Enter your Keyword, Search here,

Speeding Up System Boot - Tracing your System Start with Bootvis Part 3

Now that you have Bootvis installed, you are ready to start analyzing your system.
Start the application from the shortcut located in the Start Menu. Once the application has started, you will see an empty Bootvis interface. To initiate a new trace, click the Trace item on the menu bar and select Next Boot Driver+Delays.
This will Pop up a window, asking you how many times you would like the trace to be run.
It is often a good idea to run the trace more than once to see if the items that are slow in your startup are consistently slow. Select the number of repetitions by using the arrow buttons.

Once you click OK, your computer will automatically start the process of tracing and will reboot your computer. Make sure that you do not have any unsaved work on your system, as you could lose anything that you have been working on if you do not save your work before the system restarts.

When you are ready, click the OK button and you will see a countdown window counting down from 10 seconds until the system will reboot. If you choose, you can click the Reboot Now button if you do not want to wait for your system to reboot automatically.

Once your system starts to reboot, it will start the tracing process. Do not press any buttons on your computer during the tracing process other than to log onto your computer, if your computer is set up that way.
After the log on screen, Bootvis will display a message on the screen telling you not to do anything on your computer. Once the trace is complete, the computer will automatically reboot and will repeat this process the number of times you selected to repeat earlier. When the process is all finished,your computer will automatically load the trace file.
If you performed more than one trace, you will have to manually load one of the trace files.
Written by: No comments :
Tags: , ,

Manual Removal of W32/AutoTDSS.DX Worm

Manual Removal of W32/AutoTDSS.DX Worm.
W32/AutoRun.SKG is a Worm. The Worm will infect Windows systems.
This Worm first appeared on January 12, 2009.
Other names of W32/AutoRun.SKG Worm:
This Worm is also known as Worm.Win32.AutoRun.skg, WORM_AUTORUN.CCJ.
Damage Level : High/Medium
Distribution Level: Unknown
No Auto Removal Tool for W32/AutoTDSS.DX Worm
W32/AutoTDSS.DX Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
Download W32/AutoTDSS.DX Worm Known Files Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]
  • %Program Files\videosoft
  • %Systemroot\Recycled\boot.com
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled
    Download the following file [ Right click and select "Save Target as" ]
    Click to Download - Enable Registry.reg
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/AutoTDSS.DX Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
Download UnHookExec.inf, [ Right click and select "Save Target as" ] and then continue with the removal.
Save it to your Windows desktop. Do not run it at this time, download it only.
After booting into the Safe Mode or VGA Mode
 Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videosoft

Search Registry For W32/AutoTDSS.DX Worm File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , ,

Manual Removal of W32/Hexzone.GOA Dhofozr.dll Trojan

Manual Removal of W32/Hexzone.GOA Trojan.
W32/Hexzone.GOA is a trojan. The trojan will infect Windows systems.
This trojan first appeared on January 28, 2009.
Other names of W32/Hexzone.GOA Trojan:
This trojan is also known as Trojan-Ransom.Win32.Hexzone.goa, TrojanDownloader:Win32/Renos.FS.
Damage Level : Medium/High
Distribution Level: Medium
No Removal Tool for W32/Hexzone.GOA Trojan

W32/Hexzone.GOA Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal if Running
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Hexzone.GOA Trojan Known Files Removal Tool
[ In Windows Vista Run As Administrator, After Execution System Will Restart ]
  • %Windows\System\dhofozr.dll
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Hexzone.GOA Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, and then continue with the removal.Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Hexzone.GOA Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib

Search Registry For Virus File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , ,

Manual Removal of W32/Vidal.AC Trojan

Manual Removal of W32/Vidal.AC Trojan.
W32/Vidal.AC is a trojan. The trojan will infect Windows systems.
This trojan first appeared on January 27, 2009.
Other names of W32/Vidal.AC Trojan:
This trojan is also known as Backdoor:Win32/Rustock.E, TR/Drop.V.ac.122880, Trojan.Win32.Vidal.ac.
Damage Level : Medium/High
Distribution Level: Medium
No Removal Tool for W32/Vidal.AC Trojan

W32/Vidal.AC Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Vidal.AC Trojan Known Files Removal Tool
[ In Windows Vista Run As Administrator, After Execution System Will Restart ]
  • %Windows\System\gynpuz.sys
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Vidal.AC Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, and then continue with the removal.Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Vidal.AC Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
New Entry were created synsend, wnjtzj - removal tool on progress

Search Registry For Virus File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , ,

Manual Removal of Packed.Win32.Krap.b/OnLineGames.EZP

Manual Removal of Packed.Win32.Krap.b/OnLineGames.EZP Trojan.
Packed.Win32.Krap.b is a trojan. The trojan will infect Windows systems.
Damage Level : Medium/High
Distribution Level: Medium
No Removal Tool for Packed.Win32.Krap.b/OnLineGames.EZP
Packed.Win32.Krap.b/OnLineGames.EZP Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download Win32.Krap.b/OnLineGames.EZP Known Files Removal Tool
[ In Windows Vista Run As Administrator or Disable UAC, After Execution System Will Restart ]
  • %WindowsDrive\random name.com
  • %UsbDrive\random name.com
  • %System%\gasretyw0.dll
  • %System%\gasretyw2.dll
  • %System%\kav320.dll
  • %System%\kav322.dll
  • %System%\amvo.exe
  • %System%\amvo0.dll
  • %System%\amvo1.dll
  • %System%\amvo2.dll
  • %System%\bitkv0.dll
  • %System%\ckvo.exe
  • %System%\ckvo0.dll
  • %System%\ckvo1.dll
  • %System%\ckvo2.dll
  • %System%\dse235rgd0.dll
  • %System%\dse235rgd1.dll
  • %System%\fool0.dll
  • %System%\fool2.dll
  • %System%\ieso0.dll
  • %System%\ieso1.dll
  • %System%\j3ewro.exe
  • %System%\jwedsfdo0.dll
  • %System%\jwedsfdo1.dll
  • %System%\jwedsfdo2.dll
  • %System%\kavo.exe
  • %System%\kavo0.dll
  • %System%\kavo1.dll
  • %System%\kavo2.dll
  • %System%\kxvo.exe
  • %System%\kxvo0.dll
  • %System%\kxvo1.dll
  • %System%\mmvo.exe
  • %System%\mmvo0.dll
  • %System%\mmvo1.dll
  • %System%\revo.exe
  • %System%\revo0.dll
  • %System%\revo1.dll
  • %System%\sool0.dll
  • %System%\sool2.dll
  • %System%\tavo.exe
  • %System%\tavo0.dll
  • %System%\tavo1.dll
  • %System%\ulso0.dll
  • %System%\wedasgads0.dll
  • %System%\wedasgads2.dll
  • %Temp%\o2g.exe
  • %Windir%\help\b41346efa848.dll
  • %Windir%\help\b41346efa848.exe
  • %Windir%\help\eb6c4499b05f.dll
  • %Windir%\help\eb6c4499b05f.exe
  • c:\0jbnlnu8.exe
  • c:\39lpji.com
  • c:\b3b9u.com
  • c:\dp.exe
  • c:\f.exe
  • c:\fn20.exe
  • c:\lbq6.com
  • c:\n.com
  • c:\o2g.exe
  • c:\okhr.exe
  • c:\ph.com
  • c:\t.exe
  • c:\t1ypkh.exe
  • c:\tj8odymw.exe
  • c:\uh31.exe
  • c:\xpq63xl.exe
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Lmir.GKN Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal.Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Lmir.GKN Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
kamsoft = "%System%\ckvo.exe"

The following Registry Value was modified:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
CheckedValue = 0x00000000

So that hidden files and folders are not displayed in explorer when browsing the file system

Change Checked Value = 0x00000001
Modify>Enter Value 1 > ok

or Use Krap.b.OnLineGames.EZP remover to Remove Listed Files and Entries.


Search Registry For Virus File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , , , ,

Manual Removal of W32/Lmir.GKN Trojan

Manual Removal of W32/Lmir.GKN Trojan.
W32/Lmir.GKN is a trojan. The trojan will infect Windows systems.
This trojan first appeared on January 24, 2009.
Other names of W32/Lmir.GKN Trojan:
This trojan is also known as PSW.OnlineGames.BKAL, TrojanDropper:Win32/Jevafus.B.
Damage Level : Medium/High
Distribution Level: Medium
No Removal Tool for W32/Lmir.GKN Trojan

W32/Lmir.GKN Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Lmir.GKN Trojan Known Files Removal Tool
[ In Windows Vista Run As Administrator, After Execution System Will Restart ]
  • %Documents and Settings\All Users\Start Menu\Programs\Startup\Ati Office PreLoad.exe
  • %Program Files\Common Files\System\vss_mmcs.dll
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Lmir.GKN Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal.Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Lmir.GKN Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID

Search Registry For Virus File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , ,

Speeding Up System Boot - Installing Bootvis Part 2

Installing Bootvis

Bootvis is not included with Windows and must be downloaded from the Web. Currently, Microsoft has removed the link to download the program from their Web site.
Microsoft has removed this tool from their site because users have been using it for the wrong purpose. Ever since the tool was first discovered on Microsoft's Web site, users would use Bootvis because they thought that it would speed up their computer's boot time. That misconception arose because Bootvis is capable of starting some of Windows XP's boot optimization features that are normally run by the operating system after it has fully analyzed the boot. However, Bootvis was designed to be a performance analysis and diagnostic utility, not a speed boosting app.

Because users were using Bootvis for the wrong reason,and because use of its
advanced boot optimization features could possibly do more harm than good, Microsoft decided to remove the tool from their site.

Microsoft's removal of the tool from their Web site is unfortunate,because it really can give you a lot of useful information about your boot. Fortunately,several Web sites exist from which users of Windows XP still download Bootvis, namely:
Once you have downloaded a copy of Bootvis, install it by double-clicking the file. A new entry will be made in the Start Menu under All Programs, labeled Microsoft Bootvis.
To be Continued...
Written by: No comments :
Tags: , , ,

Speeding Up System Boot - Analyze System with Bootvis

Using Bootvis you can analyze your system start

Bootvis is an application released by Microsoft that allows users and developers to debug and detect issues that occur during the system startup. Contrary to what most people believe, Bootvis is not a performance enhancement tool, but a diagnostic and reporting tool.

Running Bootvis will not speed up or change the performance of your system in any way other than what the system does automatically. Therefore, running Bootvis for the purpose of having it automatically speed up your system is pointless. However,the information that the Bootvis reports can be invaluable to improving the performance of your system.
What exactly is Bootvis?
Bootvis is a tool that will trace all of the different stages of the system
start such as the system kernel, then the device drivers, and then the start up of processes.If you are wondering why your computer is taking so long to startup, then Bootvis will provide you with many answers.
Written by: No comments :
Tags: , , , ,

More Posts that you may be interested...