For a few easy ways to make your computer faster we should start and see what exactly your computer is currently running. One of the top factors of computer speed is having enough available resources. Obviously if your computer is busy doing other things it isn't going to have enough resources to do what you want it to do.

Determine what your computer is currently using.

     Do you need all the programs that are running? If you are running Windows XP simply click on 'Start' then 'Run' then type 'msconfig', by then clicking on the Startup tab you can all the startup programs for this computer. Most of these are generally not needed and take up valuable resources. It is outside this scope to determine what exactly you need and do not need. Un checking un-needed programs and then restarting will result in your computer doing less things you don't and more things you want.

     You will notice in above image the startup item qttask is highlighted. This is a perfect example of a un-needed startup program. This is put there by the Quicktime application, an application that allows your PC to play MOV files. Now when you want to play a MOV file you either access it via a website or you double click on the file. You do not need this task constantly running. Now how many other applications have a un-needed constantly running program. All that adds up rather quickly and soon your PC is running slower for no reason.

Let's look at some other un-needed startup programs from the above image.

• QTTASK
  Used by Quicktime, not needed - remove it!
• CTFMON
  Used by Microsoft Office, totally optionally - remove it.
• REALSCHED
  Used by Real Player, ugh the worst company ever, their applications are filled with so much junk and they add annoying shortcut programs, definitily remove it!

Make sure you have enough free space.

     This is not as a big issue as most people make it out to be. A common misconception is that storing too many photos or games on a computer will slow it down. If you have a 80 GB hard drive and you are using 40GB on your photo and game collection that will actually have little impact on your computers performance. Again the main factors are having available resources, aka Memory. Hard drive space is different than your computers Memory or RAM. That being said it is still in good practice to be should your computer drive is not more than 90% full and de fragmenting your hard drive is always a quick way to speed up performance. For more information on disk de fragmenting including a full tutorial, please click here.

Check your systems for Spyware / Virus infections

     Many computers currently are infected with Spyware or Virus programs and do not know it. Run a full virus scan and check for Spyware. This is outside the scope of this document but we also offer tutorials for both of these.

Hardware upgrade

     If you do everything you can so far to be sure your computer isn't allowing rogue programs to hog up resources you may want to consider purchasing additional Memory for your computer. 

If you own a computer there is a very good chance that your computer is infected with Virus or Spyware programs. They come in many shapes and forms and come at you from many different directions. There are also many tools to help you remove Virus infections once they happen, but the best bet is to avoid these problems all together. How you can prevent infections is what this article is all about.

Be careful of the web sites you visit

Many Virus / Spyware infections actually use exploits in the operating system itself to have their code automatically install when you visit an infected web site. This often happens when people visit certain web sites. For example certain adult web sites have been known to try and infect your unprotected computer with code that will take over your computer's modem and try to dial 1-900 numbers on your phone line. Some web sites will offer 'Free Screensavers', or other forms of something free, once installed the 'free' software will install Spyware that is very difficult to remove once installed. Unless you know it's from a trusted source, do not install any software from a web site. If you are browsing a web site and something pops up and asks to you install a plugin it is very important that you close that window, unless you trust that web site. Clicking 'Yes' on one of those windows may let in a stream of spyware programs.

Keep your Windows updated

Now that you are careful of what web sites you visit you must also make sure that your operating system is up to date. This is something that should be done regularly, basically when Microsoft discovers problems or security vulnerabilities with their software they fix it. If you never visit this site you will never get that update and your system will be vulnerable. Windows update doesn't only fix problems, but offers free upgrades to Windows components, such as Windows MovieMaker and Windows Media Player. These are great additions that are totally free! Windows users can visit http://windowsupdate.microsoft.com to update your system at anytime.

Protect yourself

Now that your computer is updated you still need additional software to be safe; Anti Virus software. I personally recommend Norton Anti Virus 2006. There are many different versions to choose from, Norton Internet Security, McAfee, etc. I recommend just the basic Anti Virus 2006, it costs $49.95 and includes one year of updates. Once installed it will automatically keep itself updated and continuously scan your system for any Virus or Spyware programs. If it finds anything that shouldn't be there it will automatically remove it for you. If you are running Windows XP you should also turn on your firewall. This can easily be done by clicking on Start then Control Panel, Network Connections, then right clicking on 'Local Area Connections' (If you are connected via a wireless network then you want to right click on 'Wireless Network Connection') then click on the 'Advanced' tab, Then switching the button to 'On'.

That is just three simple steps you can take to better prevent your computer from being infected with Virus programs. 

Thanks for providing the smitRem tool, it was great at getting rid of the installed program and pop-up.  After running it though, my display still stays with the basic blue background.  If I try to change the wallpaper in display settings, I cannot select any of the patterns and the scrollbar does not move.  I think that the "desktop" tab of the display settings has been faked somehow.  The various files like 'aquarium, ascent' aren't actually .bmp's in the Windows directory.  This is the same problem that I noticed before I ran smitRem.  I have used webshots for wallpaper and while that runs fine, it does not change the wallpaper image either.  Is there something else that I still have to remove?

Here is a shot of the desktop settings that I am talking about.

Answer:

http://www.freecomputeradvice .net/downloads/fixreg.zip

Will that solve that, just download and run those to items. You may have to restart. 

I came across a particularly nasty virus lately and I wanted to share some techniques on how to remove this virus and other virus programs that work the same way. The customer came in and said his laptop was running slow and thought he may have a virus. First things first, run HiJack this and remove anything that looks suspicious, restart and run it again and find all the ones I just removed that came back. This is common, you remove them; they come back, so I make a note of those files and restart into Safe Mode and then manually delete those files. Ok done; however upon restarting I still have pop up advertisements.

 I run SysInternals Process Manager to view all processes currently running on the PC and I find nothing out of the ordinary. Very strange. This is where things start to get confusing, how are these advertisements showing up if no running processes are creating them?

 Tis is a good time to introduce another tool by SysInternals; File Monitor. This program will show you a running list of all the files that are currently being accessed by the operating system. Now we can get a clear picture of not only the running processes itself but the files that are being accessed. If you look at the screen shot below you will see one file in particular that looks suspicious, fccax.dll. It appears over and over again, a quick Google search reports that is in fact SpyWare. So now what? Lets delete it. However we cannot delete it now because it is in use, restarting into Safe Mode won't work either, its still in use. Insert your Windows XP CD and boot to it, at the first screen hit 'R' and get into the recovery console. Now you can delete the file.

Many times to troubleshoot a computer problem it can be much easier if the technician can see the exact error message that you are seeing. Luckily for us Windows XP comes with a way to do just that. If your computer can send email with Outlook or Outlook Express then you can very easily send a screen shot.

When you see the error message click the 'Prnt Scrn' button your keyboard, then create a new email message, address it to the person you want to see the error. Now in the message body text, just click your cursor there and hit CTRL+V to paste the picture.

That's it! The screen shot that was captured when you hit PrntScrn is now pasted in the message, you can now send. Hopefully the technician can help. 

Upon running HiJack This you will get to the screen shown below. Want you want to do here is click on 'Do a system scan only'. This will scan your PC for startup programs, located in the registry, startup folders, etc. Basically this will return a list of programs that start when your computer starts up. We want to see this information so we can identify bad things and remove them.

We will now have a screen similar to what is shown below. This is where it gets a little difficult because bad programs don't exactly pop up and say 'I'm bad, remove me'. However some of them do give good clues. Here are a few.

• Some SpyWare programs hide themselves as a 'search bar' of some sort, so the location will be C:\Program Files\SuperCoolSearchBar
• Some SpyWare programs have random names and live in the system32 directory, for example C:\Windows\System32\ajeiej2la.exe
• Static entries in the host file is typically bad, shown below. Remove them.

Keep in mind these are only a few and you have to be careful not to remove something you need, because unlike msconfig there is no going back after you remove an entry.

XPRT5.DLL Problems

After seeing many requests to fix this problem, I decided to write a quick tutorial to help everyone out the latest problem brought to you by AOL. You may have a problem telling you that XPRT5.DLL could not be found or you have to reinstall the file? Have to fear the fix is very easy, all you have to do is download the beta version of AOL's Connectivity Service 4.7.

Download AOL's Connectivity Service 4.7 to fix XPRT5.DLL

What does this do?

Installing this update will reinstall AOL's Connectivity Service which is the cause of the XPRT5.DLL issue.

Note: You may have to uninstall all previous version of Americal Online before installing this update.

How do I install and run this update?

1. Simply download AOL's Connectivity Service 4.7 update to your computer.
2. Once the file is finished downloading, open the file.
3. The installation wizard will run, just agree to all prompts to install the update.
4. You may have to restart your computer once the update has finished installing.

 
Hope this fixes your problem, if not please leave a question in our forum thread on this issue section.    

If you are looking to find hidden programs on your computer there are a few ways to do this.

Find running programs

Probably my favorite program to find running programs is Process Explorer. Task Manager can be too basic and doesn't give you all the important details you need. Process Explorer is basically an advanced version of Window's Task Manager that tells us some vital information. Let's look at some of the differences. Task Manager (accessible by right-clicking on the taskbar then clicking Task Manager) allows you to view processes running by Windows. However some processes are hidden from this view. Take a look below.

Windows Task Manager

Now let's take a look at a screen shot of ProcessExplorer

If you have a virus - chances are you may see it listed here. Another great feature is you can right click on a program and find the exact path to the file. Then you can copy and paste that into OTMoveIt to quickly delete it.

You can see my moving my mouse over calc.exe it listed the path to the executable. I can also right click to stop it from running. This has many other uses; for example: if I notice each time I remove a entry from my startup file using msconfig that it comes back; I can watch the ProcessExplorer to see if a process is starting at the same time. The ProcessExplorer program will show a program for a few seconds after it has ran, so you can tell that a program just started and then abruptly stopped. Now just check the file name if its a random string of letters than you can assume its a virus program (in most cases).

• Download ProcessExplorer

It's very important that if you have not already done so that you visit http://windowsupdate.microsoft.com and keep your computer up to date. There is an very important update that fixes a flaw in Windows operating system that allows hackers to execute code on your computer when you visit an infected website.

Spyware Quake is fake antispyware 'tool' that comes up after you are infected. This program is totally false and needs to be removed as soon as possible. This virus is very simliar to Trojan.Spaxe

You will know if you are infected if you see a ballon at the bottom of your screen that says the following

Your computer is infected!
Critical System Error!
System detected virus
activities.  They may cause
critical system failure. Please
use antimalware software to
clean and protect your system
from parasite programs.
Click here to get all available
software.

Removal Directions

1. Download and save smitRem.zip
2. Reboot and start into Safe mode
3. Extract smitRem.zip
4. Open folder where smitRem.zip extracted then double click on RunThis.bat
5. Remove the following files, (You may have to use KillBox to remove stubborn files that are in use. You may not have all of these files.)
   • c:\windows\system32\nvctrl.exe
   • c:\windows\system32\dfrgsrv.exe
   • c:\windows\system32\mssearchnet.exe
   • c:\windows\system32\stickrep.dll
   • c:\program files\spywarequake\
6. After program runs you can safely restart the computer and the infection is gone! Be sure to always keep your Windows up to date! 

It's very important that if you have not already done so that you visit http://windowsupdate.microsoft.com and keep your computer up to date. There is an very important update that fixes a flaw in Windows operating system that allows hackers to execute code on your computer when you visit an infected website.

You will know if you are infected if you see a ballon at the bottom of your screen that says the following

"Your computer is infected!
Windows has detected spyware infection.
It is recommended to use special antispyware tools to prevent data loss.
Windows will now download and install the most up-to-date antispyware for you.
Click here to protect your computer from spyware."

Or it may say

" Your computer is infected!
Dangerous malware infection was detected on your PC
The system will now download and install most efficient
antimalware program to prevent data loss and your private
information theft.
Click here to protect your computer from the biggest malware
threats."

The Virus name is actually Trojan.Spaxe. It is a serious infection that needs a special removal tool to be safely removed from your computer.

Removal Directions

1. Download and save smitRem.zip
2. Reboot and start into Safe mode
3. Extract smitRem.zip
4. Open folder where smitRem.zip extracted then double click on RunThis.bat
5. After program runs you can safely restart the computer and the infection is gone! Be sure to always keep your Windows up to date!

Updated! I've ran into this problem since the orginal article was posted and the original fix may not fix this problem any longer due to variations.

After in safe mode I ran HiJack this and noticed two other suspicous programs

C:\WINDOWS\SYSTEM32\KERNEL8.EXE
C:\WINSTALL.EXE

Symantec says you may have to follow the below instructions to remove the Virus although my variation did not require this.

1. Click Start > Run .
2. Type regedit
3. Click OK .
   
   Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor. Security Response has developed a tool to resolve this problem. Download and run this tool , and then continue with the removal.
   
   
4. Navigate to the subkeys:
   
   HKEY_CLASSES_ROOT\CLSID\{A2D9D3F0-8C2A-2A1D-A376-1BECFB10AB72}\InProcServer32
   HKEY_CURRENT_USER\Software\Classes\CLSID\{A2D9D3F0-8C2A-2A1D-A376-1BECFB10AB72}\InProcServer32
   
   
5. In the right pane, delete the values:
   
   "Default" = "%System%\svchosts.dll"
   "Default" = "%System%\ioctrl.dll"
   "Default" = "%System%\netwrap.dll"
   
   or
   
   "Default" = "%AppData%\Microsoft\svchosts.dll"
   "Default" = "%AppData%\Microsoft\ioctrl.dll"
   "Default" = "%AppData%\Microsoft\netwrap.dll"
   
   
6. Navigate to one of the following subkeys:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObject
   
   
7. In the right pane, delete the value:
   
   "{A2D9D3F0-8C2A-2A1D-A376-1BECFB10AB72}" = "Reload Browse"
   
   
8. Exit the Registry Editor.