Jump to content

Recommended Posts

First a little background information:

We are running Windows XP, SP3

Web browser we use is Firefox. I only use IE to manually check for Windows Updates or to download something from Microsoft that I can't download with Firefox. (we do have automatic updates on, however, since we don't use our computer that much, I like to manually check just in case something gets missed).

I have done a HJT with Miekemoes, and we didn't find anything on my computer other than Java that needed to be updated and Viewpoint that needed to be discarded of :) so I don't think its Malware. I'm wondering if there are leftovers from the PC Tools programs that are bogging down my computer still. We only recently uninstalled them.

If anyone could help me figure this out, that would be awesome :) I just want the computer to be faster, not be slow, and not have my husband complaining about it all the time :) lol. Not to mention that its nice to have a faster computer!! He keeps saying how he never used to have any AV on his computer and he never got anything and then how he only had the AVG Free and it was quick updating but now it takes forever.. etc.. etc... Honestly I am surprised he never got anything on there, but he is very careful.

Link to post
Share on other sites

Please download Sysinternals Autoruns from here.

  • Save Autoruns.exe to your desktop and double-click it to run it.
  • Once it starts, please press the Esc key on your keyboard.
  • Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures
  • Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
  • When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop.
  • Now right-click on the Autoruns.arn file located on your desktop and highlight Sent To and select Compressed (zipped) Folder
  • Please attach the Autoruns.zip file you just created to your next post.
Link to post
Share on other sites

Thank you! I will do this tonight when I get home :) (Printing off the directions right now just in case I need them.)

Oh, and just a question, no personal information will get recorded, will it? I just don't want to accidentally post something. Just checking :)

Link to post
Share on other sites

Nope, no personal info :) . It just shows me what programs run when your computer starts up.

Attached is the zip folder.

Or not.

At the bottom of my screen it says:

Attachments

Manage Current Attachments (0)

Attachment space used 497.41K of 500K

Error Upload failed. The file was larger than the available space

How can I show you the folder? It won't let me upload it! :)

Link to post
Share on other sites

Hmm thanks :)

Is there any way to delete it afterwards? I don't want it saved on a site I can't delete it off afterwards just in case.

I wonder if photobucket would work too?

Link to post
Share on other sites

AdvancedSetup and Exile: I figured out how to delete past attachments. I guess you're allowed only a certain amount :)

Exile:

please let me know if you didn't get the file. I saw that you were on and were looking at this thread, so I deleted it to free up space in my attachments since I figured you got it.

Link to post
Share on other sites

Thanks AdvancedSetup :)

I figured out how to delete current attachments on here though and was able to attach the folder. I'll keep that link in mind if I need it in the future though.

Link to post
Share on other sites

Run Autoruns again and uncheck the following:

Under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:

  • AppleSyncNotifier (only disable this if you don't have an iPod Touch or iPhone or if you don't synchronize your email and calendars to those devices)
  • DMXLauncher
  • igfxhkmcmd
  • ISUSPM Startup
  • ISUSScheduler
  • mmtask
  • QuickTime Task
  • SoundMAXPnP
  • SunJavaUpdateSched (safe to disable as long as you check for Java updates on your own, if you don't, then leave it alone)

Under C:\Documents and Settings\All Users\Start Menu\Programs\Startup:

  • Digital Line Detect.lnk
  • NkbMonitor.exe.lnk (unless you use your Nikon camera with your PC a whole lot, there's no reason for this to run every time your system boots)
  • QuickBooks Update Agent.lnk (as long as you check for updates to QuickBooks on your own [if you even use QuickBooks] then you don't need this to startup)

Under C:\Documents and Settings\******\Start Menu\Programs\Startup:

  • RCA Detective.lnk Note: I did some searching on this one and didn't find too much info on what it's actually for, if you determin that it is unneeded you can disable it, if not, then leave it alone

Under HKCU\Software\Microsoft\Windows\CurrentVersion\Run:

  • ctfmon
  • DellSupport This program checks Dell.com for driver updates, but you can do the same using the link in your start menu under all programs and if you're computer's older, Dell won't have any new drivers anyway
  • DellTranferAgent See above as it's related to the same program and need not run if you check for driver updates on your own

Under HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects:

  • Java™ Plug-In 2 SSV Helper (Useless Java component that tries to make sure only newest installed version of Java is loaded, since you keep Java up to date and remove old versions, this can only slow your browser down)
  • JQSIEStartDetectorImpl Class (Auto loads Java each time IE is run and slows it down, again kinda pointless since most web sites don't use Java anyway)

Under HKLM\System\CurrentControlSet\Services:

  • Fax (If you don't send or receive faxes from your PC, disable this one)
  • JavaQuickStarterService (As mentioned previously, most pages don't use Java, so it doesn't need a service running in the background all the time to try and speed it up)
  • upnphost (Since you have no other computers on your network you don't need to have a service running that is used for sharing devices with other PC's over a network)
  • Viewpoint Manager Service (I believe you said you removed Viewpoint, if you didn't then uninstall it now, if you did, then uncheck this entry anyway for good measure)

SpybotSD TeaTimer I know it's a security tool, but these days TeaTimer does little more than waste CPU and really slow things down. They don't update Spybot frequently enough to make running their background process worth it

  • Please run Spybot Search & Destroy and click the "Mode" button at the top and select "Advanced" Answer Yes to the window that pops up.
  • Expand the section on the left called "Tools" then click the "Resident" button (it should look like an orange shield)
  • In the main program you should see some options under "Resident protection status"
  • Please uncheck the box next to "Resident TeaTimer" and answer yes to any prompts and exit Spybot.
  • Right-click on the TeaTimer tray icon next to your clock (it should look like a small white box with a small silver pad-lock) and select Exit Spybot-S&D Resident
Link to post
Share on other sites

Exile:

Thank you!!

The only "i" thing I have is an iPod nano, an older one, so I think that this is fine to disable :)

Thank you so much and I'll do this either tonight or in the morning when I get up and report back to you!

P.S I did notice some difference after getting rid of Desktop Maestro and Registry Mechanic by the way.

Link to post
Share on other sites

  1. You should be able to tranfer your pictures from your Nikon just fine without the program running, if you find you can't then just run the program manually (it should have a shortcut in a folder in the Start menu under "All Programs")
  2. Java will work just fine without those components running, they're just designed to make Java load faster in web pages, but all they really seem to do is make the computer and your browser slower so I always disable them :) .
  3. I use Pidgin myself and highly recommend it :)
  4. Yes, TeaTimer is mostly useless these days. It doesn't even block all startups and registry changes the way it used to and instead only blocks known bad startups based on its definitions, which as I said, aren't updated that frequently so it's kinda useless unless you put it in "Paranoid" mode which blocks everything and asks your permission before the changes are allowed which gets really annoying, especially if you don't really know a lot about computers and the Windows Registry. The "Paranoid" mode is the way it used to work by default and that's why you'll find most experts recommending disabling TeaTimer during a malware removal because they're used to it working the old way, blocking all changes which would often make it block the removal of a malicious startup item from the registry.
Link to post
Share on other sites

1) Thanks :)

2) Alright, good to know

3) yay! I think I'll just go with that then :)

4) Ah hah! I remember that SpyBot used to ask me if I wanted to make registry changes all. I was wondering why it didnt' ask anymore. Good to know, good to know :)

Link to post
Share on other sites

Alright Exile, here you go:

(I moved the other two files that I had made for your originally with autoruns into another folder, so this should be the correct folder.)

Link to post
Share on other sites

Thanks a million :)

I did not. Should I do that now?

Oh, a question I thought of to ask you about that:

sometimes there are teatimer updates when you update SpyBot, should I just not update teatimer then? or would I still download those updates?

Link to post
Share on other sites

Yes, you can disable it now, just follow my instructions for how to do so above. As far as updates, you can still download the TeaTimer updates as it won't activate TeaTimer when you download them, but it would be good to have them just in case you decide to ever use TeaTimer in the future (doubtful, but you never know so it doesn't hurt :) ).

Link to post
Share on other sites

Thanks :)

I'll disable it, restart, and report back to you.

Then time for bed.

I had a deer walk in front of me but thankfully I wasn't too close and was able to slow down and nothing happened.

heh, sorry, just had to get it off my chest :)

Link to post
Share on other sites

You are amazing! As far as I can tell, it seems MUCH faster. I mean wow!! :) He should be quite happy now :) Hopefully he won't grumble anymore about how its a POS and how I messed it up :) I don't mind that its faster now either :)

Hmmm probably just the paranoia in me, mainly concerned about possibly disabling AVG, but, if I ran autoruns for you one more time, and posted the folder, would you be able to double-check for me to make sure nothing is gone that shouldn't be?

Also, spybot isn't showing up in the taskbar anymore, I assume that that is normal? It's still protecting my browser, right? and I can still update and scan with it, correct?

Link to post
Share on other sites

Thanks :)

After that I am going to get rid of the viewpoint thing, limewire, and my old aim just for good measure since I need to do those things anyway, restart, and then I am going to bed. I updated to aim 6 but the old one didn't go away. I have pretty much decided to go with Pidgin but will keep the other messengers around a couple of weeks until I am good with Pidgin like Miekemoes suggested :)

Can I still scan with spybot even though I disabled the teatimer?

Attached is the folder.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.