I am new to techspot and would welcome and invite any help. You may have to walk me through some of this, but I am a quick learner. While on line I have other windows opening up in minimized form. I have run adware, malware bytes, vundo fix and avast. Nothing seems to be helping. Now my sessions are crashing while on line. I ran hijack this and do not know what is good and what is bad. Can someone please help me? I am completely frustrated. Thank you so much, hlratliff
Crashing while on line
- Thread starter hlratliff
- Start date
- Status
Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).
avg
Most importantly update MalwareBytes (MBAM) and SuperAntiSpyware (SAS)!
Before you scan with either MalwareBytes or SuperAntiSpyWare do the Extra Configs below these have become most important lately
SuperAntispyware extra config
After installed double-click the icon on your desktop to run it.
Update the program definitions.
Click the Preferences button.
Then Scanning Control.
In Scanner Options make sure all boxes are checked except #3 Ignore System Restore.. are checked:
MalwareBytes extra config
After update but before running
Click settings and confirm all are Checked.
I repeat Update these 2 programs.
Run them and attach their logs.
Do this correctly and we will make a short job of this!
Mike
Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).
avg
Most importantly update MalwareBytes (MBAM) and SuperAntiSpyware (SAS)!
Before you scan with either MalwareBytes or SuperAntiSpyWare do the Extra Configs below these have become most important lately
SuperAntispyware extra config
After installed double-click the icon on your desktop to run it.
Update the program definitions.
Click the Preferences button.
Then Scanning Control.
In Scanner Options make sure all boxes are checked except #3 Ignore System Restore.. are checked:
MalwareBytes extra config
After update but before running
Click settings and confirm all are Checked.
I repeat Update these 2 programs.
Run them and attach their logs.
Do this correctly and we will make a short job of this!
Mike
Bobbye
Posts: 16,313 +36
Perhaps you can just follow the steps here without all the extras:
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
There are links on the above page to download the programs. When you have finished, attach all three logs here for review.
When the cleaning is complete, you will be told how to remove the cleaning tools and old restore points.
Regarding this:
In MBAM: "* Make sure that everything is checked, and click Remove Selected."
In SAS: " * Make sure everything found has a checkmark next to it,then press 'Next'."
In HijackThis, WE will instruct you in which items to remove.
The instructions for Disabling Real Time monitoring are found here:
http://www.bleepingcomputer.com/forums/index.php?showtopic=114351&st=0&p=649843&#entry649843
This link is in Step 3. Please read the Steps first. You will then note that the information is all available to you there.
Two off the most common Real Time processes are: Tea Timer from Spybot Search & Destroy, AdWatch from the paid AdAware. But there are others so please review them in Step 3.
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
There are links on the above page to download the programs. When you have finished, attach all three logs here for review.
When the cleaning is complete, you will be told how to remove the cleaning tools and old restore points.
Regarding this:
Both Malwarebytes and SuperAntispyware have a line for you to check for the removal of the malware found:
In MBAM: "* Make sure that everything is checked, and click Remove Selected."
In SAS: " * Make sure everything found has a checkmark next to it,then press 'Next'."
In HijackThis, WE will instruct you in which items to remove.
The instructions for Disabling Real Time monitoring are found here:
http://www.bleepingcomputer.com/forums/index.php?showtopic=114351&st=0&p=649843&#entry649843
This link is in Step 3. Please read the Steps first. You will then note that the information is all available to you there.
Two off the most common Real Time processes are: Tea Timer from Spybot Search & Destroy, AdWatch from the paid AdAware. But there are others so please review them in Step 3.
OK good job!
Run SAS again as it may find more. We need to see a clean log!
ONLY after above do the below..
Download ComboFix
Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe
Double click combofix.exe follow the prompts.
Install Recovery Console if connected to the Internet!
When finished, it will open a log.
Attach the log and a new HJT log in your next reply.
Note: Do not click combofix's window while its running. That may cause it to stall.
=========================================
Download SDFix to Desktop.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
On Desktop run SDdFix It will run (install) then close.
Then reboot into Safe Mode
As the computer starts up, tap the F8 key several times.
On the Boot menu Choose Safe Mode.
Click thu all the prompts to get to desktop.
At Desktop
My Computer C: drive. Double-click to open.
Look for a folder called SD Fix. Double-click to enter SD Fix.
Double-click to RunThis.bat. Type Y to begin.
SD Fix does its job.
When prompted hit the enter key to restart the computer
Your computer will reboot.
On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.
Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Attach the Report.txt file to your next post.
Mike
Run SAS again as it may find more. We need to see a clean log!
ONLY after above do the below..
Download ComboFix
Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe
Double click combofix.exe follow the prompts.
Install Recovery Console if connected to the Internet!
When finished, it will open a log.
Attach the log and a new HJT log in your next reply.
Note: Do not click combofix's window while its running. That may cause it to stall.
=========================================
Download SDFix to Desktop.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
On Desktop run SDdFix It will run (install) then close.
Then reboot into Safe Mode
As the computer starts up, tap the F8 key several times.
On the Boot menu Choose Safe Mode.
Click thu all the prompts to get to desktop.
At Desktop
My Computer C: drive. Double-click to open.
Look for a folder called SD Fix. Double-click to enter SD Fix.
Double-click to RunThis.bat. Type Y to begin.
SD Fix does its job.
When prompted hit the enter key to restart the computer
Your computer will reboot.
On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.
Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Attach the Report.txt file to your next post.
Mike
Attached is the current log. Do I run it again before I do combofix, etc.?
It keeps saying that I need to rename combo fix. Help
This is exactly what it says. You cannot rename ComboFix as ComboFix[1]. Please use another name, preferably made up of alphanumeric characters.
Okay, I figured out combofix and completed it as well as sdfix. I have attached the log files you requested. Please let me know what we do next. Thank you, Hailey
It keeps saying that I need to rename combo fix. Help
This is exactly what it says. You cannot rename ComboFix as ComboFix[1]. Please use another name, preferably made up of alphanumeric characters.
Okay, I figured out combofix and completed it as well as sdfix. I have attached the log files you requested. Please let me know what we do next. Thank you, Hailey
You should now have improvement with your posted issues. How is computer running now?
OK looks good! But run MBAM after updating again in Quickscan mode. Minor issues but I always want to see a clean log?
Rename ComboFix.exe to 12cbf34.exe and run it again also.
Then the below will finish up hopefully.
Go here Download DrWeb https://www.techspot.com/vb/post724044-3.html
Then....
Boot to Safe Mode only! Not with Networking and run...
DrWeb will fisrt do an Express Scan on its own when it completes then you should do a full scan.
The first Virus it finds select Cure and it will use this as the default automatically for all the rest. What it can't fix will be Quarantined!
This will take a while based on CPU and HD speed and size, but is worth it!
Mike
OK looks good! But run MBAM after updating again in Quickscan mode. Minor issues but I always want to see a clean log?
Rename ComboFix.exe to 12cbf34.exe and run it again also.
Then the below will finish up hopefully.
Go here Download DrWeb https://www.techspot.com/vb/post724044-3.html
Then....
Boot to Safe Mode only! Not with Networking and run...
DrWeb will fisrt do an Express Scan on its own when it completes then you should do a full scan.
The first Virus it finds select Cure and it will use this as the default automatically for all the rest. What it can't fix will be Quarantined!
This will take a while based on CPU and HD speed and size, but is worth it!
Mike
Bobbye
Posts: 16,313 +36
Let's get a grip on those Tracking Cookies:
Reset Cookies:
You have malware in the restore points, so DON'T do a System Restore. The old restore points will be removed at the end of the cleaning.
Search and make sure this file is gone: qtwmci32.dll.
Regarding the ComboFix renaming:
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it
Again I add that AdWatch should be temporarily disabled before you do the scans:
This needs to be removed- O8 - Extra context menu item: &Search - ?p=ZRfox000it is part of MyWebSearch. The first SAS log shows MyWebSearch> hopefully you checked for removal But this file got by and needs to be removed.
Reset Cookies:
You have malware in the restore points, so DON'T do a System Restore. The old restore points will be removed at the end of the cleaning.
Search and make sure this file is gone: qtwmci32.dll.
Regarding the ComboFix renaming:
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it
Again I add that AdWatch should be temporarily disabled before you do the scans:
This needs to be removed- O8 - Extra context menu item: &Search - ?p=ZRfox000it is part of MyWebSearch. The first SAS log shows MyWebSearch> hopefully you checked for removal But this file got by and needs to be removed.
Try this 
Un-install Combofix
Note #2: Substitute Combofix for whatever name was used if renamed
Re-Download Combofix Instructions
Un-install Combofix
- Click START then RUN
- Now type Combofix /u in the runbox and click OK
-
- Any popup errors about Antivirus just ok or close
Note #2: Substitute Combofix for whatever name was used if renamed
Re-Download Combofix Instructions
- Download
Combofix to your desktop. - Rename ComboFix to ComboF
- Double click ComboF & follow the prompts.
- A window will open with a warning.
- When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Okay, I reloaded combofix and ran it again as well as MBAM. I took care of the cookies that Bobby suggested also. I ran Dr. Web and I got a little confused and deleted the 17 things it found instead of using the cure. I hope that was okay. I ran SAS again found some things, deleted and then ran again with clean results. Things seem to be much better with the exception that it takes my browser page a long time to load any thoughts. Thank you all so much for all your help! I couldn't have done any of this without you. Hailey
I forgot to attach my logs.
I forgot to attach my logs.
All should be OK with the DrWeb but post its log.
For the Browser slow load.
Open SAS Click Preferences-Repairs
Then do the following Repairs
Enable Windows Explorer options
Internet Zone Security Reset
Remove Explorer Policy Restrictions
Remove Internet Explorer Policy Restrictions
Remove WinOldApp policy restrictions
Reset URL PreFixes
Reset Web Settings
Reset Winlogon Shell
Reset ZoneMap Settings
User Agent Post Platform Reset
User Agent reset
If you still have a Browser problem then we can continue with that but my closing below covers Temp and Registry cleanup so recheck the Browser issue again after that!
Thread Closing-------------------------------------------------------------------
Some of these tools update so often they require downloading again later if needed. But keep and run MBAM and SAS to maintain.
Remove ComboFix
Start-Run
type
combofix /u
Hit enter or click OK.
Please download OTCleanIt http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe
Save to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Yes to the "Begin cleanup Process?"
Approve all if prompted by Firewall. Approve Widows Defender or other guards or security programs while OTCleanIt attempting access to the Internet to allow all.
If prompted to Reboot click, Yes.
OTCleanit will delete itself when finished, If not delete it by yourself.
-------------------------------------------------------------------------------------
Run CCleaner (if you did 8 Steps you already have this)
http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.
Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.
KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner. (When installing uncheck Relevant Knowledge do not install)
Run it click Analyze when it finishes click Clean.
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below
Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "After cleanup at TechSpot".
Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.
As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.
It clears what is known as Shadow copies which are used by specialized back up programs.
This is if you have the Volume Shadow Copy running which is the default.
-------------------------------------------------------------------------------------
ERUNT
Add a redundent Reg backup, get and install ERUNT let it add itself to startup and do a backup on install check all boxes.
ERUNT http://www.larshederer.homepage.t-online.de/erunt/
Yes! Even if you use system restore and other backups Registry and Images.
-------------------------------------------------------------------------------------
Every two weeks or so, run MBAM and SAS until clean.
They take a while, so leave scanning while you are sleeping working or watching TV. If not done under the gun they can be scheduled not to interfere with computer time.
If they find something they can not clean, then get back to us.
Additionally run CCleaner. ATF-Cleaner and KCleaner.
----------------------------------------------------------------------------------------
I have been using ThreatFire for more than a year, it just went from ver 3 to ver 4.
It was designed to be used with and to co-exist with other Virus scanners.
Additionally it uses a totally different process to protect. While conventional Virus scanners work from definitions ThreatFire works on recognizing Virus/Malware activity.
It's like looking at it with 2 sets of eyes and from a different angle.
It works like some Firewalls do to learn what is good/bad.
After install it will ask you about everything that could be a security issue. For example the first time you run IE or FireFox it will prompt you. You would answer to approve and remember the setting. From then on no more prompts about IE or FireFox unless the exe changes like in an update.
As it queries you about the prompt to help you determine to approve or not you can google it with one click.
http://www.threatfire.com/Download/
-------------------------------------------------------------------------------------
Look at http://www.javacoolsoftware.com/spywareblaster.html
Run SpyBot ocassionally and use the Immunize function.
http://www.safer-networking.org/en/download/
I highly reccomend Hostman (Especially for you HL due to the issues you had related to your hosts file ): Hostman http://majorgeeks.com/HostsMan_d4592.html
Download install run and allow it to disable DNS Client and select all Host files and then Update and install all host files.
A Disk Scan (chkdsk) and Defrag are in order.
Mike
For the Browser slow load.
Open SAS Click Preferences-Repairs
Then do the following Repairs
Enable Windows Explorer options
Internet Zone Security Reset
Remove Explorer Policy Restrictions
Remove Internet Explorer Policy Restrictions
Remove WinOldApp policy restrictions
Reset URL PreFixes
Reset Web Settings
Reset Winlogon Shell
Reset ZoneMap Settings
User Agent Post Platform Reset
User Agent reset
If you still have a Browser problem then we can continue with that but my closing below covers Temp and Registry cleanup so recheck the Browser issue again after that!
Thread Closing-------------------------------------------------------------------
Some of these tools update so often they require downloading again later if needed. But keep and run MBAM and SAS to maintain.
Remove ComboFix
Start-Run
type
combofix /u
Hit enter or click OK.
Please download OTCleanIt http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe
Save to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Yes to the "Begin cleanup Process?"
Approve all if prompted by Firewall. Approve Widows Defender or other guards or security programs while OTCleanIt attempting access to the Internet to allow all.
If prompted to Reboot click, Yes.
OTCleanit will delete itself when finished, If not delete it by yourself.
-------------------------------------------------------------------------------------
Run CCleaner (if you did 8 Steps you already have this)
http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.
Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.
KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner. (When installing uncheck Relevant Knowledge do not install)
Run it click Analyze when it finishes click Clean.
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below
Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "After cleanup at TechSpot".
Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.
As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.
It clears what is known as Shadow copies which are used by specialized back up programs.
This is if you have the Volume Shadow Copy running which is the default.
-------------------------------------------------------------------------------------
ERUNT
Add a redundent Reg backup, get and install ERUNT let it add itself to startup and do a backup on install check all boxes.
ERUNT http://www.larshederer.homepage.t-online.de/erunt/
Yes! Even if you use system restore and other backups Registry and Images.
-------------------------------------------------------------------------------------
Every two weeks or so, run MBAM and SAS until clean.
They take a while, so leave scanning while you are sleeping working or watching TV. If not done under the gun they can be scheduled not to interfere with computer time.
If they find something they can not clean, then get back to us.
Additionally run CCleaner. ATF-Cleaner and KCleaner.
----------------------------------------------------------------------------------------
I have been using ThreatFire for more than a year, it just went from ver 3 to ver 4.
It was designed to be used with and to co-exist with other Virus scanners.
Additionally it uses a totally different process to protect. While conventional Virus scanners work from definitions ThreatFire works on recognizing Virus/Malware activity.
It's like looking at it with 2 sets of eyes and from a different angle.
It works like some Firewalls do to learn what is good/bad.
After install it will ask you about everything that could be a security issue. For example the first time you run IE or FireFox it will prompt you. You would answer to approve and remember the setting. From then on no more prompts about IE or FireFox unless the exe changes like in an update.
As it queries you about the prompt to help you determine to approve or not you can google it with one click.
http://www.threatfire.com/Download/
-------------------------------------------------------------------------------------
Look at http://www.javacoolsoftware.com/spywareblaster.html
Run SpyBot ocassionally and use the Immunize function.
http://www.safer-networking.org/en/download/
I highly reccomend Hostman (Especially for you HL due to the issues you had related to your hosts file ): Hostman http://majorgeeks.com/HostsMan_d4592.html
Download install run and allow it to disable DNS Client and select all Host files and then Update and install all host files.
A Disk Scan (chkdsk) and Defrag are in order.
Mike
Bobbye
Posts: 16,313 +36
I don't know how much memory (RAM) you have but crashes can also come if you use it all up. How? By having too many programs startup when you boot, then running in the background. And then if you open other programs additionally, they will use more of the RAM.
Here are some tips about common, unnecessary startups you have: NONE need to start when you boot:
I'm leaving help for you to stop:
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
REAL PLAYER:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
QUICK TIME
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
Big resource user
iTunesHelper.exe
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler.exe
Using msconfig to change Startup:
Start> Run> msconfig> enter> Selective startup> Startup tab> UNCHECK the process you don't want to start on boot>> when finished checking all of those you don't want> Apply> OK
NOTE: the first time you reboot after changing the Startup, you will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.
To change the Startup type for a related Service:
Start> Run> service.msc> double click the Service>> if you are going to use this, set it to Manual> if you aren't going to use this> set it to Disabled.
The following are browser helper objects and toolbars 02 BHO, 03Toolbar, loading when you boot. This take time. Do you really "need" them?
Toolbars:
Yahoo! Toolbar Helper
RealPlayer Download and Record Plugin for Internet Explorer
DriveLetterAccess
Google Toolbar Helper
Google Toolbar Notifier BHO
Google Dictionary Compression sdch
MSN Toolbar Helper
Java(tm) Plug-In 2 SSV Helper
JQSIEStartDetectorImpl
SingleInstance Class
MSN Toolbar
Google Toolbar
Yahoo!
Here are some tips about common, unnecessary startups you have: NONE need to start when you boot:
I'm leaving help for you to stop:
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
REAL PLAYER:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
QUICK TIME
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
Big resource user
iTunesHelper.exe
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler.exe
Using msconfig to change Startup:
Start> Run> msconfig> enter> Selective startup> Startup tab> UNCHECK the process you don't want to start on boot>> when finished checking all of those you don't want> Apply> OK
NOTE: the first time you reboot after changing the Startup, you will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.
To change the Startup type for a related Service:
Start> Run> service.msc> double click the Service>> if you are going to use this, set it to Manual> if you aren't going to use this> set it to Disabled.
The following are browser helper objects and toolbars 02 BHO, 03Toolbar, loading when you boot. This take time. Do you really "need" them?
Toolbars:
Yahoo! Toolbar Helper
RealPlayer Download and Record Plugin for Internet Explorer
DriveLetterAccess
Google Toolbar Helper
Google Toolbar Notifier BHO
Google Dictionary Compression sdch
MSN Toolbar Helper
Java(tm) Plug-In 2 SSV Helper
JQSIEStartDetectorImpl
SingleInstance Class
MSN Toolbar
Google Toolbar
Yahoo!
Mike, I am working on your latest set of instructions. I have run CCleaner several times and am running it again. I also did the registry, however I was unsure about whether or not to back up while it was fixing the problems so I chose no to the backup. I hope that's not a problem. With regard to javacoolsoftware, what do I need to do with that? Also do I need to download spybot and run that tonight also? Sorry to ask so many questions, but I'm not that knowledgeable when it comes to these kinds of things. Thanks, Hailey
No need at this time to run CCleaner more than till it is clean or finds something it can not clean and if it does leave it! It is a good idea to backup as you clean.
JavaCool download and install SpywareBlaster update and enable all protections.
On Spybot is optional. Spybot is way behind MBAM and SAS, but just may find something that these 2 miss. But the Immunize feature is great and worth installing the program for alone.I stll keep it myself.
Ask questions that is why I am here!
mike
JavaCool download and install SpywareBlaster update and enable all protections.
On Spybot is optional. Spybot is way behind MBAM and SAS, but just may find something that these 2 miss. But the Immunize feature is great and worth installing the program for alone.I stll keep it myself.
Ask questions that is why I am here!
mike
Okay, I've done everything on your list. I don't really know how to use Hostsman. Could you give me a little instruction? Thanks, Hailey
I downloaded javacool and spywareblaster.
I really need help with Bobbye's list. I'm kind of unsure how to even get started. I would like to be able to do all that he suggested but need simpler directions. Thanks, Hailey
Okay, I worked with Bobbye's list. I never use Real Player so I decided to uninstall but it wouldn't let me because it said the uninstall wasn't there. How do you get around that? Does SAS need to be checked on the start up? Does Threat Fire need to be check on start up? Basically what, if anything, needs to be checked on your start up menu? I'm still having a problem with my web browser opening slowly. Thanks, Hailey
I downloaded javacool and spywareblaster.
I really need help with Bobbye's list. I'm kind of unsure how to even get started. I would like to be able to do all that he suggested but need simpler directions. Thanks, Hailey
Okay, I worked with Bobbye's list. I never use Real Player so I decided to uninstall but it wouldn't let me because it said the uninstall wasn't there. How do you get around that? Does SAS need to be checked on the start up? Does Threat Fire need to be check on start up? Basically what, if anything, needs to be checked on your start up menu? I'm still having a problem with my web browser opening slowly. Thanks, Hailey
I will answer tomorrow.
Bedtime!
Mike
EDIT: Using Hostman
1st when it installs let it disable DNS Client.
2nd after install dbl click the Hostman Icon in the System Tray to get the program on the screen then click Hosts the check for updates
3rd make sure all 4 hosts boxes are checked then click Update and close it.
Now you have blocked thousands of known Malware Virus Spam porn and other malicious sites!
Mike
Bedtime!
Mike
EDIT: Using Hostman
1st when it installs let it disable DNS Client.
2nd after install dbl click the Hostman Icon in the System Tray to get the program on the screen then click Hosts the check for updates
3rd make sure all 4 hosts boxes are checked then click Update and close it.
Now you have blocked thousands of known Malware Virus Spam porn and other malicious sites!
Mike
Is avast adequate antivirus or would you suggest something else? Also, what can I do to speed up my web browser loading? I want to thank you for all your help, I am no longer getting those annoying web pages opening while i'm on line. Since I have super antispyware I uninstalled adware, is that okay?
Avast is very good not worth switching especially in combo with Threatfire and Hostman.
Ok on uninstalling Adaware.
Just remember to run MBAM and SAS occasionally while working sleeping or watching TV!
----------------------------------------------------------------------------------------------------------------------------------
Ok for the slow loading. Actually these steps speed up everything.
Clean and tweak services
In services stop and disable all of the below just to get them out of the way for now for trouble shooting purposes.
Nothing is un-installed or deleted only disabled from running!
They can be put back anytime later but I would not, as none of them are needed by most home users and very few business users. Basically stuff M$ thought you should have.
Disabled uses no memory (RAM) and no CPU cycles.
Manual uses the RAM but a small amount of CPU.
Auto and not started they use even more RAM and CPU.
Auto and started even more RAM and CPU ..
Now in this case we disabling for trouble shooting purposes. But when we finish if you leave them all off until it is noticed that you need one (not likely for 99%) then it can be enabled.
Leaving these all off, then becomes a performance tweak/boost as they free some RAM and CPU cycles! Special note. If you are going to pick and choose then be aware that the small amount of RAM and CPU cycles of each one individually is not significant but as a group it is! So if you need most of them (or just think you do because you don't) then just as well enable them all)!
Distributed Link Tracking Client
Distributed Transaction Coordinator
DNS Client
Fast User switching
Health Key and Certificate Management Service
Indexing service
Messenger
Net logon
Net.TCP Port Sharing
NetMeeting Remote Desktop Sharing
IPsec services
QoS RSVP
Remote Registry
Uninterruptable power supply
Universal Plug and play
Web Client
Windows media player Network Sharing
IF you are using a wired network card and "NOT" using wireless on this computer then you can
also disable
Wireless Zero configuration
Wireless Zero configuration is only used on computers with a wireless NIC like a Laptop. Do not disable Wireless Zero configuration on a Laptop. Has nothing to do with other wireless hardware like wireless routers etc.
In short if this computer has a CAT 5 or 6 cable and no ability to connect wirelessly if that cable is unplugged, then you can disable Wireless Zero configuration.
This is not to be confused with Wired Auto Config do not disable that!
The below procedure will do it all for you. Just remember do not agonize over this as nothing is removed or deleted, just stopped from loading/running.
Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
Then paste to the black screen of an open command prompt. All may not apply so ignore errors.
----------------------------------------------------------------------------------------------------------------------------------
Autoruns/Runscanner cleanup
Make sure hidden files and folders are shown. Open Windows Explorer click Tools or View and then Folder Options-View.
Choose Show hidden files and folders, uncheck Hide protected operating system files and click OK.
Download install and run AutoRuns http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Run it let it scan, then when it says ready at bottom left corner, make sure the EVERYTHING Tab is selected and then click File at top and then Find.
Type in the find box file not found and hit enter and delete all lines that have file not found.
When you reach the bottom the go back to top and click the first entry under The Everything Tab (to begin the search from that point) and search again in case any were missed.
This is a bunch of old stuff that M$ thought you might or would need that no longer exist, or for computers that are assumed to have SCSI or AMD processors but do not, or that you have Intel but do not!
After the file not found search scroll back to the top and highlight the very first entry so you are searching from the top and click Find and search for anything you want, if needed.
Then look carefully through all the Everything entries and delete anything that you may have had but uninstalled and thought were gone. If you are sure delete these also.
Next
Then get install and run:
RunScanner http://www.runscanner.net/download.aspx
Click Scan computer
Double click all Red lines to select, then click Item fixer and remove them.
Then click Extra stuff again select all Red lines. Then click back to Malware hunting and Click the Item fixer again and remove these.
Same as already said on AutoRuns stuff that was assumed to be need but you do not have.
None of these items can run as the file is missing so most of the improvement you may see comes as a quicker startup as windows no longer searches or tries to load some of these. But some have noticed a faster shutdown also.
Reboot and recheck with both AutoRuns and RunScanner.
----------------------------------------------------------------------------------------------------------------------------------
Specifically for IE, see if it helps your slow loading issue.
Run IE without addons.
Copy (don't change your original shortcut) an Internet explorer SHORTCUT name it IE no addons, then go into properties and add a space then -extoff to the end of the Target line.
Should look like this. "C:\Program Files\Internet Explorer\iexplore.exe" -extoff
This will run IE with all addons turned off. If no problem here then it is an addon that is the issue.
Mike
Ok on uninstalling Adaware.
Just remember to run MBAM and SAS occasionally while working sleeping or watching TV!
----------------------------------------------------------------------------------------------------------------------------------
Ok for the slow loading. Actually these steps speed up everything.
Clean and tweak services
In services stop and disable all of the below just to get them out of the way for now for trouble shooting purposes.
Nothing is un-installed or deleted only disabled from running!
They can be put back anytime later but I would not, as none of them are needed by most home users and very few business users. Basically stuff M$ thought you should have.
Disabled uses no memory (RAM) and no CPU cycles.
Manual uses the RAM but a small amount of CPU.
Auto and not started they use even more RAM and CPU.
Auto and started even more RAM and CPU ..
Now in this case we disabling for trouble shooting purposes. But when we finish if you leave them all off until it is noticed that you need one (not likely for 99%) then it can be enabled.
Leaving these all off, then becomes a performance tweak/boost as they free some RAM and CPU cycles! Special note. If you are going to pick and choose then be aware that the small amount of RAM and CPU cycles of each one individually is not significant but as a group it is! So if you need most of them (or just think you do because you don't) then just as well enable them all)!
Distributed Link Tracking Client
Distributed Transaction Coordinator
DNS Client
Fast User switching
Health Key and Certificate Management Service
Indexing service
Messenger
Net logon
Net.TCP Port Sharing
NetMeeting Remote Desktop Sharing
IPsec services
QoS RSVP
Remote Registry
Uninterruptable power supply
Universal Plug and play
Web Client
Windows media player Network Sharing
IF you are using a wired network card and "NOT" using wireless on this computer then you can
also disable
Wireless Zero configuration
Wireless Zero configuration is only used on computers with a wireless NIC like a Laptop. Do not disable Wireless Zero configuration on a Laptop. Has nothing to do with other wireless hardware like wireless routers etc.
In short if this computer has a CAT 5 or 6 cable and no ability to connect wirelessly if that cable is unplugged, then you can disable Wireless Zero configuration.
This is not to be confused with Wired Auto Config do not disable that!
The below procedure will do it all for you. Just remember do not agonize over this as nothing is removed or deleted, just stopped from loading/running.
Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
Then paste to the black screen of an open command prompt. All may not apply so ignore errors.
Code:
@echo off
sc config Alerter start= disabled
sc stop Alerter
sc config AeLookupSvc start= disabled
sc stop AeLookupSvc
sc config ClipBook start= disabled
sc stop ClipBook
sc config Dfs start= disabled
sc stop Dfs
sc config FastUserSwitchingCompatability start= disabled
sc stop FastUserSwitchingCompatability
sc config TrkWks start= disabled
sc stop TrkWks
sc config TrkSvr start= disabled
sc stop TrkSvr
sc config DNSCache start= disabled
sc stop DNSCache
sc config ERSvc start= disabled
sc stop ERSvc
sc config HidServ start= disabled
sc stop HidServ
sc config PolicyAgent start= disabled
sc stop PolicyAgent
sc config CiSvc start= disabled
sc stop CiSvc
sc config IsmServe start= disabled
sc stop IsmServ
sc config kdc start= disabled
sc stop kdc
sc config LicenseService start= disabled
sc stop LicenseService
sc config Messenger start= disabled
sc stop Messenger
sc config Netlogon start= disabled
sc stop Netlogon
sc config NetTcpPortSharing start= disabled
sc stop NetTcpPortSharing
sc config mnmsrvc start= disabled
sc stop mnmsrvc
sc config NetDDE start= disabled
sc stop NetDDE
sc config NetDDEdsdm start= disabled
sc stop NetDDEdsdm
sc config NtLmSsp start= disabled
sc stop NtLmSsp
sc config SysmonLog start= disabled
sc stop SysmonLog
sc config RSVP start= disabled
sc stop RSVP
sc config SSDPSRV start= disabled
sc stop SSDPSRV
sc config upnphost start= disabled
sc stop upnphost
sc config WMPNetworkSvc start= disabled
sc stop WMPNetworkSvc
sc config WmiApSrv start= disabled
sc stop WmiApSrv
sc config WmdmPmSN start= disabled
sc stop WmdmPmSN
sc config RemoteRegistry start= disabled
sc stop RemoteRegistry
sc config RemoteAccess start= disabled
sc stop RemoteAccess
sc config SCardSvr start= disabled
sc stop SCardSvr
sc config TlnSvr start= disabled
sc stop TlnSvr
sc config UPS start= disabled
sc stop UPS
sc config WebClient start= disabled
sc stop WebClient
sc config DNSCache start= disabled
sc stop DNSCache
sc config RpcSs start= Automatic
sc start RpcSs
sc config RpLocator start= Automatic
sc start RpcLocator
sc config MSIServer start= Automatic
sc start MSIServer
exit
exit----------------------------------------------------------------------------------------------------------------------------------
Autoruns/Runscanner cleanup
Make sure hidden files and folders are shown. Open Windows Explorer click Tools or View and then Folder Options-View.
Choose Show hidden files and folders, uncheck Hide protected operating system files and click OK.
Download install and run AutoRuns http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Run it let it scan, then when it says ready at bottom left corner, make sure the EVERYTHING Tab is selected and then click File at top and then Find.
Type in the find box file not found and hit enter and delete all lines that have file not found.
When you reach the bottom the go back to top and click the first entry under The Everything Tab (to begin the search from that point) and search again in case any were missed.
This is a bunch of old stuff that M$ thought you might or would need that no longer exist, or for computers that are assumed to have SCSI or AMD processors but do not, or that you have Intel but do not!
After the file not found search scroll back to the top and highlight the very first entry so you are searching from the top and click Find and search for anything you want, if needed.
Then look carefully through all the Everything entries and delete anything that you may have had but uninstalled and thought were gone. If you are sure delete these also.
Next
Then get install and run:
RunScanner http://www.runscanner.net/download.aspx
Click Scan computer
Double click all Red lines to select, then click Item fixer and remove them.
Then click Extra stuff again select all Red lines. Then click back to Malware hunting and Click the Item fixer again and remove these.
Same as already said on AutoRuns stuff that was assumed to be need but you do not have.
None of these items can run as the file is missing so most of the improvement you may see comes as a quicker startup as windows no longer searches or tries to load some of these. But some have noticed a faster shutdown also.
Reboot and recheck with both AutoRuns and RunScanner.
----------------------------------------------------------------------------------------------------------------------------------
Specifically for IE, see if it helps your slow loading issue.
Run IE without addons.
Copy (don't change your original shortcut) an Internet explorer SHORTCUT name it IE no addons, then go into properties and add a space then -extoff to the end of the Target line.
Should look like this. "C:\Program Files\Internet Explorer\iexplore.exe" -extoff
This will run IE with all addons turned off. If no problem here then it is an addon that is the issue.
Mike
- Status
Similar threads
Latest posts
-
Apple Vision Pro is facing declining interest and sales among consumers- themastergoose replied
-
HighPoint opens pre-orders for PCIe Gen 5 Rocket RAID card capable of 56 GB/s- Shawn Knight replied
-
As cloud computing evolves, Amazon's AWS looks for its role in generative AI- Bob O'Donnell replied
