Very slow - multiple ie, system resources overwhelmed
- Thread starter taxmom415
- Start date
- Status
Bobbye
Posts: 16,313 +36
Welcome to TechSpot, taxmom. I'll try to help you sort things out.
We will make this thread for the laptop only I'd like you to start a separate thread for the office desktop. It will be too confusing if I'm giving two sets of directions. Just start the thread, comment on any problems you're having with that system and leave the logs.
It helps me if you paste the HijackThis log in and attach the other two. That way I cam search directly from my browser.
You have used an old outdated version of HijackThis on the laptop. Please install the current version v2.0.2
HERE
.
Please run a new scan with that and paste the log into your next reply.
You main problem is the adware MySearch:"MySearch" is a search bar application that integrates with Internet Explorer.
Installation is via ActiveX control from the website
www. mysearch.com/install/mysbar/splash.html.
If you wish to remove it, I will color code the entries for it in the HijackThis log and instruct you in removing all of it. IT is very pervasive and no doubt the cause of the problem you are now having.
---------------------------------------------------
I took a quick look at the HJT log for the other computer and see you did run the current version on it. I see also that it has IE8 which in itself shows multiple iexplore.exe- which is normal. I also looked at the Mbam log and see it found multiple files with the adware My WebSearch.
My Search and MyWebSearch are both adware. they install bit different. Each can be removed if you choose.
So we have two completely different systems and that is best handled on separate threads.
-----------------------------
Question on the laptop for these entries:
O16 - DPF: {710B08F6-6CD1-48EA-BC2F-5D31741DC480} (03WebInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/03webinstall.cab
O16 - DPF: {72109033-D398-49B6-8C11-A15619BEE0AF} (04WebInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/04webinstall.cab
O16 - DPF: {AC163DAC-4745-47BB-BAB7-1D7A46292F64} (02PrepInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/02prepinstall.cab
O16 - DPF: {C17F4F67-8040-4E2D-86E3-EF8E4833A5C2} (02WebInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/02webinstall.cab
O16 - DPF: {CD48759E-5CC9-43DC-A690-C999F9D1F73A} (04PrepInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/05prepinstall.cab
Are these 5 different tax accounts? Do do anything with them now- just tell me if they are.
We will make this thread for the laptop only I'd like you to start a separate thread for the office desktop. It will be too confusing if I'm giving two sets of directions. Just start the thread, comment on any problems you're having with that system and leave the logs.
It helps me if you paste the HijackThis log in and attach the other two. That way I cam search directly from my browser.
You have used an old outdated version of HijackThis on the laptop. Please install the current version v2.0.2
HERE
.
Please run a new scan with that and paste the log into your next reply.
You main problem is the adware MySearch:"MySearch" is a search bar application that integrates with Internet Explorer.
Installation is via ActiveX control from the website
www. mysearch.com/install/mysbar/splash.html.
If you wish to remove it, I will color code the entries for it in the HijackThis log and instruct you in removing all of it. IT is very pervasive and no doubt the cause of the problem you are now having.
---------------------------------------------------
I took a quick look at the HJT log for the other computer and see you did run the current version on it. I see also that it has IE8 which in itself shows multiple iexplore.exe- which is normal. I also looked at the Mbam log and see it found multiple files with the adware My WebSearch.
My Search and MyWebSearch are both adware. they install bit different. Each can be removed if you choose.
So we have two completely different systems and that is best handled on separate threads.
-----------------------------
Question on the laptop for these entries:
O16 - DPF: {710B08F6-6CD1-48EA-BC2F-5D31741DC480} (03WebInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/03webinstall.cab
O16 - DPF: {72109033-D398-49B6-8C11-A15619BEE0AF} (04WebInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/04webinstall.cab
O16 - DPF: {AC163DAC-4745-47BB-BAB7-1D7A46292F64} (02PrepInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/02prepinstall.cab
O16 - DPF: {C17F4F67-8040-4E2D-86E3-EF8E4833A5C2} (02WebInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/02webinstall.cab
O16 - DPF: {CD48759E-5CC9-43DC-A690-C999F9D1F73A} (04PrepInstall) - https://www.lacertesoftware.com/my_account/web_downloads/bin/05prepinstall.cab
Are these 5 different tax accounts? Do do anything with them now- just tell me if they are.
new HJT log
Sorry, I ran a log then upate an ran new log but sent you old log...ooops. here is the correct one.
Yes, those entries are for tax software...the 02, 03 etc denotes tax year... thank you for all your help. Yes would love to remove mywebsearch!
this site wont let me put imbedde until i have 5 posts.... so will attach log again
Sorry, I ran a log then upate an ran new log but sent you old log...ooops. here is the correct one.
Yes, those entries are for tax software...the 02, 03 etc denotes tax year... thank you for all your help. Yes would love to remove mywebsearch!
this site wont let me put imbedde until i have 5 posts.... so will attach log again
Bobbye
Posts: 16,313 +36
Okay, so we're just doing the laptop here, right?
And I screwed that up by telling you the main problem was MyWebSearch! See how confusing it can be with information from 2 computers on same thread!
But I was the one who made the mistake. We will check again for MWS on the office computer when we do that- on a different thread. If you can copy what I wtore about that and save it, we'll apply it to the other system.
For the laptop, malware is not the problem -you have a lot of unecessary processes loading on startup. All of those processes will run in the background and after you've surfed for a while and gotten more temporary internet files, you're going to slow down. So the best thing to do is not load them on boot, but only manually as needed.
About the multiple iexplore.exe processes- that's normal with IE8, but one thing I want to caution you about that I ran into with someone else> you only need to launch IE once. Set the tabs for the sites you visit often throughout the day. I use Firefox with tab and have 7 tabs open on my homepage. But I only launch FF once. I can add tabs or use tabs for different URLs. Once you get use to tabs, you will never want to be without.
The only processes that need to start on boot are:
Antivirus
Firewall if you have 3rd party fiewall like Comodo or Zonealarm
Process for the touchpad on the laptop (C:\Program Files\Apoint\Apntex.exe}
Possible Intel wireless process.
Network process is you have Network Magic
Nothing else!
You control that 3 ways:
1. Start> Run> type in msconfig> enter> Selective Startup> Startup menu> UNCHECK everything except the processes I mentioned> Apply> OK
(Note: the first time you reboot aftaking changes using msconfig, you will get a nag message- you can ignore it and close it after checking 'don't show this message again'. You must stay in Selective Startup to keep the changes.
2. Start> Run> type in services.msc> customize the Services so that only the feww need to be on Automatic Startup, most can be set to Manual and some can be disabled. You must alway check the Depen]denct tab when changing a Service Startup.
This is best done in Safe Mode. Here is the best site on the internet for Services help:
Black Viper's Windows XP x86 (32-bit) Service Pack 3 Service Configurations
3. Some procsses are started through the Registry. The safest way to handle this is to uninstall any programs or apps you don't use/need/want using either the uninstaller in the program or Add/Remove Programs in the Control Panel.
FYI: I have a Dell laptop and a Dell deskstop. I connect trhough a wireless router and have file sharing (network) set up between the 2 systems. The startup processes are the AV, Appoint, Intel wireless and 2 Network Magic processes- nothing else. The usual number of process in the Task Manager is about 36.
You will find an excellent reference about Startups from pacsportal:
http://www.pacs-portal.co.uk/startup_content.php#THE_PROGRAMS
Once you hve finished cleaning up- Empty the Recycle Bin
Once you get the system set up, you can sit back and enjoy whatever you want to do with it!
--------------
One f those tax files I asked you about-the 05- on had a Backdoor.bot infection.:
Files Infected:
C:\Lacerte\05tax\cor\or\c5ordiag.dll (Backdoor.Sdbot)
So just to be on the safe side, if you have it saved somewhere, do a right click on it and let the AV scan it. Also most anti-malware programs will also scan on a right click.
-------------------------------
Remove all of the tools we used and the files and folders they created
If you are prompted to Reboot during the cleanup, select Yes.
--------------------------------
You should now set a new Restore Point to prevent infection from any previous Restore Points. The easiest and safest way to do this is:
BASIC SECURITY
You need 'layered' protection. This consist of: one antivirus program, one firewall and two or more spyware/adware programs.Here are my recommendations- all free and good:
Use one known, good Antivirus Program and configure it to update regularly.
Avira Free
OR
Avast Home
Use one bi-directional firewall
Comodo
OR
Zone Alarm
Note: You should have only one software firewall. You may also use a router. Most routers have a hardware firewall in them. You can use both hardware and software firewalls together, but use only one software firewall.
Please use the site addresses I have given. They are for the free versions, firewall only. Some companies have bundled programs.
Use 2 or more reliable and trusted anti-spyware/malware programs
Spywareblaster- Download and Tutorialhttp://www.bleepingcomputer.com/tutorials/tutorial49.html[b
Spybot Search & Destroy download and Tutorial
Spybot Search & Destroy has a Resident called TeaTimer that can be set to run as Real Time Protection
AdAware
Always update these programs right before scanning.
Special programs to help with security.
These are special programs you may add to further enhance the system security:
Host Files: these are databases for IPs or Domains that will automatically be blocked and prevented from accessing your system.You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers.
Recommended:MVPS Host Files
MVPS Host Tutorial
Most of this can also be applied to the office computer. But we will do that separately.
IfI can be of further help for the laptop, please let me know.
And I screwed that up by telling you the main problem was MyWebSearch! See how confusing it can be with information from 2 computers on same thread!
But I was the one who made the mistake. We will check again for MWS on the office computer when we do that- on a different thread. If you can copy what I wtore about that and save it, we'll apply it to the other system.
For the laptop, malware is not the problem -you have a lot of unecessary processes loading on startup. All of those processes will run in the background and after you've surfed for a while and gotten more temporary internet files, you're going to slow down. So the best thing to do is not load them on boot, but only manually as needed.
About the multiple iexplore.exe processes- that's normal with IE8, but one thing I want to caution you about that I ran into with someone else> you only need to launch IE once. Set the tabs for the sites you visit often throughout the day. I use Firefox with tab and have 7 tabs open on my homepage. But I only launch FF once. I can add tabs or use tabs for different URLs. Once you get use to tabs, you will never want to be without.
The only processes that need to start on boot are:
Antivirus
Firewall if you have 3rd party fiewall like Comodo or Zonealarm
Process for the touchpad on the laptop (C:\Program Files\Apoint\Apntex.exe}
Possible Intel wireless process.
Network process is you have Network Magic
Nothing else!
You control that 3 ways:
1. Start> Run> type in msconfig> enter> Selective Startup> Startup menu> UNCHECK everything except the processes I mentioned> Apply> OK
(Note: the first time you reboot aftaking changes using msconfig, you will get a nag message- you can ignore it and close it after checking 'don't show this message again'. You must stay in Selective Startup to keep the changes.
2. Start> Run> type in services.msc> customize the Services so that only the feww need to be on Automatic Startup, most can be set to Manual and some can be disabled. You must alway check the Depen]denct tab when changing a Service Startup.
This is best done in Safe Mode. Here is the best site on the internet for Services help:
Black Viper's Windows XP x86 (32-bit) Service Pack 3 Service Configurations
3. Some procsses are started through the Registry. The safest way to handle this is to uninstall any programs or apps you don't use/need/want using either the uninstaller in the program or Add/Remove Programs in the Control Panel.
FYI: I have a Dell laptop and a Dell deskstop. I connect trhough a wireless router and have file sharing (network) set up between the 2 systems. The startup processes are the AV, Appoint, Intel wireless and 2 Network Magic processes- nothing else. The usual number of process in the Task Manager is about 36.
You will find an excellent reference about Startups from pacsportal:
http://www.pacs-portal.co.uk/startup_content.php#THE_PROGRAMS
Once you hve finished cleaning up- Empty the Recycle Bin
Once you get the system set up, you can sit back and enjoy whatever you want to do with it!
--------------
One f those tax files I asked you about-the 05- on had a Backdoor.bot infection.:
Files Infected:
C:\Lacerte\05tax\cor\or\c5ordiag.dll (Backdoor.Sdbot)
So just to be on the safe side, if you have it saved somewhere, do a right click on it and let the AV scan it. Also most anti-malware programs will also scan on a right click.
-------------------------------
Remove all of the tools we used and the files and folders they created
- DownloadOTCleanIt by OldTimer
- Save it to your Desktop.
- Double click OTCleanIt.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
If you are prompted to Reboot during the cleanup, select Yes.
--------------------------------
You should now set a new Restore Point to prevent infection from any previous Restore Points. The easiest and safest way to do this is:
- Go to Start > All Programs > Accessories > System Tools and click "System Restore".
- Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new Restore Point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
- Go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
- Click "OK" to select the partition or drive you desire.
- Click the "More Options" Tab.
- Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one. More details and screenshots for Disk Cleanup in Windows Vista can be found here.
BASIC SECURITY
You need 'layered' protection. This consist of: one antivirus program, one firewall and two or more spyware/adware programs.Here are my recommendations- all free and good:
Use one known, good Antivirus Program and configure it to update regularly.
Avira Free
OR
Avast Home
Use one bi-directional firewall
Comodo
OR
Zone Alarm
Note: You should have only one software firewall. You may also use a router. Most routers have a hardware firewall in them. You can use both hardware and software firewalls together, but use only one software firewall.
Please use the site addresses I have given. They are for the free versions, firewall only. Some companies have bundled programs.
Use 2 or more reliable and trusted anti-spyware/malware programs
Spywareblaster- Download and Tutorialhttp://www.bleepingcomputer.com/tutorials/tutorial49.html[b
Spybot Search & Destroy download and Tutorial
Spybot Search & Destroy has a Resident called TeaTimer that can be set to run as Real Time Protection
AdAware
Always update these programs right before scanning.
Special programs to help with security.
These are special programs you may add to further enhance the system security:
Host Files: these are databases for IPs or Domains that will automatically be blocked and prevented from accessing your system.You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers.
Recommended:MVPS Host Files
MVPS Host Tutorial
Most of this can also be applied to the office computer. But we will do that separately.
IfI can be of further help for the laptop, please let me know.
- Status
Similar threads
Latest posts
-
"CPUs Don't Matter For 4K Gaming"... Wrong!- cristianm replied
-
PC market recovery leads to increased client CPU shipments, but server sales lag- i like foxes replied
-
Gamers hack classic Tetris on NES to run custom code without altering cartridges- GodisanAtheist replied
