like to do an sfc /scannow but I can't do it, as explained in my previous posts to this thread.

  10. #53
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    Please don't give up on me yet. Thanks.

  11. #54
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    In the spirit of the holiday season, will someone please help me? I am still stuck using Hirens' Mini XP. I would really like my computer to work. Thank you.

  12. #55
    Star Lounger
    Join Date
    May 2013
    Posts
    82
    Thanks
    35
    Thanked 0 Times in 0 Posts
    Sure wish someone would help me. Why the loss of interest in my issue? Was I taking up too much time? Oh well, Happy New Year everyone.

  13. #56
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,524
    Thanks
    38
    Thanked 374 Times in 327 Posts
    Quote Originally Posted by BlueNumber View Post
    Sure wish someone would help me. Why the loss of interest in my issue? Was I taking up too much time? Oh well, Happy New Year everyone.
    Have you tried running Tweaking.com Windows Repair (All In One)?
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    Confuscius said: "no use running harder if you're on the wrong road" and "any problem once correctly understood is already half-solved".

  14. #57
    Lounger
    Join Date
    Feb 2017
    Posts
    25
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Your initial post said "I need to run SFC /SCANNOW".
    I have also had a need to run SFC /Scannow but have not been able to as it keeps asking me to insert the SP3 CD. I have tried the SP3 only CD and a full XP CD including SP3 - - nothing works.
    Recently, I came across a solution...
    1. I inserted an empty USB Flash Drive
    2. I opened my C:/ folder and located the i386 folder.
    3. I copied the entire i386 folder onto the Flash Drive.
    4. At the Run box I entered SFC /SCANNOW
    Somehow the computer recognized the i386 folder and proceeded to run SFC /scannow. It took quite a while but it completed.

    Hope this helps.
    Last edited by Cape Sand; 2018-01-07 at 15:51.

Page 4 of 4 FirstFirst ... 234

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •