Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Computer booting slowly & suspicious behavior


(!)

eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
04-Aug-2012, 11:41 AM #31
Okay, I have figured out why this isn't working. Can you re-scan with OTL to produce the main log, but instead of posting it in the thread, can you upload it as an attachment:

Click on the Go Advanced button for the uploading options at the bottom of this page (in the picture below )[/list]

  • In there, at the bottom, click on the button Manage Attachments (in the picture below .
  • A window will appear, and then Browse to OTL.txt on your Desktop.
  • Click Upload, and when uploaded click Close this Window
  • Then, in the previous window, click on Add Reply

__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

MVP in Consumer Security
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
05-Aug-2012, 05:56 AM #32
Txt-file has been attached.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
07-Aug-2012, 02:57 PM #33
Okay, if you download the attached file, open it up and copy/paste the full contents and run the fix as you did before, and then post the log
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
08-Aug-2012, 09:16 AM #34
Log has been attached.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
09-Aug-2012, 03:54 PM #35
Still there

Okay, going to check with the developer on that part, but apart from that it all looks okay. Can you run this tool that will clean up any remains of dead entries:

Please download Runscanner to your desktop and run it.
  • When the first page comes up select Beginner Mode
  • On the next page select Save a binary .Run file (Recommended) then click Start full scan at the top.
  • At this time Runscanner.exe may request access to the Internet through your firewall please allow it to do so, it will then run for two or three minutes.
  • On completion it will ask for a location to save the file and a name. It will do this for both the .run file and the log file
  • Call the .run file "RSReport" and save it to your desktop. You will see the RSReport.run file on your desktop. Rightclick on it and select Send To then select Compressed (zipped) Folder and upload that zip here. Click on the Go Advanced button for the uploading options at the bottom of this page (in the picture below )


  • In there, at the bottom, click on the button Manage Attachments (in the picture below .
  • A window will appear, and then Browse to RSReport.zip on your Desktop.
  • Click Upload, and when uploaded click Close this Window
  • Then, in the previous window, click on Add Reply

eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
09-Aug-2012, 04:02 PM #36
Okay, got how to do it


If you can leave the Runscanner for now, but I'll leave it posted in case you see it on your email message

So, download the fix that I uploaded. However, just save it direct to your Desktop (don't open it).

Then, open up OTL and leave the Custom Code box empty. Click the Run Fix button, and a prompt will appear saying there is no fix loaded. Then, click OK then browse to the file you downloaded, and click Open.

Then, it will be shown in the Custom box, and then you can run the fix again
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
10-Aug-2012, 12:33 AM #37
The browse-window wasn't able to locate the file at first & the file-type couldn't be changed to "All Files", so I renamed the file to "Fix.txt", then the browse-window was able to recognize it & then ran the fix as usual.
Log has been attached.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
13-Aug-2012, 02:22 PM #38
Thanks for trying all this, but it still won't go

Okay, lets leave that for now, can you run the RunScanner as I posted above
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
13-Aug-2012, 11:17 PM #39
No worries Zip has been attached.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
15-Aug-2012, 02:44 PM #40
Download the attachment at the end of this post. This will be your RSReport file, with the fixes I need you to do.
  • Save it to your desktop, then extract the RSReport.run file to your Desktop, overwriting the existing one.
  • Open the runscanner folder and double click on the runscanner.exe file.
  • This time select the Expert Mode
  • Click the button Open Run File
  • Click on the RSReport file, and select Open
  • click the Item Fixer tab
  • Click the button at the top called Fix selected items
  • Accept the warning(s) and repeat until they are all gone.
  • Reboot your PC


----------

How's the computer running now?

eddie
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
16-Aug-2012, 01:18 PM #41
Did everything as directed.

Computer has been running smoothly for a week or two at the least; no major issues, no booting problems, no freezing, no yellow-screens
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
19-Aug-2012, 01:33 PM #42
Excellent, so we can remove the tools we've used now

You can mark this thread Solved at the top of this page, if its all running okay


Any questions about the following, just ask


We have a couple of last steps to perform and then you're all set.

Firstly, lets uninstall the tools we've used:

Follow these steps to uninstall Combofix and tools used in the removal of malware

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall



Then, run this:
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

======================
Uninstall SUPERAntiSpyware from AddRemove Programs.

Also, remove the following from the Desktop, if still there after doing the above:


aswMBR
TDSSKiller
Security Check
AppRemover
SystemLook
AVPTool
avptool_sysinfo.zip
Runscanner
RSReport.run


=======================

Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Create Restore Point (Win XP)

(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.


Making Internet Explorer More Secure


Go to Control Panel and open the Internet Options. Click on the Advanced tab and do the following:
  • Tick Empty Temporary Internet Files When Browser is Closed under Security. Apply


Then, click on the Security tab and do the following:
  • Make sure the Internet icon is selected.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt.
  • Change the Download unsigned ActiveX controls to Disable.
  • Change the Initialise and script ActiveX controls not marked as safe to Disable.
  • Change the Installation of desktop items to Prompt.
  • Change the Launching programs and files in an IFRAME to Prompt.
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.

Then click on the Advanced tab and do the following:
  • Scroll down to Security section.
  • Tick the box for Empty Tempory Internet Files when Browser is Closed
  • Next press the Apply button and then the OK to exit the Internet Properties page.



Makeing FireFox More Secure

Please visit this page to explain how to make Firefox more secure - How to Secure Firefox


Other Software Updates
It is very important to update the other software on your computer to patch up any security issues you may have. Go HERE to scan your computer for any out of date software. In particular make sure you download the updates for Java and Adobe as these are subject to many security vulnerabilities.



Also, its a good idea to keep on top of removing any Temp files etc every month or so. To do this, Windows has a pretty good tool.
  • Go to Start | Programs | Accessories | System Tools | Disk Cleanup
  • It should start straight away, but if you have to select a drive, click on the C-drive.
  • Let it run, and at the end it will give you some boxes to tick.
  • All are okay to enable, then press OK and then Yes to the question after.
  • It will close after its completed.

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visitmonthly. And to keep your system clean run this free malware scannerweekly, and be aware of what emails you open and websites you visit.

To learn more about how to protect yourself while on the internet read this about Security online: General Security Information, How to tighten Security Settings and Warnings

Have a safe and happy computing day!

eddie
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
20-Aug-2012, 01:33 PM #43
Everything seems fine so I've marked the thread as Solved. Thank you very much for all the help, all of you helpers here are such fine people to expend your valuable time & energy on helping out others. Thank you
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
21-Aug-2012, 03:12 PM #44


No problem, glad its all okay
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
boot, rootkit, slow, startup, virus

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2