dencorso

Thanks a lot, M2GD, you rock!

Would you please quote the info about the issue here? TIA.

If I had to place a single bet, mine would be on ESET... is yours v.4 or later and is it fully up-to-date?

Nothing out of the ordinary, as far as I know (I like to think I run pretty light). Mostly a whole pile of video codecs, but none of them have posed a problem before and I've been running for quite a while with the same ones. Does the AutoRuns.arn file contain any sensitive information about my computer? I admit to being a bit nervous about sharing it with the public. I see no need to post it right now. But AutoRuns usually finds a lot of things that are default, so I suggest you go into the "Options" menu, select "Verify Code Signatures" and "Hide Signed Microsoft Entries", and re-run it. Maybe this time something that eluded you before will catch your eye. If not, consider posting a screenshot of autoruns output, which is much less invasive than posting the .arn file. BTW, by hanging you mean just plain freezing, or does it throw you a good old BSOD?

Good to know you've solved it!

This thread is inspired by pointertovoid's USB functional patches for Win2000 after SP4 and R1, of course! Only those files related to USB that were actually updated after SP3 are mentioned here. None of these updates is known to cause any issues. -----------------XP-SP3----948101v3-949764-945436-949033-959765-968764-969238-2828030-2807986-2868038-2862330-2862335-2884256-3139398-- ======================================================================================================================================= usbd.sys--------2600.0----------------------------------------------------------------------------------6437--------------------------- usbccgp.sys-----2600.5512-------------------5585--------------------------------------------------------6437--------------------------- usbehci.sys-----2600.5512--------------------------5587----------5778---5825----6368--------------------5778--------------------------- usbohci.sys-----2600.5512----5550------------------------------------------------------------------------------------------------------ usbuhci.sys-----2600.5512-------------------------------------------------------6368--------------------------------------------------- usbport.sys-----2600.5512------------5551------------------------5778-----------6368--------------------6437--------------------------- usbstor.sys-----2600.5512-------------------------------------------------------------------------------------------------------7012--- usb8023.sys-----2600.5512---------------------------------------------------------------6352------------------------------------------- usb8023x.sys----2600.5512---------------------------------------------------------------6352------------------------------------------- usbaudio.sys----2600.5512-----------------------------------------------------------------------6425----------------------------------- usbvideo.sys----2600.5512-----------------------------------------------------------------------6425----------------------------------- usbser.sys------2600.5512-----------------------------------------------------------------------------------------------6442----------- usbscan.sys-----2600.5512---------------------------------------------------------------------------------------6418------------------- rndismp.sys-----2600.5512---------------------------------5716------------------------------------------------------------------------- rndismpx.sys----2600.5512---------------------------------5716------------------------------------------------------------------------- hidparse.sys----2600.5512---------------------------------------------------------------------------------------6418------------------- irbus.sys-------2600.5512-----------------------------------------------------------------------6425----------------------------------- ======================================================================================================================================= ---------------------------948101v3-949764-945436-949033-959765-968764-969238-2828030-2807986-2868038-2862330-2862335-2884256-3139398--

First of all get Malwerebytes Antimalware, run it and let's see what it finds. Next, get Sysinternals AutoRuns, install, run and let's see what it finds.

Supertramp - Hide in your shell

On running, DETECT creates two new files: BIOS.BIN and BIOS.TXT... the former is an image of the actual BIOS, and the latter containd the results of the detection in text format. So, C:\ is a good place to run DETECT from, because, then it'll create those two files in C:\... Afterwards both may be zipped and attached here, although zipping and attaching BIOS.TXT should suffice.

Instead of spending several hojillion dollars on some new software, spend about US$ 50 on a couple of RLoew's patches, and Windows 9x will fit confortably in pretty new hardware, no shoehorning needed at all.

Truth is, whatever we may say, the thread's title question is intrinsecally unanswerable. And Cyberguy's question about KernelEx is intrinsecally unanswerable, too. It would be necessary to set up two identical machines, one with state-of-art 98SE or ME and the other with, say, Windows 7 updated as per MS's recommendations and put them under attack by a *representative* sample of current malware, for a given time interval, and then count the infections... But: what is a *representative* sample of current malware, and for how long? As I understand such an experiment to be unfeasible, to me, those questions are unanswerable.

Probably.

Next step: RootkitRevealer...

This precious old tool can retrieve the full BIOS identification string and date: DETECT, but it must be run from true DOS, not a Windows DOS Box.

There's nothing much to explain. Click on the "Free Download" button. It'll pop up an ad window (which you can simply close) and display a countdown... when the countdown ends a "Download" button gets activated: click on it and the download starts, after you select where to download to. You asked for nusb36e. There it is.

But not an attentive reader, because it was there all along... try the third post before your own.

Thanks for the precise info! For the sake of completeness, however, it's worth to point out that the configuration displayed on Post #1 is *exactly* the second recommended configuration for UEFI-based HDD partitions, which is in this page I arrived at from the one you linked. Of course, Partition 4 could be divided in two, say, one of 72 - 128 GiB for Win 7 and the rest for a USER DATA partition. Doing so makes it much easier to implemente an effective backup strategy (images for the OS, incremental for the data), from that point on. Just my 2 ¢, of course.

Some rice paper in front of the led flash will do nicely, too.

I think the "Shell=Winfile.exe" line must go into system.cb, too, to influence safe mode... BTW, "CB" means "clean boot", FTW.

Edit a file named SYSTEM.CB Add to it a section like this: [vcache] MaxFileCache=393216 Let's see whether this improves your Safe Mode enough for you to be able to follow RLoew's instructions.

"Something like" is useless. The exact command is: reg query HKLM\System\CurrentControlSet\Control\TimeZoneInformation

Because darrelljon loves doing it from time to time... previous one is this thread, and I bet he won't find out any new facts, nowadays.

Why not?

No. You just install and (if needed) run it.

Wow! Thanks for the heads up!