Keep Virus Free

TO HELP PREVENT VIRUSES FROM LOADING
ALWAYS FOLLOW
THESE EMAIL RULES
BEFORE OPENING EMAIL ATTACHMENTS

Do not open the attachments of messages with a suspicious or unexpected subject.
If you want to open them,
first save them to your hard disk and scan them with an updated antivirus program.

Delete any chain e-mails or unwanted messages.
Do not forward them or reply to their senders.
This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.

To see SAFE and DANGEROUS EMAIL FILES EXAMPLES OF WHAT TO DOWNLOAD click here

EVERYONE SHOULD CHECK THIS!
SLOW COMPUTER?
VERY SLOW HARD DRIVE PERFORMANCE??

Has your hard drive performance degraded to very slow transfer speeds?

Both problems' solution is:

Somehow, Windows has reset the Hard drive's
DMA mode (very fast) to PIO Mode (very slow).

Go to DEVICE MANAGER, IDE ATAPI, find affected slow drives, look in Advanced Settings -
if you see a drive running in PIO mode - go to DRIVER, UNINSTALL the affected driver.
Reboot
Windows Plug & Play will then reinstall the drivers automatically and set the FASTEST Mode.

FIXED!

THE SIX STEPS TO
KEEP YOUR COMPUTER HEALTHY
PRIVATE, and FAST...

Follow my suggestions below to run
the latest and greatest security, virus detection software, spyware detection, and email tips
ALL SAFE & FREE TO YOU !!

Believe me, a licensed engineer, and computer geek since before there were desktop computers.
If you don't run these recommended programs, especially SPYBOT,
your computer will definitely be FULL of spyware, secret ads, and expensive dialers that take control and secretly command your computer
in such a way that it robs your system of internet speed, efficiency, and privacy.

1) I LOVE THIS FREE CLEANER
It will REMOVE all of your old TEMP files that WINDOWS doesn't delete.

It has deleted VIRUSES and ROGUE temp files that nothing else can find
And it will fix BUGS from VIRUSES in MEDIA PLAYER and other programs
It will find files so old you thought were gone YEARS AGO!

Be SURE to run CCleaner and then set this option in CCleaner:
Click OPTIONS, ADVANCED, then UNCHECK
"Only delete files in Windows Temp folders are older than 48 hours".

2) SPYWARE REMOVAL
& SYSTEM HIJACK WATCHER
(Very Highly Recommended - run it once every week - or more often)

To clean your computer from SPYWARE:
Spyware will rob you of your speedy connections, slow your computer down, and compromise your privacy, running in the background without your knowledge or consent.
Also, this program will watch your computer for unauthorized automatic background hijacks and unauthorized downloads.
Please click below and follow my step-by-step instructions below

Before I downloaded this program, my computer was slowed almost to a halt by a SPYWARE HIJACK being downloaded without my knowledge and/or consent.
Virus detection programs will NOT find these SPYWARE malware,

Install SPYBOT WITHOUT:
TEATIMER
IMMUNIZATION
and SDHELPER

Download and install the latest Spybot program FREE OF ANY CHARGE, and with no advertising, CLICK HERE for LATEST VERSION.
If you want - FOLLOW the SPYBOT Tutorial HERE
I wouldn't run my computer or any of my friends' computers without this nifty cool program

*** And Check UPDATES once a month or sooner ***
Better yet, have SPYBOT scheduled to run DAILY, and check for UPDATES DAILY.

3) VIRUS DETECTION
(Highly recommended - once a week - or follow the program's automatic scheduling)

And it doesn't require any updating...since it is automatically updated with every online scan you make.

Download COMBOFIX
from Bleeping Computer here
Download, save and run from your desktop
Instructions
When finished with combofix uninstall it - click START, RUN combofix /u

A sample history of virus killer programs - run in this order:
From http://forums.malwarebytes.org/index.php?showtopic=73155
ccleaner
HiJackThis
MalwareBytes
turn off System Restore

http://www.eset.com/onlinescan/
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

OTM by OldTimer
Save it to your desktop
Here is example. You found a file in the est scan that could not be removed:

C:\Documents and Settings\All Users\Application Data\{F14A989E-0102-460B-ADB5-BC208314A307}\OFFLINE\mFileBagIDE.dll\bag\FFToolbar.xpi

Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Return to OTM, right click in the "Paste instructions for items to be Move" window (under the light Yellow bar) and choose Paste.
Click the red Moveit! button.
A log of files and folders moved will be created in the c:\_OTM\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
Close OTM

4) MAKE SURE YOUR WINDOWS SYSTEM RESTORE IS TURNED ON
ALWAYS
Start, Control Panel, System, System Restore, Uncheck - Turn Off System Restore

5) IE, TOOLS, INTERNET OPTIONS, GENERAL, TEMPORARY INTERNET FILES, SETTINGS:
Keep this setting low - to prevent hard disk searching. I use 9 MB!!

6) IE, TOOLS, INTERNET OPTIONS, SECURITY, RESTRICTED SITES:
Keep these entries to a very small number - I use ZERO entries.
Manage this AFTER installing SPYBOT.

To manage large amount of entries use:
ZonedOut

FYI, I lost my browser’s history of WebPages visited. I tried everything…uninstalling IE8…for hours.

Even system restore to a date that HISTORY was working…nothing worked.
Then B O I N G my dead mind remembered…HiJackThis – what a dope I am. I deleted all the JAVA stuff, and it worked! Now I am spending hr getting everything back to normal.

I think a box opened asking if I wanted to install a JAVA update…I clicked YES. I think one should always install a JAVA update from SUN only. If you get a JAVA update box…just say NO – and then go to SUN JAVA to see what’s up.

Zone Alarm FREE Personal Firewall
Zone Alarm has a great FREE personal firewall and it's a necessity for all desktop computers
connected to broadband Internet, using DSL, cable, ISDN, WiFi or satellite modems.

tough virus ?

If you have a particularly tough virus - that won't get cleaned away:

1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. To restart the computer in Safe mode - (PRESS F8 while rebooting)
4. Run a full system scan and delete all the files detected.

To disable System Restore (Windows Me/XP)
If you are running Windows XP,
we recommend that you temporarily turn off System Restore.

Windows Me/XP uses this feature, which is enabled by default,
to restore the files on your computer in case they become damaged.

If a virus, worm, or Trojan infects a computer,
System Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from modifying System Restore.
Therefore, antivirus programs or tools cannot remove threats in the System Restore folder.
As a result, System Restore has the potential of restoring an infected file on your computer,
even after you have cleaned the infected files from all the other locations.

HOW TO TURN OFF SYSTEM RESTORE

GEEKS TO GO
Expert free help
www.CASTLECOPS.com

Older versions of Java Runtime Environment have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove the older versions of Java Runtime Environment..

After you have installed the Java software on your computer, you must restart your browser.
You can verify that Java Runtime Environment (RTE) has been installed correctly by clicking on
the Verify Installation button on the JAVA SOFTWARE MANUAL DOWNLOAD page.

CLICK START, PROGRAMS, ACCESSORIES, SYSTEM TOOLS, DISK DEFRAGMENTER.

Just relax and follow the prompts -this will take about 30 minutes or so, depending on the size of your hard drive and the speed of your computer.

This Microsoft Windows program will kind of put all the memory bits on your hard-drive in order
so that your hard drive can read your files and fill your cache in one quick pass,
rather than search in different places throughout your hard drive.

Turn off all browser windows, and other programs during the test
Also, temporarily turn off your antivirus program (AVG) & firewall

Norton Ghost
VERY SLOW HARD DRIVE BACKUP

Has your Ghost backups started taking a very long time to finish?
My Ghost backups were taking minutes that went to 30 hours!

Has your hard drive performance degraded to very slow transfer speeds?

Both problems' solution is:

Somehow, Windows has reset the Hard drive's
DMA mode (very fast) to PIO Mode (very slow).

Go to DEVICE MANAGER, IDE ATAPI, find affected slow drives, look in Advanced Settings -
if you see a drive running in PIO mode - go to DRIVER, UNINSTALL the affected driver.
Reboot
Windows will then reinstall the drivers automatically and set the FASTEST Mode with Pug & Play

FIXED!

If Norton Ghost goes to only 1% after a failed backup pr dirty shutdown:
Delete BACKUP DEFINITION and then DEFINE NEW BACKUP JOB:
Go to Norton Ghost, Tasks, Run or Manage Backup tasks.

or try
services.msc - stop the Norton Ghost service.
c:\all users\application data\Symantec\Norton Ghost\History and delete all files.
c:\all users\application data\Symantec\Norton Ghost\Schedule and delete all .pqj files.

Restart the Ghost service and reschedule your backup jobs.

Watch what you download!
Many freeware programs, and P2P (Peer-to-Peer) programs like Grokster, Imesh, Kazaa and others
are among the most notorious, come with an enormous amount of bundled spyware that will eat system resources,
slow down your system, clash with other installed software, or
just plain crash your browser or even Windows itself.

Browser Search Page Hijacked
To earthlink.net ? Or perhaps your ISP's Search Page

Copy everything below to notepad then save it to your desktop as IEfix.reg.
Doubleclick on it and let it import.
This resets all IE search configurations to their original state.

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://g.msn.com/0SEENUS/SAOS01"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
""="http://home.microsoft.com/access/autosearch.asp?p=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://search.msn.com/spbasic.htm"
"Use Custom Search URL"= dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\URL]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\URL]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\URL\DefaultPrefix]
@="http://"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\URL\Prefixes]
"ftp"="ftp://"
"gopher"="gopher://"
"home"="http://"
"mosaic"="http://"
"www"="http://"

EARTHLINK SEARCH HIJACK
to earthlink-help.net

Not easy to repair without the following fix:
First of all you will need to set a static ip address for your pc.
Follow the instructions here

for dns servers use 4.2.2.1 and 4.2.2.2
Earthling recommends
207.69.188.172 (east coast)
207.69.188.171 (west coast)

If for some reason this doesn't work
(It did work for me without the following modification)
you may also want to modify your HOSTS file in c:/windows/system32/drivers/etc
open with note pad and add this at the bottom:

127.0.0.1 elydm.01.am.barefruit.com
127.0.0.2 elydm.02.am.barefruit.com
127.0.0.3 elydm.03.am.barefruit.com
127.0.0.4 elydm.04.am.barefruit.com
127.0.0.5 elydm.05.am.barefruit.com
127.0.0.6 elydm.06.am.barefruit.com
255.255.255.255 www.earthlinkhelp.com
127.0.0.7 http://earthlink-help.net

click on file.... click save

Reboot PC and problems should go away.

Look at earthlink blog here for more detailed info

HOW TO AVOID RUNNING VIRUSES & OTHER NASTY THINGS
You must follow this order

While surfing your antivirus program opens a popup
VIRUS DETECTED...
THIS IS THE WORST CASE
an executable .exe file tries to get through your defenses
TURN OFF THE INTERNET MODEM BUTTON NOW
(or the following cleaning is for naught)
NOTE THE FIRST FEW LETTERS
of the .exe FILE showing in the AVG popup
Send the VIRUS to AVG's VAULT or if you can DELETE IT.
Run CCLEANER
To double-check names & locations of all VIRUSES that got through your firewall,
GO to your firewall logs.
SEARCH for virus names on hard-drive or just look in C:\
(They did get through your defenses!)
DELETE THEM :)
If you cant delete the .exe files, then they are already running.
CTRL-ALT-DEL opens Windows Task Manager
Search the IMAGE NAME column for the stubborn .exe file that wont get deleted
and the any other files sent to the vault
HIGHLIGHT them and END PROCESS
Run a REGISTRY CLEANER
RE-BOOT
TURN ON THE INTERNET MODEM BUTTON
Do an online antivirus scan for your c:\ HERE
16. If you cleaned well - the antivirus scan will be clear.