Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content Count

  • Donations

  • Joined

  • Last visited

Everything posted by bizzybody

  1. I have a PC with a nVidia FX 5000 series AGP video card connected to a HDTV. The nVidia control panel has settings for video brightness, contrast, gamma etc. Windows Media Player completely ignores all those settings and displays all videos very dark. I have to use its own brightness setting, turned up +10. Wouldn't be a problem if WMP would keep that as a default but when a new video is opened it resets all its adjustments back to zero. Is there a fix for this?
  2. Anyone have a registry file or script or anything to automate enabling the installer service in Safe Mode? I did it on a 7 Home Premium SP1 64 bit laptop the other day with the info from http://www.sevenforums.com/tutorials/117840-uninstall-remove-software-safe-mode.html Note that MSIService in the registry part should be MSIServer What went worng was a program that caused Windows to lock up when the mouse was clicked once on anything after booting. I figured "I should be able to uninstall this in Safe Mode.". Nope. MS has helpfully disabled the installer service in safe mode. Whip out the Android phone and found that link, jump-started the installer service, uninstalled the problem program and all was well, especially after a Windows Update visit and 45 new updates. Having a quick file to simply doubleclick and fix this *before* I do anything else on a Win 7 system would be very handy. I just did find a little exe that adds the data to the minimal option but not to Safe Mode with networking.
  3. I did a file and settings transfer from Vista Home Premium to Windows 7 Home Premium. When I went to launch Windows Mail on the 7 system, Avast 7 complained about changes needing to be made in the e-mail so its security could handle it. So I permanently shut off Avast"s e-mail protection. Now it pops up in the tray that there's new e-mail but clicking on that or the Mail icon pinned to the taskbar does nothing.
  4. The latest thing in flash drives use a normal USB connector with the rest of it smaller than the connector, has just enough to stick out so you can get hold of it. Verbatim Store n Stay, Lexar Echo ZX, Lexar Echo ZE, SanDisk Cruzer Fit are available from Amazon. Western Digital also has one but it's a rebranded Chinese cheapie with tons of negative reviews. How most, possibly all, of these are made is they have a Micro SDHC card between the USB connector's metal shield and a thin PCB with the USB contacts. I presume the reader electronics are in the tiny plastic nubbin attached to the connector. There's at least one company selling one where you can insert (and remove) your own micro SDHC, from the USB connector end. That one's also available at Amazon. I got a 4gig Verbatim one for my car stereo. It does not have any blinky LED, which suits me fine so it's not blinking at me while playing tunes and driving at night. I know the Verbatim one has a micro SD card in it because it came up as a card reader when XP recognized it. Dunno if I want to try pulling the card out to see if it has any markings.
  5. I replaced the Netgear with the Belkin F5D8230-4 and bought a Chinese made wireless router based on a Ralink chip. I put the Belkin in router mode and the Chinese box in bridge+ethernet converter mode. The little black box makes its WiFi link emulate a wired connection to the Belkin and as a bridge acts like it's just another switch in the LAN. "All in all you're just a- nother switch in the LAN!"
  6. If you zero out the MBR then do a quick format, followed by installing the operating system, there's no malware or virus that will survive it because there won't be any nasty code able to run. To pick up any possibly surviving bad code laying about in clusters marked empty... first the partitions and file system would have to be exactly the same as before the reformatting, second the clusters containing the malware's critical files would all have to be untouched by the new OS install, third there would have to be a new malware infection designed do data recovery looking for the other malware. In short that ain't never gonna happen ever. Much easier to post some banner ads to an unscrupulous or incompetently run website advertising provider and attempt "drive by" infestations. There's a forum I used to frequent quite a bit until they went with an advertising provider who provided ads that attempted all kinds of nastiness. When informed of what was going on and what to do about it (dump their ad provider and find an honest one ASAP) they shut the site down and spent three days thoroughly checking their servers for contamination. Finding none they put the site back online *with the same malware spewing advert service*. The admins wanted logs etc to show to the ad provider. Yeah, sure, like anyone has time for logs and screen caps while their browser is being hijacked in an attempt to shanghai their PC in order to spread the disease and/or steal personal info. The ad service was crooked, dump it, find an honest one. Dead. Simple. Fix... which they spent months not doing.
  7. The hard part of finding the source files of stealth malware is they can protect themselves from being detected, or can protect themselves from being deleted. The especially nasty ones can even hide when Windows is in Safe Mode then come back when the PC is booted normally. Some I've encountered appear to replace some critical system files during boot, and put the real ones back during shutdown. That foils offline scans. What I haven't figured out is how/where they hide the commands to do the swap during boot. The first one of those I ran into didn't have the scheme perfected because pulling the power cord got it into a no-boot situation so I had to do a repair install of XP. What was rather amazing about that was the repair install did not eradicate the malware. Much of these malware tricks would not be possible if the Safe Mode of 2000, XP and later was more like the Safe Mode of Win9x where *everything* is locked down and cannot be changed. Safe Mode should be a self-repairing setup where all the files used to run it are checked multiple ways for corruption and automatically replaced if they are. It should be possible to have Safe Mode actually be safe. Microsoft just hasn't bothered to do it.
  8. I have a Belkin F5D8230-4 version 1002 (MIMO 3 antenna wireless N) and a Belkin F5D7230-4 version 6002. I want to connect one to my DSL modem and create a wireless bridge or extension from my house to a wired LAN in my office. In the house I'll only be using laptops and an HTPC with wireless. In the office I have a LAN with two PCs and three HP printers, plus any computer I may be working on. All that is setup with a D-Link DSS-5+ switch, which I'll likely have to connect to whichever of the Belkins will be in the office, since the Belkins only have four LAN ports. I bought the two Belkins and a D-Link DI-524 revision A3 for $7 each. Upgraded all three to latest firmware. I also have a D-Link DI-604 revision E3 router. I can't change the DSL modem, which is a POS Zyxel that hasn't seen a firmware update since 2005 and has wireless so awful I turned it off. (It will not assign IPs to Dell laptops for some reason and constantly drops connection to what boxes it will talk to.) The setup I want to replace is a Netgear WGR614 (V5, 6 or 7, I forget which) chained to the DSL modem and in the office I have a Belkin Wireless G USB dongle (there's no model number on it, just a MAC address) which is plugged into one PC. That connection is then shared to the LAN so that PC always has to be running when any other computer needs internet access. I want to get it setup so any computer in the office and house can access the internet *and* the printers any time, without needing any other computer running. Currently that's three desktops, three laptops and three printers, with at least one more desktop in the works.
  9. Can someone upload version 3.4 of this? Lots of these projects are suffering link rot.
  10. Malwarebytes is quite good, but there's always new stealth malware popping up it can't eliminate or even detect. Much of the time I find Spybot can *find* problems nothing else can, but it can't remove them, even when scanning the infested install from another Windows install on a secondary drive or partition. Is there a scanner which can load an inactive Registry? Something I've been experiencing recently on infested PCs is malware that can protect itself from plug pulling, and that doesn't foul things up to the point where the system won't boot because the malware didn't have a chance to replace bad critical files with good ones during a normal shutdown. Yanking the plug then connecting the drive to a clean system or booting it with a CD with scanners, or even just going in and manually deleting the files the malware couldn't delete as it hid during shutdown used to be a nearly 100% successful treatment. Then came the malware which replaced some critical files during boot, and put the originals back during shutdown to hide from offline scanning. Plug pulling on those made Windows unbootable yet a repair install wouldn't eradicate the malware. It'd get it booting but still infested. I doubt there can be a way for malware to survive a direct copy over of the entire Windows directory tree by a squeaky clean and fully updated install, other than through an NTUSER.DAT infection that would launch a non-Windows/Microsoft provided file to re-infest the rest of the Registry and some Windows files. 'Course that can be fixed by copying over the NTUSER.DAT file(s) and *sigh* reinstalling all the applications. Oh, rootkits, rootkits and ye olde bootsector viruses could survive such measures, but I've found those generally much easier to get rid of.
  11. I had a PC which had been hit by a drive-by malware attack. It was loaded down with several browser hijack/redirectors and a bunch of other malware, much of which was very stealthy and self repairing, all of it also able to protect itself in Safe Mode too. The client only realized how big the mess was when their AV software and firewall suddenly shut down and a fake antivirus "scan" popped up. So she yanked the plug. I booted with various rescue disks and scanned it every which way but couldn't eradicate everything. There was still something doing random redirects from search sites. My solution. I connected a second hard drive and installed her XP Pro to it (editing boot.ini so I could choose which install) then updated it with everything possible. Then I booted with a CD and copied D:\windows to C:\windows I also deleted the folders for Firefox and Google Chrome (of course saving copies of the bookmarks). Upon rebooting to C: I had to reinstall the video driver, for some reason it came up in 16 color mode. Reinstalled Firefox and Chrome and every other app installed still worked. I ran CCleaner to clean up the Registry then NTREGOPT (reduced the Registry size nearly 25%!) and it ran great, much quicker than it had when loaded down with malware and a bloated Registry. A scan with Malware Bytes, Spybot S&D and Avast 6 each found a few now-orphaned and unprotected nasty files to delete. As long as the malware is only in Windows files from Microsoft and not hiding out in NTUSER.DAT, this should cure it without the inconvenience of having to take the drastic measure of "nuke and pave" with a fresh reinstall of everything. It also leaves Documents and Settings untouched. (Should probably create exact copies of all existing user names before copying the new Windows folder.) If the malware is hiding in non-windows files and being launched from commands in NTUSER.DAT, then replacing that file with one from the clean install (I used the exact same user name as the original install) should stop it but apps would have to be reinstalled. I'm moving this to the top of my list for working on @#%@^#'ed up PCs, it'll save tons of time on scanners that don't find and remove everything, especially the ever changing "vundo" family of malware. It worked better than installing Windows 95 over itself, which would always fix any intractable problem, at the cost of having to reinstall every app. I have yet to try this on Vista or 7, the majority of my work is still with XP.
  12. Here's an analogy. Getting both copies of the MFT trashed is like taking a library card catalog and knocking it over. The way all the recovery apps work would be like having to burn the existing card catalog, take all the books out of the library (copy off the files), re-arrange all the shelves (reformat the drive) then re-catalog the books as they're put back on the new shelves (copy the files back). Would be so much simpler to have the option to *try* and put the cards back in the drawers by locating all the books where they are on the existing shelves. If some of the files are *really* trashed or cannot be found at all, or if there's a hard error on the drive, well, nothing lost but the time and convenience saved by being able to do an in-place restoration (picking up the cards and re-filing) - just go the route of copying off the files that can be saved.
  13. Or if it will even be able to do anything at all. Making things worse is the CD-ROM drive is apparently dead in it. Spins but never detects a disc, so I'd have to scrounge up a drive just to try booting with an XP CD to run chkdsk. I don't have any spares laying about. Perhaps I'll see if the customer wants to buy a somewhat newer Dell I have with a DVD-ROM, CD-RW, larger hard drive and better video. Save me the time of a full install and I can copy over her files I salvaged.
  14. Will that work with both MFT copies corrupted? When I connected the drive to a working system it tried to run chkdsk on it during boot but couldn't.
  15. I have a Maxtor DiamondMax 40 I've been holding onto for some years. It's problem is it apparently lost its firmware, BIOS either sees it as a 9 gig MILLENNIUM or not at all and it clanks the heads back and forth. PCB is marked TNT V-3. I've searched several times for firmware, utilities etc for Maxtor drives, found stuff for just about every series *except* the Millennium. The data on it is old, likely nothing on it I need anymore, but for a long time every so often I'd go looking for something... "It was on the Maxtor, dammit." Nothing on it was ever worth the $$$$$$$$ to send it in for recovery, but it'd be interesting for my own personal history to be able to at least see what's on it after several years, might even be something useful on it I've forgotten. I'm fairly certain it's FAT32, I don't recall if I had this drive in a Windows 2000 system.
  16. I have a hp compaq slimline box in the shop with XP Pro SP3. Had a malware infestation which I cleaned up then updated Windows, Norton etc. Did my usual three reboots and other tests to ensure it was all working 100%. Customer takes it home and shortly calls back saying it's not working so I go out there and sure 'nuff it's a BSOD no mountable volume. Back at the shop it won't even do that much. (Oh joy, worse than the time a fresh 2000 setup decided to blow up its User Hive on the first boot for a customer after behaving perfectly in the shop, and never another problem again after reinstalling everything. Ran perfectly for years.) TestDisk says both boot sectors are OK but both MFTs are corrupt. Fortunately it's only a partly full 40 gig so I can use a utility to find all the files and folders to copy to another drive. It looks like 100% of everything is still there, folders and files. There appears to be one spot with some error I have to tell it to ignore so it'll go ahead with copying. It's not able to make an image of the drive because of that. Is there a way to just rebuild the MFT *in place* so the box can be booted with some other utility disc to run scans, repair etc? Or alternatively, do a full format then copy everything back and get it to boot? Of course being an hp compaq d530s there ain't a recovery disc, which if there was would wipe all the user files and software. If the bad spot doesn't contain critical files, then the *easiest* thing to do would be to reconstruct the MFT then set the dirty bit so XP will do a chkdsk at boot, zorch the corrupt file(s) and get on with things, assuming there's a recovery utility which can do that. THEN I could connect an external drive and do a full backup which can be restored to a fresh XP install, possibly on a new drive if the original is failing.
  17. Yeah, I tried that but as soon as I went online the malware replaced wuauclt.exe and the error message popped up again. Is there some sort of watchdog app that can be set to guard a file and report what process tries to run/replace/alter the file?
  18. I couldn't come up with any utility that could find where the malware replacing the wuauclt.exe file was hiding, so I wiped it and did a clean install. The box was only used for some older games so not a big deal but it is irritating that whichever a-hole created whatever the malware on it was is so bleeping good at causing trouble.
  19. XP Pro SP3. Can't access Windows Update or Microsoft Update, apparently due to wuauclt.exe being replaced by some trojan or other malware. It has Avast 5 on it, it's been fully scanned with that, latest Malware Bytes and Spybot S&D and Avira and AVG offline CDs. Comes up 100% clean on everything I've tried. Same story with yanking the power cord then booting with an offline scan CD, still 100% "clean". That usually works to kill critical parts of stealth malware, stopping it from launching and hiding so the rest can be cleaned after a normal boot. I also tried booting with a CD and replacing the wuauclt.exe with a known good copy from another PC. Soon as I tried going to the Microsoft Update site it started the wuauclt.exe error popup again. Apparently the malware replaced the executable again but Windows' security functions aren't allowing the trojan to access the net. System File Checker finds nothing wrong. The latest Windows Update Agent refuses to install because it's already installed. Is there a way to force it to reinstall? Stopping the automatic updates service from a command prompt stops the error popup. Restarting the service gets the popup going again. Looks like this malware successfully masquerades as a valid service, until it tries to access the net. I do not want to have to wipe and reinstall just to kill one stinking malware process.
  20. I used to have a bigger Calcomp RS232 tablet, sold under the name CIC Handwriter. It was originally sold with windows 3.1x handwriting recognition software, which didn't require pressure sensitivity, so the pen's tip was just on/off. With newer Calcomp drivers it worked great 98SE. I tried to find a pen for it with pressure sensing but any pens by themselves were priced higher than what a new Calcomp or Wacom tablet that size cost new. I guess everyone with excess old Calcomp pens liked them too much to part with them.
  21. I bought a Cool-iCam CI-285 tablet for $15 on closeout a few years ago, never used it much because the last available drivers didn't work too well with XP. I dug it out yesterday to give it another try and of course ran into the same old problems. I took the back off and found the main chip, made by Hynix but got zilch on searches for anything printed on it. So I decided to try an experiment to see if the action of it could be improved. The grid in it is a flexible circuit much like in cheap keyboards and it didn't lay flat. The top case has a bunch of raised ribs and there's 16 pins that go through holes in the grid, which is held in place by little chunks of clear tubing. The problem is the pin and hole spacing don't exactly match. Turns out that craft foam is exactly the thickness of those ribs, and I just happened to have a sheet. I cut pieces to fill all the spaces where the active area is. I finished it off with a sheet of bubble wrap with 16 holes punched to fit over the tube pieces. The overall action of it is much smoother with the grid mashed somewhat closer to flat VS being all lumpy. But still the drivers were lousy. Cutting to the chase (after a long time of fruitless searching) I ran Unknown Device Identifier from Halfdone Development and it identified the tablet as a UC-Logic Technology Tablet WP3525 and a WP8060. One device, two ID's??? I expected a search for UC-Logic to lead to another dead company but <Gomer Pyle>Sur-prise! Sur-prise! Sur-prise!</Gomer Pyle> UC-Logic is alive and well and even better they still make tablets and they have drivers for XP, XP64, Vista, Windows 7 and OS X. And best of all for me, the driver supports the Cool-iCam CI-285. *sitting down happy dance* But wait, there's more. I'm pretty certain the old driver only supported 256 levels of pressure sensitivity. This driver does 512. Oooooyeah. Who needs a friking Wacom? Just did some doodling in PhotoShop and it works great.
  22. HP DV4308WM laptop. Factory install of XP Home SP2, updated to SP3 and all current updates. The keyboard has decided it's suddenly not going to work, but a USB desktop keyboard does. One possible fix I found was to show hidden devices in device manager then delete KBoard and reboot. KBoard is missing in device manager. I've already tried deleting the normal keyboard entry and rebooting. It found the keyboard and installed the driver, but still doesn't work. Next step, run SFC /scannow It says it needs to replace some system files and wants the XP Professional SP3 CD-ROM. Hewlett Packard only provided a restore disc that puts back on XP Home SP2 plus a ton of shovelware. SFC rejects it. Next I try a XP Pro CD I've slipstreamed to SP3. SFC rejects that and demands a disc with the WXPFPP_EN volume lable. So I whip up an XP HOME SP3 disc with the XP PRO volume label. Nope! SFC rejects that one too. So two questions. 1. Why is System File Checker for XP HOME asking for an XP PROFESSIONAL CD? 2. How do I force it to accept the XP Home SP3 CD?
  23. I have a program I want to package into an installer so that it can be easily uninstalled. It has two folders with files that have to go into specific paths under Program Files or in 64bit Windows into the 32bit Program Files plus one file that has to go into windows\system32 The program will run on any Windows from 98 through 7, possibly even 95, so I want to be able to install/uninstall to them all. I also have a .reg file that puts everything else required into the Registry. I've looked at Nullsoft and isetup. Neither can simply take an existing .reg file and work with it. Phooey. Translating from the Microsoft .reg standard to proprietary scripting commands is too much work. What can do Put *this* folder and contents *there*, put *this other* folder and contents *there too*, put *this file* in %systemroot%\system32 then merge a 15 kilobyte program.reg and add whatever is required to cleanly uninstall using the default uninstall management of whichever version of Windows it's been installed on. No customization options are required. I could do this install with a batch file but removing the entries from the Registry would be a problem.
  24. I did the files and settings transfer wizard in Vista Ultimate when upgrading from an 80 gig to a 500 gig in my laptop. That brought most things over but not get everything. Now there's large amounts of the C: partition on the old drive which Windows won't let me access. How do I reset permissions on everything on the old drive to give Everyone full control? I don't care if that would make it unusable to boot from, I'm just going to erase it all after I get the files I need. Nothing is compressed or password protected or encrypted, so using such brute force methods won't cause problems. I've tried the Take Ownership registry hack. That'll work on one folder at a time, but some things I need to go digging around in have many subfolders several levels deep. Take Ownership also doesn't work on all folders. There's some it just won't do a thing to. Gaining access to everything but the recycle bin folders and System Volume Information is what I need to do. IIRC, I could set up a PC and install ye olde XP original release and wouldn't have this problem. But that's a bit of overkill just to go spelunking around in my old hard drive contents.
  25. The current WSUS Offline no longer has the option to get the updates for Office 2000. So I dug around and found which does Office 2000, but doesn't get updates for as many things as the current version. I've downloaded just Office 2000 stuff with the older version, the current version is churning away at grabbing *everything* for English versions of everything it downloads updates for. What I want to do is somehow integrate the O2K updates with the current WSUS Offline so when I have it make DVD images the installer will update Office 2000 same as it will everything else. Even better would be to fix the current version to download the O2K updates, or in this case copy the files to the right places so the current version will find them and add them to the disc images. Just because Microsoft is no longer updating Office 2000 is no reason for WSUS Offline to ignore it. People still use it, just like people still use Windows 2000.
  • Create New...