Need help with XP startup


Last Updated:

  1. EarlyMon

    EarlyMon The PearlyMon Moderator

    Ok, I have a bad one.

    Recently, my elderly mom got the XP Antivirus 2011 malware. I got that solved via the web, and found she had no working anti-virus, so I got here going with Avast and cleaned up a lot of stuff.

    She is running XP Home Edition - and she lives clear across the country, no one to help.

    So - at startup, she is being faced with an IE page saying the suggested web page can't be found and maybe it's a network problem (that she insists on believing and wanting to read me 6 year old HP user guides on networking - bless her, in her 80s she is).

    She was also getting failure to launch a corrupted Yahoo messenger.

    Neither show up in any of the account startup folders - I had here clear those out and she still got those two.

    I then had her install Windows Defender and disable Yahoo Messenger on startup - that worked.

    But the mysterious IE window remains - no address bar of course - and no way to get her to read off the list of processes in a way that makes sense from Task Manager when it's up (TM just shows the error window in the apps tab).

    I wanted to try Remote Desktop - except - XP Home Edition doesn't support RD thru DSL.

    I've tried going thru the entries in msconfig files - nothing bad there.

    I've tried System Configuration Info but ultimately, every process listed for startup is a known process name, checked against blacklists by me, located in the correct places, and already virus scanned. If I have her uncheck everything in System Config Info and restart in diagnostic mode, the problem disappears.

    So - I'm guessing that leaves the registry?

    Any good, totally free registry cleaners out there I can trust?

    Any suggestions where else to try to look for startup stuff under the circumstances?

    Any chance of getting Remote Desktop working on XP HE thru DSL (the rest of the web says no, but I'm asking)?

    Anyway - thanks and HELP! :)

    Advertisement
  2. SUroot

    SUroot Well-Known Member Developer

    You dont need RDP, you can sign up for a free logmein.com account. You'll need to sign yourself up as a dummy run to document it (including downloading the plugin) and then you can talk your mother through doing the same. Once she has an account and downloaded the plugin, she can create a secondary account and password. You go to the site, log in and can connect to her PC via your browser.

    Last time I used it, the web site wasnt amazingly intuitive which is why I suggest you go through all teh steps yourself first and document it.

    May sound obvious, but its definitely worth cleaning down any temp folders as things like this can manifest there.

    I dont personally think it will be in the registry. If it is, it may be in something like:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

    May be worth also running:
    Advanced SystemCare Free - Free software downloads and software reviews - CNET Download.com

    and:
    CCleaner - Free software downloads and software reviews - CNET Download.com


    Its been a while since ive cleaned a registry, but Its always worth browsing cnet by editors ratings. Just try to look out for "Sponsored matches" which appear even if you only tick "free". You can see in the left hand pain if there is a prioce as these scan but not clean.
    EarlyMon likes this.
  3. TxGoat

    TxGoat Guest

    Since she's already using AVG AVG Free | PC Tuneup | Registry Cleaner, File Recovery, Internet Accelerator | Worldwide

    Also, you can try getting her to download something like Chrome or Firefox and removing IE (and re-installing if you must, granted I like having a 2nd and sometimes 3rd browser as backups). I've actually had to remote into an accountant's computer who was using dial-up and it was painfully slow. Granted the remote desktop tool we were using was an adobe system that wasn't free, but it let me dial down the image the lowest resolution B&W that I could while still seeing everything on the desktop.



    How do I uninstall or remove Internet Explorer as a troubleshooting step?

    PC Hell: How to Remove About:Blank Homepage Hijacker


    Oh and the standard *****I am not liable for any issues that may arise from performing the above steps, nor can any claims be filed against me for the information provided above. By performing any steps mentioned, you are acting on your own behalf...blah blah blah....etc etc etc******
    EarlyMon likes this.
  4. A.Nonymous

    A.Nonymous Well-Known Member

    You're making it too complicated. IE won't work because that particular virus sets up IE to be self proxied. With the virus gone, that proxy no longer exists. She needs to go into the Internet connection properties and uncheck the "use a proxy server" option.

    Skip the registry cleaners. They're bogus IMO.
    9to5cynic, johnlgalt and EarlyMon like this.
  5. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    ^ this. And I love the part in bold - I'm in the same camp - Bo-gus.
    EarlyMon likes this.
  6. SUroot

    SUroot Well-Known Member Developer

    Couldn't disagree more. Although they probably wont fix this issue, I like to have a clean registry like I like to have a clean desktop. I don't like crap all over the place.

    Where as they shouldn't be used willy-nilly, its good to remove those broken links to applications that no longer exist.

    Maybe one day, applications will uninstall themselves fully. But until then...
    EarlyMon likes this.
  7. andr01d

    andr01d Well-Known Member

    I use the free Wise Registry cleaner. They will scan the registry and provide a list of bad or broken items before we choose to delete it. Be sure to select the deep scan option. We can also compact or defrag the registry to make everything boot/work faster. Has been very safe to use - it hasn't messed up any of my various systems over the years. bye.
    EarlyMon likes this.
  8. A.Nonymous

    A.Nonymous Well-Known Member

    You never see that stuff though and it doesn't affect anything. It's like moving all the furniture every time you vacuum. Sure your living room is technically cleaner if you move the couch around so you can completely vacuum underneath it. If you don't though, the dust simply accumulates under the couch where no one at all can see it. It's out of sight and has no effect on anything. No guest is going to peer under your couch and then go around telling people you have a filthy house. Vacuuming under the couch accomplishes little. Going through the registry and cleaning out orphaned entries is the same way. Accomplishes nothing. So now you have a clean registry (assuming the product you used isn't crap like many of them are). So what. Doesn't make your computer run faster. Doesn't make the computer perform any better. All it does is you now know that you have a clean registry.
    EarlyMon likes this.
  9. TxGoat

    TxGoat Guest


    haha, I know where someone hides all their dust bunnies....


    I personally would rather have a nice and neat registry as well. Windows is too damn temperamental as it is. Why risk it? Then again, if you don't know what you're doing you can really jack your system up.
  10. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    To expand upon A's post:

    Unlike what most people think, the registry is not loading into memory until needed. If there a lot of broken links in the registry (to the tune of several tens of thousands) then you might want to start looking at cleaning, but otherwise, you're vacuuming up the equivalent of three individual short hairs in a 25000 square foot room.

    This link starts the myth-debunking process - What's the Registry, Should I Clean It, and What's the Point? - including the quotation from Ed Bott (with whom I have absolutely no affiliation, and also with whom I am more in disagreement than agreement most of the time). Of importance is this quotation:
    Then, there is this information from Wikipedia (again, no affiliation, and I had no part in writing the article): Registry cleaner - Wikipedia, the free encyclopedia Of note here are the different advantages and disadvantages.

    If you also look at Windows Registry - Wikipedia, the free encyclopedia you can see that the registry mainly stores information as any database does - and the OS, various programs you have installed, etc only come looking for said information in the Registry when they need it - and they don't do a search through the entire registry for the information, they have specific key values they look for and retrieve the information directly from the associate key(s).

    Now, I'm not gonna berate you if you clean your registry - more power to you. It's just that in the long run, there is too much for the average user to mess up, b/c registry cleaning programs are not 100% perfect no matter how good the developer(s) is/are, and one slip up can leave you hanging in a very bad way. I consider myself a computer expert, and I've seen what even the slightest misstep can cause a system to do - hell, I've made many of those missteps myself.
    EarlyMon likes this.
  11. A.Nonymous

    A.Nonymous Well-Known Member

    There's zero risk if you leave it as it is. Broken registry links are not going to jack up your computer. They're not going to slow your computer down at all. Now, way, way, way back in the day (Windows 95/98 era) that might've been true. It's not at all true today. Computers are faster. Hardware is better. Windows is better optimized and the registry is completely and totally irrelevant to 99% of users. The only people who need to do anything with the registry are tech support people and power users as it allows you to tweak the OS at a much deeper level than the vast majority of people even care or notice.
    EarlyMon likes this.
  12. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    The problem arises from when people get malware infections that also use the Registry, and the novice end user starts associating the registry with malware and then starts finding ways to 'optimize' or 'clean' or whatever in order to prevent another malware infection.

    that's actually the reason why reg cleaners became so popular back in the day - to help ward off malware as well as remove infections.
    EarlyMon likes this.
  13. SUroot

    SUroot Well-Known Member Developer

    The fewer orphoned objects there are, the easier it is for me when I'm looking for other keys. Only slightly perhaps but nevertheless.

    I would also like to inform you I am actually allergic to dust ;)

    True story. And some furs...
    EarlyMon likes this.
  14. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    Allergic to dust, mold, mildew, and most pollen grains....lol.

    That aside, though, a user of your expertise I have no qualms about using a reg cleaner. it's the novice users who get their info from a friend (who also happens to be another novice user) that keep me in business....
    SUroot and EarlyMon like this.
  15. TxGoat

    TxGoat Guest

    For me it's like some peoples' reaction to bloatware. It's for the most part benign and harmless except for the annoying updates, but I'd just rather not have it there. Yes computers are much more evolved and can run mostly without issue, but why do you want a registry entry that originated via some malware installation? Different strokes for different folks. I'd personally rather have a clean registry for my own peace of mind. It's like changing the oil on a car at recommended intervals or a few thousand miles later. People can argue either position until they're blue in the face. it all comes down to what the driver/enduser is most comfortable with.
    EarlyMon likes this.
  16. EarlyMon

    EarlyMon The PearlyMon Moderator

    FWIW - our (my company's) software _does_ clean itself up from the registry on an uninstall.

    And I do find value in a tidy registry. A dirty one can be harmless, but I have experienced cases where a virus clean or a poorly maintained machine (I am facing both in this case) can lead to the registry being so tangled that services fail and apps preferences get cross-wired. Proper overall behavior assumes the registry wasn't abused by crapware and viruses. If you think this isn't possible then thank your lucky stars you've never faced it. And I'd forgotten so thanks for reminding me - a bad registry cleaner accomplishes the same thing that some malware does - tangles that can impair services or startup.

    In the past when I did want the registry right, I would simply fix it by hand. I would prefer to do that here, or at least see what it really thinks is starting without me having to dance through derivative cartoon interfaces like System Configuration Info. But without proper remote access, my options are limited.

    Also appreciate the tip on logmein.com - I thought they were strictly a paid VNC service for phone to PC, etc. I think I'll go ahead and sandbox that whole thing on two machines here.

    Appreciate the help and feedback - it's been years since I've had to stare down an improperly maintained Windows box and now it's remote and an HE to add insult to injury. :) :p

    Anyway - I'll just go on record here: real operating systems do not use Mickey Mouse registries. Ever.
  17. EarlyMon

    EarlyMon The PearlyMon Moderator

    And sorry, my extreme bad, for incomplete info in the FP.

    After clearing the erroneous blank IE page, everything else seems to run just fine, including IE (if IE can indeed be claimed to run fine).

    It's as if something is trying to launch a webpage - I suspect that it's for a malware or crapware advertisement that's been taken down - and then exiting after spawning the web page launch.

    It's a total nuisance and is frustrating to an 80+ yr old.
  18. SUroot

    SUroot Well-Known Member Developer

    IE can be claimed to run as well as it has ever run ;)
    EarlyMon likes this.
  19. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    If you want a great way to manually clean your registry, I humbly suggest David Ching's RegEditX RegEditX - Tweaks for the Windows Registry Editor (REGEDIT) - with Registry Crawler incorporated. I'm waiting for the final release so I can buy it, but I've used both RegEditX and Registry Crawler in the past (RC was 4.5 when last offered as a standalone product, RegEditX 2.0 was the last I used before I found the new 3.0 βetas).

    Also, here is a list of online scanners you can run through - I realize that you, EM, probably don't need this, and this list is a bit old, but I'm including it here b/c anyone else reading the thread may benefit from it. I also just now verified each link, they're all active :D http://www.vistax64.com/network-sharing/173824-slow-internet-vistax32-after-while.html#post805059 is a post I made almost 3.5 years ago for online scanners, plus downloadable software (I think you said she already had AVG) as well as MBAM.

    I'm a registered beta tester for MBAM, have been for over 5 years now, and I use the registered version (tester key) that I can do what I want with - I swear by MBAM, M$SE and WinPatrol. my days at CastleCops taught me well - don't overload and make sure that you set exceptions in each scanning program to avoid interfering with other scanning programs. For example, I have MBAM set with exceptions to M$SE, and M$SE set with exception to MBAM....
    Have you tried performing a true IE restore defaults? Internet Options --> Advanced tab --> Reset button....

    Also, check the security levels for IE on the Security tab, reset them all to default, and check for any suspicious sites in the trusted sites list.

    You might try running SpywareBlaster | Prevent spyware and malware. Free download. to fix any latent problems with IE before actually performing the reset as well. Same with WinPatrol - although the popups may be a bit disconcerting at first for her, if she reads up on WinPatrol and sees Bill Pytlovany's pic, it may make her feel a lot better (probably better than Marcin's pic, the dev of MBAM - he's like 20 lol)

    Have you performed a HiJack This! analysis?

    Pfft - I run IE 64bit b/c I can, but prefer Mozilla Firefox Nightly 64bit builds b/c of the extreme customization I can perform with it compared to IE. Still, there are sites that require me to have IE, so....
    EarlyMon likes this.
  20. andr01d

    andr01d Well-Known Member

    Re: Registry Wipe Out
    yaay i just deleted 378 registry items using the latest Wise Registry Cleaner thing. The last time i ran it was in late November. After i hit the Scan button, it showed me a long list of 380 items and i decided to keep/remember 2 items (happens to be typed URLs to some websites). The balance 378 were mostly MRU (most recentlly used list/pointers) for various softwares, some leftover/orphaned stuff from software that i previously uninstallled, some temp/junk stuff from existing software, some URLs that i didn't care about, etc. Anyways i've done this enough times... and i just hit the Start Cleaning button and they went away. They'll be back later!! :)

    Re: My Batch File - Quickie Temp Files Cleaner
    Since SSD space is precious i also have a batch file/icon that i pasted on the desktop. A couple of times a week i'll double-click this icon to clear out the temp/junk stuff. (i'm too lazy to manually go to different places to clear stuff... so i just do this once-click roomba clean:))
    --------------------
    filename: delete-temp-files.bat
    --------------------
    @C:
    @Cd\
    @cd C:\Users\username\AppData\Local\Temp
    del C:\Users\username\AppData\Local\Temp\*.* /F /S /Q
    del C:\Users\username\AppData\Local\Temp\* /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.jpg" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.htm" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.html" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.css" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.ico" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.gif" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.xml" /F /S /Q
    del "C:\Users\username\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\Z6NF0ZXT\*.*" /F /S /Q

    --------------------
    (i also have another batch file on the desktop to do some other stuff.)

    bye.
    EarlyMon likes this.
  21. SUroot

    SUroot Well-Known Member Developer

    I have firefox on Ubuntu but have chromium as my secondary. Its very rare that I have to use chromium so I just have that set up with a US proxy so I can download and use beta's that only US residents get.

    Best thing about firefox?! "about:config", without a shadow of a doubt (for me)
    johnlgalt and EarlyMon like this.
  22. EarlyMon

    EarlyMon The PearlyMon Moderator

    Yep, done that.

    Yeah, and I cleaned some (ok - a LOT) of stuff already. But this isn't a hijack. This is something launching IE at login and going to a bogus site.

    I'd love to simply get into the Event viewer (as well as the registry) - anything a normal admin would do.

    So, hopefully, log me in will get me there if the other stuff doesn't.

    Very much appreciate the other tips, btw!

    Also good for the stock Android browser where "about:debug" doesn't work! :)

    PS - Can't believe I didn't think to clear out temp. I still think the IE launch at login is a spawned process, but I'm sure temp on that machine is a mess. I'm going to shamelessly steal your commands and .bat that on her side independently do a temp clean. ;) (Srsly, tho, thanks for the bat.)

    This is strictly a startup issue. She's not launching IE, some process is. Nothing is proxied. After exiting the erroneous window (with the address bar conveniently hidden), everything works fine.

    And my favorite, a new one for me (probably because I practice safe web browsing and don't just click on things) - the whole alt-keypress access is gone when the addr widget and the rest of the toolbars are withdrawn.

    If I could figure out where it's trying to go, then I could simply scan her entire disk for that address, I thought. I doubt it's encrypted. And it doesn't seem to appear in the IE history, probably because the access wasn't successful or some other good IE idea.

    And if she could remember her router password, I'd have checked the router logs. Oh well.
  23. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    EarlyMon likes this.
  24. johnlgalt

    johnlgalt Antidisestablishmentarian VIP Member

    Even better - it could be masking itself in the autoexec.bat . ,cmd (if present), win.ini (if present) and a few other places as well. Registry is first place I'd look for, but sometimes the old ways work best b/c many modern system cleaners and overhaulers forget to look in the old places anymore...

    Startup folder in Programs is another good place too look.

    But all of these can be checked by WinPatrol :D
    EarlyMon likes this.
  25. TxGoat

    TxGoat Guest

    I don't care what anyone says, the best way to get rid of all Windows issues is at the command prompt type in "Format C:".


    What I've always thought would be a good idea for computers is a diagnostic port like cars (OBDII) where you can plug in a tablet or a laptop and run a complete diagnostic test/repair on a system that's acting weird. And by complete I mean HD tests, malware scans, hardware configuration. I'm sure something like that would take forever to implement and would probably thin out a lot of IT positions, but I've always thought it would be nice to have a comprehensive tool that any IT professional can just perform complete system scans via a cable.
    EarlyMon likes this.

Share This Page