Go to Page... |
|
Thread Tools | Display Modes |
|
11-07-07, 12:12 PM | #1 | |
[UPDATED] Slow System, Lag, Crashes, Virus, Spyware? Probable Fix
Finally updated!! there are some coding issues but I'll play with them when i have more free time
What you might be experiencing is what we like to call Malware / Spyware / Trojans / bad things, here is a little "How To" to fix those issues. And after you are done scanning your system please Defrag your system; you would be surprised as to how much speed you will pick up. This "How To" is simply to help folks that might otherwise not be familiar with some of these applications and processes. And none of these programs except the anti-virus run in your background nor do they take up any recourses other than when you run them. ========================== Make sure you don't have any viruses. Make sure you have an up-to-date virus checker on your system, and *gasp* actually use it once in a while. If you don't have a virus checker and can't afford to buy one, go to Trend Micro's Free online virus Scanner, House Call: http://housecall.trendmicro.com Although everyone should have an Antivirus (AV) Scanner and they should update it Daily, if you don't set it up to update automatically you will have to click the Update button. If you're looking for an excellent AV light on resources NOD32 is for you. You can at least give it a try: http://www.eset.com/home/home.htm Another Good and FREE scanner is AVG: http://free.grisoft.com/doc/1 Another thing to always do is to keep your system up to date from Microsoft (If it is a "special" copy of XP, uninstall KB892130 from the add/remove section [thanks monsterous2008]) http://update.microsoft.com/microsoftupdate/v6/ . ========================== Please print out a copy of this overview and use it to check off each step as it is completed. Throughout this guide you will see it says "post this HijackThis log to xxx" go HERE to get a list of forums that specialize in reading HijackThis logs. Save this 'checklist' of removal programs you have run, because they will be asking you to provide them with that information when it comes time to post a HijackThis log. Good Luck! ========================== before running any automatic cleaning programs or scanners, we request that you perform a Reference HijackThis scan and save the results tohijackthisref.log for later posting. This Reference HijackThis log will indicate what infections were present on your system and visible to HijackThis, prior to running any preliminary anti-malware tools. This log serves as an important baseline indicator to the person analyzing your HijackThis log, so be sure to save it properly. To download and properly install HijackThis: * Download the HijackThis Installer from Trendmicro by clicking HERE * Save the HJT Installer to to folder of your choice, then navigate to that folder and double-click HJTInstall.exe to start the installation. * When the Trend Micro HJT install box appears, click Install. * HijackThis (HJT) will be installed in the C:\Program Files\Trend Micro\HijackThis folder by default and a desktop shortcut will be created. To obtain your Reference HijackThis Log: * Select the Do a system scan and save a logfile option * HijackThis will analyze your system, and automatically open a notepad textfile containing the HijackThis log when the scan is finished. To save the Reference HijackThis log: * You must change the default log filename from hijackthis.log to hijackthisref.log * The file hijackthisref.log will be saved in the C:\Program Files\Trend Micro\HijackThis folder. * Make sure you are able to access hijackthisref.log for later posting, before moving on to the next step. PLEASE DO NOT ATTEMPT TO FIX ANYTHING WITH HIJACKTHIS. MOST OF THE HJT LOG ENTRIES ARE CRITICAL TO THE PROPER FUNCTIONING OF YOUR COMPUTER. REMOVING ESSENTIAL ENTRIES CAN POTENTIALLY CAUSE SERIOUS DAMAGE TO YOUR COMPUTER ========================== The Control Panel - Add/Remove Programs The first place to look when attempting to remove spyware/adware threats is in the "Add/Remove Programs" utility in the Control Panel . Many questionable programs are installed into their own program folder, using the customary method provided by WIndows and bear recognizable names. You may find adware/spyware Toolbars (Not the trustworthy ones like Google, MSN, Yahoo or AOL), bogus search aids such as WinTools, or NavHelper (NavExcel), and a variety of other suspect programs. After a program is uninstalled via "Add/Remove Programs", except in the most difficult cases, any remaining remnants will ordinarily be removed by the scanning programs we recommend. If you are unsure about whether or not to uninstall a specific program, you may find the answer in the Bleeping Computer Uninstall Database. Another very useful resource is Uninstall Malware via Add/Remove Programs by chaslang. Some additional spyware databases that may provide you with information about particular threats are The CounterSpy Threat Library and the Computer Associates Spyware Information Center If you cannot arrive at a definitive answer after consulting these resources, then leave the program intact and mention it when you post a reply. ========================== Please temporarily disable any real time monitoring programs. Some security programs with active monitoring processes are known to interfere with automatic scanners and can actually prevent HJT fixes from taking effect. Please turn off or disable any of the following programs you may have, before running your preliminary scans and for the duration of your HJT cleanup (should you post a log). To do disable these programs, please follow the instructions provided in the respective sections. Some of these programs will automatically restart upon reboot, so you will have to repeat these disabling steps as required. After Malware Removal is complete, you should reactivate these protective programs if you do not intend to post a HijackThis log. Spybot S&D (Teatimer)
Ad-Aware Ad-Watch
Spywareguard Right click the running icon of Spywareguard in the system tray to open the program. Then go to Menu, File, and choose Exit. It will automatically restart at next boot. Windows Defender
TrojanHunter Guard
Disable SpySweeper If you have Spy Sweeper version 4:
-------------- If you have SpySweeper version 5: To disable SpySweeper Shields
(or Shields on the left, depending what screen you're on).
WinPatrol Right-click the running icon of Winpatrol in the system tray and choose exit. It will automatically restart at next boot. CounterSpy
AVG Anti-Spyware (formerly ewido)
Spyware Doctor
Prevx
ProcessGuard
ZoneAlarm's OS Firewall
========================== Last edited by Tsurani : 01-29-08 at 09:31 PM. |
||
11-07-07, 12:12 PM | #2 |
Now please complete the following automatic malware detection and removal steps.
After you have installed the scanning programs listed below, please be sure to update them. A program is only effective if it updated with the latest definitions. Updating will help provide protection against the most recently introduced security threats. ========================== Cleaning out the Crap: Now "Clean out the Crap". By this we mean removing all the temporary, temporary Internet and other junk files that are stored on your computer. You may accomplish this by running CCleaner. CCleaner will not only clean out the garbage, but it will also remove malicious files which may be hiding in your temp folders. Make "Cleaning out the Crap" a part of your regular maintenance routine. CCleaner (All versions of Windows including Vista) CCleaner Download and Install Directions For a basic version of CCleaner with no Yahoo Toolbar Uncheck "Add CCleaner Yahoo! Toolbar", as it is checked by default during CCleaner Setup CCleaner Setup and Usage
Code:
In the Windows Tab: Clean all entries in the "Internet Explorer". If you prefer to keep your cookies, uncheck the Cookies entry. Deleting cookies will require re-entry of user names and passwords on next visit to sites that require users log in. Clean all the entries in the "Windows Explorer" section. Clean all entries in the "System" section. Clean all entries in the "Advanced" section. Clean any others that you choose. In the Applications Tab: Clean all (optionally, except cookies) in the Firefox/Mozilla section if you use it. Clean all in the Opera section if you use it. Clean Sun Java in the Internet Section. ==> Important: See Note 2 below before proceeding Clean any others that you choose.
For operational help with CCleaner's setup and features please consult this screenshot tutorial Note 1: To see a list of everything that CCleaner 'cleans' so you may customize the settings to suit your needs, click here Note 2: If you run Yahoo's website design program called SiteBuilder do not check the option to clean out Sun Java, accessed under the Applications => Internet => Sun Java section as specified in Step 3 above. ++++++++++++++++++++++++++ ATF Cleaner (Win 98/ME/2K/XP and Vista) Please download ATF Cleaner by Atribune. This program is for Windows 98/ME/2K/XP and Vista
If you use Firefox browser
If you use Opera browser
Click Exit. on the Main menu to close the program. For Technical Support, double-click the e-mail address located at the bottom of each menu. ========================== Last edited by Tsurani : 11-07-07 at 12:31 PM. |
|
11-07-07, 12:13 PM | #3 |
Antispyware Scanners - Run at least one, preferably two - if your system is functioning well enough:
++++++++++++++++++++++++++ Ad-Aware (Win 98/Me/NT/2000/XP) Download Ad-Aware 2007 and install it. If you already have Ad-aware 2007, please configure it per instructions below. If you have a previous version of Ad-Aware, please install the newest build Launch Ad-Aware and update the Definition Files by clicking on 'Check for Updates now' in the lower right hand corner. Then, to run:
++++++++++++++++++++++++++ SpyBot S&D (Win 95, 98, ME, 2K, XP, 2003, PE, Vista) Supported Operating Systems
Download Spybot Search & Destroy and install it.
Bleeping Computer's Setup & Configuration Instructions Tom Coyote's Tutorial & Help ++++++++++++++++++++++++++ Windows Defender (Win XP SP2, Win 2003 SP1+, Vista) - This scanner will remove the Sony XCP DRM rootkit Windows XP and Windows Server 2003 users can find information and download links for Windows Defender Please note: The Microsoft download site will require you to validate your copy of Windows before allowing you to download this program. Only systems that are fully updated with all service packs will be allowed to download. Supported Operating Systems
For more detailed instructions consult Beyond the Basics Help and How Tos and the Windows Defender FAQ Note: Windows Defender will remove the rootkit portion of the Sony XCP DRM software. ++++++++++++++++++++++++++ SUPERAntiSpyware SUPERAntiSypware (SAS) is free to home users Supported Operating Systems
System Requirements
Download and install SUPERAntiSypware using the default settings
Only if you are not prompted to update the definitions or already have SAS, select Check for Updates before scanning. Program Setup Select Preferences | Scanning Control Check the following Scanner Options:
Click the Close button to leave the control center screen. Scanning
Retrieving the scan report
If you have questions or need help, please refer the SUPERAntiSpyware Frequently Asked Questions. ++++++++++++++++++++++++++ Prevx2 Please note: Prevx2 provides the cleanup option only for 30 days of free use, thereafter it will only detect and not cleanup infections. Supported Operating Systems
========================== Last edited by Tsurani : 11-07-07 at 12:31 PM. |
|
11-07-07, 12:13 PM | #4 |
Before performing your Online AntiVirus Scan, please disable your own resident antivirus's real-time protection feature, to avoid any conflicts. Even if you have an up-to-date AntiVirus program on your system, it is still important to run an online scan, since some parasites may prevent your own anti-virus program from functioning properly or even disable it. Additionally, it does no harm to "get a 2nd opinion" with antivirus scanners because they often find different types of Spyware.
Preliminary Considerations:
Perform at least one of the following scans: The following scanners require a browser which supports active-X downloads (i.e. Internet Explorer).:
The F-Secure Online Virus Scanner has incorporated rootkit detection capabilities through its BlackLight engine. For Windows 2000 and XP only.
The following scanner supports these browsers: Internet Explorer - Netscape (6+) - Mozilla (1+) - Firefox (all):
Let the online AV scanner(s) auto clean whatever is detected and then reboot your system. Note: Only if you are so severely infected that you cannot complete an online scan, even when run overnight, you may use a temporary solution, until a full online viral scan can be performed:
Note: regarding the BitDefender Online Scanner: When a threat is detected by the the BitDefender Online scanner, it will first attempt to disinfect (repair) the file, and only if it cannot be repaired, it will delete it. However, you can elect to change the secondary action from delete to "Report Only" or "Prompt for User Action", so an infected system file is not deleted. This is the safest option to guard against false positives and system files that have been "patched" by Spyware. It is also the safest option if heuristics are used in detection, which they are by default.
========================== Last edited by Tsurani : 11-07-07 at 12:30 PM. |
|
11-07-07, 12:14 PM | #5 |
Run atleast one Anti-trojan Scanner:
AVG Anti-Spyware Free (formerly ewido anti-spyware) runs on Windows 2000, XP and Vista (32 and 64 bit) Only if you already have either AVG Anti-Spyware version 7.5.0.50 or the Vista compatible version 7.5.1.43, installed, then: (Otherwise proceed to Step 1)
Step 1 - Download, Install, and Update AVG Anti-Spyware Free
Last edited by Tsurani : 11-07-07 at 12:32 PM. |
|
11-07-07, 12:14 PM | #6 |
==========================
========================== Now once your system is clean stop useing Internet Explorer and get FireFox Install FireFox from here: http://www.getfirefox.com then get these Add-Ons Adblock Plus: https://addons.mozilla.org/en-US/firefox/addon/1865 Ever been annoyed by all those ads and banners on the internet that often take longer to download than everything else on the page? Install Adblock Plus now and get rid of them. Right-click on a banner and choose "Adblock" from the context menu - the banner won't be downloaded again. Maybe even replace parts of the banner address with star symbols to block similar banners as well. Or you select a filter subscription when Adblock Plus starts up the first time, then even this simple task will usually be unnecessary: the filter subscription will block most advertisements fully automatically. Adblock Filterset.G Updater: https://addons.mozilla.org/en-US/firefox/addon/1136 This is a companion extension to Adblock or Adblock Plus and should be used in conjunction with it. This extension automatically downloads the latest version of Filterset.G every 4-7 days. Filterset.G is an excellent set of filters maintained by G for Adblock that blocks most ads on the internet. In addition, this extension allows you to define your own set of filters that you can add along with Filterset.G during an update. NoScript: https://addons.mozilla.org/en-US/firefox/addon/722 Winner of the "2006 PC World World Class Award", this tool provides extra protection to your Firefox. It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, and guards the "trust boundaries" against cross-site scripting attacks (XSS). Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality... Experts do agree: Firefox is really safer with NoScript ;-) IE Tab: https://addons.mozilla.org/en-US/firefox/addon/1419 Or IE View: https://addons.mozilla.org/en-US/firefox/addon/35 IE View & IE Tab are a simple Mozilla and Mozilla Firefox extension (for Microsoft Windows systems), which allows the current page or a selected link to be opened in Internet Explorer. I use Firefox 99.99% of the time, but there are those moments -- particularly when testing new pages, or when viewing that rare IE-only page that's actually interesting -- when I need to see what things look like in IE. IE View & IE Tab adds menu items to the page context menu, and the link context menu. Right-clicking a link now includes an "Open link target in IE" menu item. Right-clicking elsewhere in the main body of the page (not within an image, text box, etc.) gives "View this page in IE." You can also add sites to an "always-view-in-IE" list. These sites, when reached in Firefox, will automatically reopen in Internet Explorer. The site you are currently viewing can be added via the Firefox. ========================== This is fitting; for a little humor watch this flash movie http://homestarrunner.com/sbemail118.html ========================== O just for ****s and grins, post how many bugs you found on your system after you ran the clean ups. The most I found was on my friends system, she has LimeWire, Napster, and an outdated Anti-Virus program, and she had over 1000 bugs (Virus and spyware) Last edited by Tsurani : 02-15-08 at 04:23 PM. |
|
12-03-07, 03:40 PM | #7 |
ok ya'll with the on slaugh of Viruses in the last few days re read this thread and pass it on to everyone you know ( that uses the internet)
|
|
01-29-08, 09:33 PM | #8 |
just posted this thread in the wow forum post called
There is something fishy in here.... now lets see if he comes here or not |
|
02-08-08, 02:27 PM | #9 |
I also recommend McAfee SiteAdvisor plugin for IE or extension for FireFox. Tells sites from Good to Bad.
It shows on links in Google Search, and when you are browsing anywhere. Download links and Info: IE: http://www.siteadvisor.com/download/ie.html FF: http://www.siteadvisor.com/download/ff.html Preview: (Firefox Extension)
__________________
Never be satisfied with satisfactory. |
|
03-03-08, 08:43 PM | #10 |
DeepFreeze
For those people who really, really, really want to keep their system safe, I would also recommend Faronics DeepFreeze. There's more information on the website. I'm using it right now and it works good, just make sure you read the manuals with it before you even install it.
__________________
Funtoo - Plan 9 - Windows 7 |
|
08-19-09, 01:01 PM | #11 |
08-20-09, 03:25 PM | #12 |
I'd like to add the little blurb I have on my UI page to this for the community..
PERFORMANCE -I have a lot of friends who have lag issues so since this is also for them, I suggest checking out the Blue Posts at WoW Forums' System Performance Guide, 3.1 edition and checking out LeatrixLatencyFix.
__________________
|
|
WoWInterface » General Discussion » Tech Chat » [UPDATED] Slow System, Lag, Crashes, Virus, Spyware? Probable Fix |
«
Previous Thread
|
Next Thread
»
|
Display Modes |
Switch to Linear Mode |
Hybrid Mode |
Switch to Threaded Mode |
|
|