Nar.vbs virus
- Thread starter rutiene
- Start date
- Status
Spyder_1386
Posts: 465 +0
hi rutiene
All seems fine
.... has your computer started working at normal speed again? Why are you on Internet Explorer 6 though? Upgrade to 7 or use Firefox .... much better
Spyder_1386
All seems fine
.... has your computer started working at normal speed again? Why are you on Internet Explorer 6 though? Upgrade to 7 or use Firefox .... much better Spyder_1386
Hi Guys
Spyder is right no apparent Malware issues so lets do some cleanup and tweaking.
First the below is harmless but lets get rid of them anyway.
Run HJT Scan only and select and fix the below 2 items.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Then do the below.
Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
Then paste to the black screen of an open command prompt. All may not apply so ignore errors.
When above is finished continue below.
A deep Temp and Reg clean.
Run CCleaner http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean. (you should already have this from 8 Steps)
Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.
KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner. (When installing uncheck Relevant Knowledge do not install)
When run Click Analyze and when it finds then click clean.
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below
Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "Cleanup at TechSpot".
Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.
As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.
It clears what is known as Shadow copies which are used by specialized back up programs.
This is if you have the Volume Shadow Copy running which is the default.
After all the above reboot run for a while and report back if there is improvement!
Mike
Spyder is right no apparent Malware issues so lets do some cleanup and tweaking.
First the below is harmless but lets get rid of them anyway.
Run HJT Scan only and select and fix the below 2 items.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Then do the below.
Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
Then paste to the black screen of an open command prompt. All may not apply so ignore errors.
Code:
@echo off
sc config Alerter start= disabled
sc stop Alerter
sc config AeLookupSvc start= disabled
sc stop AeLookupSvc
sc config ClipBook start= disabled
sc stop ClipBook
sc config Dfs start= disabled
sc stop Dfs
sc config FastUserSwitchingCompatability start= disabled
sc stop FastUserSwitchingCompatability
sc config TrkWks start= disabled
sc stop TrkWks
sc config TrkSvr start= disabled
sc stop TrkSvr
sc config DNSCache start= disabled
sc stop DNSCache
sc config ERSvc start= disabled
sc stop ERSvc
sc config HidServ start= disabled
sc stop HidServ
sc config PolicyAgent start= disabled
sc stop PolicyAgent
sc config CiSvc start= disabled
sc stop CiSvc
sc config IsmServe start= disabled
sc stop IsmServ
sc config kdc start= disabled
sc stop kdc
sc config LicenseService start= disabled
sc stop LicenseService
sc config Messenger start= disabled
sc stop Messenger
sc config Netlogon start= disabled
sc stop Netlogon
sc config NetTcpPortSharing start= disabled
sc stop NetTcpPortSharing
sc config mnmsrvc start= disabled
sc stop mnmsrvc
sc config NetDDE start= disabled
sc stop NetDDE
sc config NetDDEdsdm start= disabled
sc stop NetDDEdsdm
sc config NtLmSsp start= disabled
sc stop NtLmSsp
sc config SysmonLog start= disabled
sc stop SysmonLog
sc config RSVP start= disabled
sc stop RSVP
sc config SSDPSRV start= disabled
sc stop SSDPSRV
sc config upnphost start= disabled
sc stop upnphost
sc config WMPNetworkSvc start= disabled
sc stop WMPNetworkSvc
sc config WmiApSrv start= disabled
sc stop WmiApSrv
sc config WmdmPmSN start= disabled
sc stop WmdmPmSN
sc config RemoteRegistry start= disabled
sc stop RemoteRegistry
sc config RemoteAccess start= disabled
sc stop RemoteAccess
sc config SCardSvr start= disabled
sc stop SCardSvr
sc config TlnSvr start= disabled
sc stop TlnSvr
sc config UPS start= disabled
sc stop UPS
sc config WebClient start= disabled
sc stop WebClient
sc config DNSCache start= disabled
sc stop DNSCache
sc config RpcSs start= Automatic
sc start RpcSs
sc config RpLocator start= Automatic
sc start RpcLocator
sc config MSIServer start= Automatic
sc start MSIServer
exit
exitWhen above is finished continue below.
A deep Temp and Reg clean.
Run CCleaner http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean. (you should already have this from 8 Steps)
Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.
KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner. (When installing uncheck Relevant Knowledge do not install)
When run Click Analyze and when it finds then click clean.
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below
Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "Cleanup at TechSpot".
Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.
As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.
It clears what is known as Shadow copies which are used by specialized back up programs.
This is if you have the Volume Shadow Copy running which is the default.
After all the above reboot run for a while and report back if there is improvement!
Mike
KClean is clean! I have used this program for years. I have had many here on the Forum to use it also.
Now when you installed you did not uncheck the Revelant Knowledge as I advised and that is what it is picking up.
A very minor adware but have Comodo block it so KCleaner can install then go to Add/Remove programs and uninstall Revelant Knowledge. But keep KCleaner!
Mike
Now when you installed you did not uncheck the Revelant Knowledge as I advised and that is what it is picking up.
A very minor adware but have Comodo block it so KCleaner can install then go to Add/Remove programs and uninstall Revelant Knowledge. But keep KCleaner!
Mike
Hmmm!
OK KCleaner and Relevant Knowledge are 2 different Programs.
The file Comodo is complaining about is rkverify.exe (the rk in rkverify has to do with Relevant Knowledge so let Comodo block it and remember the setting!
Also look in the Add/Remove for for the Relevant Knowledge and uninstall it!
Mike
OK KCleaner and Relevant Knowledge are 2 different Programs.
The file Comodo is complaining about is rkverify.exe (the rk in rkverify has to do with Relevant Knowledge so let Comodo block it and remember the setting!
Also look in the Add/Remove for for the Relevant Knowledge and uninstall it!
Mike
Well.. here's the problem. KCleaner wasn't working when I kept blocking it, so I unblocked it... (this is before I posted). <----- feels like an ***** now. I'm actually running my antivirus to make sure that things are ok.
I also looked in Add/Remove and there's no Relevant Knowledge.
I understand that its hard to trust someone over the internet to follow simple instructions, with all the idiocy out there, but I really didn't keep the Relevant Knowledge checkbox checked. ><!
I also looked in Add/Remove and there's no Relevant Knowledge.
I understand that its hard to trust someone over the internet to follow simple instructions, with all the idiocy out there, but I really didn't keep the Relevant Knowledge checkbox checked. ><!
Bobbye
Posts: 16,313 +36
Rutiene, your computer is slow because you have too many programs and processes loading at startup and running in the background. While the entries are legitimate they can be started manually when you need them.
The ONLY processes you need on Startup are:
Antivirus program(AVG)
Firewall is using 3rd party firewall
Touchpad for the laptop (Synaptics)
Nothing else!
Give this a try- it will give you an idea:
Start> Run> msconfig> enter> Selective Startup> Startup menu> UNCHECK everything except the processes mentioned above> Apply> OK.
Reboot> NOTE: you will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.
(Some of the processes may reload because they are loading from memory and have to be stopped elsewhere, but this should give you some idea of what it can be like!)
By the way, your helpers missed AdWatch. Real Time Protection needs to be temporarily disabled before the scans:
AD-AWARE AD-WATCH
The ONLY processes you need on Startup are:
Antivirus program(AVG)
Firewall is using 3rd party firewall
Touchpad for the laptop (Synaptics)
Nothing else!
Give this a try- it will give you an idea:
Start> Run> msconfig> enter> Selective Startup> Startup menu> UNCHECK everything except the processes mentioned above> Apply> OK.
Reboot> NOTE: you will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.
(Some of the processes may reload because they are loading from memory and have to be stopped elsewhere, but this should give you some idea of what it can be like!)
By the way, your helpers missed AdWatch. Real Time Protection needs to be temporarily disabled before the scans:
AD-AWARE AD-WATCH
In Services confirm Themes service is set to Automatic and is started.
Then in Control Panel Click System-Advanced-Performance Settings.
Put Dot in Adjust for best performance then in box below select only these 3 items.
Smooth edges of screen fonts
Use common tasks in folders
Use visual styles on windows and buttons.
Click Apply then OK OK
Now Rt click a blank spot on Desktop then left click properties, then Appearance and chose Windows XP style in the pulldown of Windows and bottons. Click Apply OK.
Let me know all remaining issues so we may continue of finish.
Mike
Then in Control Panel Click System-Advanced-Performance Settings.
Put Dot in Adjust for best performance then in box below select only these 3 items.
Smooth edges of screen fonts
Use common tasks in folders
Use visual styles on windows and buttons.
Click Apply then OK OK
Now Rt click a blank spot on Desktop then left click properties, then Appearance and chose Windows XP style in the pulldown of Windows and bottons. Click Apply OK.
Let me know all remaining issues so we may continue of finish.
Mike
- Status
Latest posts
-
All Cybertrucks recalled because acceleration pedals can become stuck- Daniel Sims replied
-
Astronomers gather additional evidence suggesting Planet Nine is real- Plutoisaplanet replied
-
These credit cards feature OLEDs that light up upon payment- Uncle Al replied
-
Amazon denies reports it started a business just to spy on rivals- nitebird replied
-
PlayStation 5 Pro will be bigger, faster, and better using the same CPU
- anastrophe replied
