We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Computer Driving Me Nuts!!!
Comments
-
Wouldn't have them on mine......consumer input is another one, and rapport (for different reasons)!!
> . !!!! ----> .0 -
Right ok will get rid off them all now. Thank you so much for your help.
Alison0 -
The best way of cleaning up a slow or badly infected machine is to backup all your data to an external drive, and do a factory restore using the factory restore partition (see manual or manufacturers website) or Windows disc. The alternative is to do it manually as follows (the list may look daunting, but should take less than an hour of effort (apart from virus scans)) :-
__________________________________________________
Unless you need them running all the time, use the startup tab in msconfig to disable these items from running at startup (they can always be run manually if needed)
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (you might want this)
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\dca-ua.exe
O4 - HKLM\..\Run: [Ipsos-WatchDog] C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe /Debug
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
This is a general guide on cleaning up infections and speeding up pc's https://forums.moneysavingexpert.com/discussion/2436849
If you haven't all ready done it, Install Malwarebytes and do a FULL (not quick) scan (after updating it), fix anything found before closing, otherwise you'll have to do it all over again. You may get prompted asking if you want to run the free 14 day trial during install, I suggest you decline this offer, as it will slow things down. If anything was found reboot the machine before continuing. http://www.filehippo.com/download_malwarebytes_anti_malware/
Making any changes to a PC setup always comes with a slight risk of something going wrong, the worse case scenario is an unbootable PC - ideally you should have got a backup of important data on dvd or external disk, and a disk image backup (http://www.macrium.com/reflectfree.asp) or windows disc/factory restore partition available before you start. In the unlikely event that anything does go wrong, post on another pc for advice.
************************************************
Install and run ccleaner (untick the google toolbar during the install). Untick the "windows log files" box, under the system heading before cleaning. Also Tick the java cache tick box under CCleaner, applications, internet to wipe the java cache which sometimes hides infections. http://www.piriform.com/ccleaner/download/slim
Install and run startuplite, accept suggested changes - http://www.malwarebytes.org/StartUpLite.exe
Click the java icon in control panel, updates, untick check for updates
__________________________________________________
Using Hijackthis, tick and fix these entries
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E7637F18-B2C8-43E4-BCFE-BC3437DF469F} - https://s.userzoom.com/s/UserZoom.cab
O3 - Toolbar: Cloudberry Twitter plugin - {844ca498-7e43-4eb9-937f-083da08110be} - mscoree.dll (file missing)
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
__________________________________________________
Uninstall any IE toolbars (browser helper objects or BHO's) in Control panel, or Firefox plugins that you don't need. This is a list of the IE BHO's evident in the log, (firefox plugins don't show up in hijackthis)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Gacela2 - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\Digital Connections\Gacela2.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: DCA - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Consumer Input\dca-bho.dll
O2 - BHO: FCTBPos00Pos - {B7C2F0D8-2209-4693-A15D-5A537211D48B} - C:\Program Files\Nectar Search Toolbar\Toolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Disable (vista/W7) or uninstall (XP) Windows Defender. To disable windows defender on vista or windows 7 - from the start menu, windows defender, tools, options, untick use real-time protection, under administrator options, untick use windows defender and untick allow everyone to use windows defender, click save to save settings. XP users can either do this or preferably uninstall it in control panel instead.
Unless you use media sharing across the network, disable it in media player, library, media sharing, or options media sharing, untick find and share media
__________________________________________________
If you want a speedy machine, Use windows firewall and replace your antivirus and security software with avast 6 free - (a fast and lightweight virus scanner with good detection rates) http://www.avast.com/free-antivirus-download :
This is a list of (or remnants of) security software evident in your log, you may wish to uninstall these in Control Panel (add/remove programs or programs/features) to keep your PC running smoothly, too much overlapping or bloated security or useless tuning software can have a drastic effect on performance - always leave one resident scanner running (eg avast/avira etc)
---- rapport
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
---- msseces.exe
C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
__________________________________________________
Uninstall gacela
O2 - BHO: Gacela2 - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\Digital Connections\Gacela2.dll
O9 - Extra button: (no name) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\Digital Connections\Gacela2.dll
O9 - Extra 'Tools' menuitem: About Digital Connections - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\Digital Connections\Gacela2.dll
Uninstall ipsos
C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe
C:\Program Files\Digital Connections\Chrome Extension\Ipsos-Chrome-Helper.exe
O4 - HKLM\..\Run: [Ipsos-WatchDog] C:\Program Files\IpsosLSPService\Ipsos-WatchDog.exe /Debug
O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll
O23 - Service: Ipsos-Reporting-Service - Unknown owner - C:\Program Files\Digital Connections\Ipsos-Reporting.exe
O23 - Service: Ipsos-Update-Service - Unknown owner - C:\Program Files\Digital Connections\Ipsos-Updater.exe
__________________________________________________
start, run, services.msc, disable these services UNLESS you use them. (make a note of any services you disable,if you have any problems related to these services subsequently, simply re-enable them)
SSDP Discovery Service
Remote Registry
WebClient
Distributed Link Tracking Client
Also disable these services if you don't use them by running msconfig, services tab (or uninstall the underlying software)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
"Uninstall any software for equipment that you know longer use, eg old printers/phones/camera's/adsl usb modems"
__________________________________________________
When you've done all that, post a fresh hijackthis log and any logs of infections!!
> . !!!! ----> .0 -
Wow that is brilliant and so helpful. Thank you so much for you effort in helping me. I shall crack on through the list tomorrow it will be a nice challenge for me. Thank you so much for all the links and the details you have explained it so well. I shall keep you posted.
Thanks
Alison0 -
uninstalling the "spying" apps, rapport, and mse, and installing free version of avast, startuplite and dealing with the O4's listed will probably have the greatest effect.!!
> . !!!! ----> .0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 348.3K Banking & Borrowing
- 252.1K Reduce Debt & Boost Income
- 452.4K Spending & Discounts
- 240.8K Work, Benefits & Business
- 617.1K Mortgages, Homes & Bills
- 175.6K Life & Family
- 254K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards