Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Guides - Privacy & Security Tips
Experiencing slow startup/booting issue . Try removing invalid Autorun entries
Message
<blockquote data-quote="viktik" data-source="post: 263821" data-attributes="member: 12848"><p>After installing/uninstalling few applications some entries gets left in startup that are not valid. These autorun entries causes delayed bootup or other error messages during bootup.</p><p></p><p>There is no automatic cleaning tool. You need to do it manually. For that you need Comodo Cleaning Essentials.</p><p></p><p>Comodo Cleaning Essentials (CCE) is a set of computer security tools designed to help users identify and remove malware and unsafe processes from infected computers.</p><p></p><p>Major features include:</p><p></p><ul> <li data-xf-list-type="ul"><strong>KillSwitch</strong> – an advanced system monitoring tool that allows users to identify, monitor and stop any unsafe processes that are running on their system.</li> <li data-xf-list-type="ul"><strong>Malware scanner</strong> – Fully customizable scanner capable of unearthing and removing viruses, rootkits, hidden files and malicious registry keys hidden deep in your system.</li> <li data-xf-list-type="ul"><strong><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" />Autorun Analyzer</strong> – An advanced utility to view and handle services and programs that were loaded when your system booted-up.</li> </ul><p></p><p>CCE is a lightweight, portable application which requires no installation and can be run directly from removable media such as a USB key, CD or DVD. Home users can quickly and easily run scans and operate the software with the minimum of fuss. More experienced users will enjoy the high levels of visibility and control over system processes and the ability to configure customized scans from the granular options menu.</p><p></p><p></p><p></p><p><em><strong>DOWNLOAD LINK</strong></em></p><p></p><p><em><strong>COMODO CLEANING ESSENTIALS 8 ( 64 Bit )</strong></em></p><ul> <li data-xf-list-type="ul"><a href="http://www.mediafire.com/download/6klk1hm697p2uq1/Comodo_Cleaning_Essentials__8__%28_CCE_8_%29_x64.zip" target="_blank">Comodo Cleaning Essentials 8 ( CCE 8 ) x64.zip</a></li> <li data-xf-list-type="ul"><a href="https://onedrive.live.com/redir?resid=466C1F222B28E55D%21422&authkey=%21AD2c5h89z68d-ZY&ithint=file%2czip" target="_blank">Comodo Cleaning Essentials 8 ( CCE 8 ) x64.zip</a></li> <li data-xf-list-type="ul"><a href="http://%20https://mega.nz/#%21stEGmDRD%219s-1ZMI4K2foNudzBBybr2SnQEz0y1OrE756M8tdT_c" target="_blank">https://mega.nz/#!stEGmDRD!9s-1ZMI4K2foNudzBBybr2SnQEz0y1OrE756M8tdT_c</a></li> </ul><p></p><p><em><strong>COMODO CLEANING ESSENTIALS 8 ( 32 Bit )</strong></em></p><ul> <li data-xf-list-type="ul"><a href="http://www.mediafire.com/download/wn8s68sd8k7mgjz/Comodo_Cleaning_Essentials__8__%28_CCE_8_%29_x86.zip" target="_blank">Comodo Cleaning Essentials 8 ( CCE 8 ) x86.zip</a><br /> </li> <li data-xf-list-type="ul"><a href="https://onedrive.live.com/redir?resid=466C1F222B28E55D%21421&authkey=%21ACTD6mOm_ym04cY&ithint=file%2czip" target="_blank">Comodo Cleaning Essentials 8 ( CCE 8 ) x86.zip</a></li> <li data-xf-list-type="ul"><a href="http://%20https://mega.nz/#%21Zs91CQbK%21_Z4i_QBqyaBj-he96KeaTkp9yf4-cpApcChU0vXchqI" target="_blank">https://mega.nz/#!Zs91CQbK!_Z4i_QBqyaBj-he96KeaTkp9yf4-cpApcChU0vXchqI</a></li> </ul><p></p><p></p><p></p><p>Read about categories</p><p></p><ul> <li data-xf-list-type="ul"><a href="http://help.comodo.com/topic-119-1-328-3611-Introduction-to-Autorun-Analyzer.html" target="_blank">Comodo Cleaning Essentials Version 2.5,Introduction to Autorun Analyzer, Free Malware Removal</a></li> </ul><p></p><p></p><p></p><p></p><p><strong>Everything</strong> – Displays all the autorun items in the main display pane.</p><p>Logon – Displays only the autorun items identified from standard autostart locations such as the Startup folder for all users, the Registry Run keys, and standard application launch locations.</p><p><strong>Explorer</strong> – Displays only the Explorer shell extensions from various installed applications, browser helper objects (BHO), explorer toolbars, active setup executions and shell execute hooks.</p><p><strong>Internet Explorer</strong> – Displays only the BHOs, Internet Explorer toolbars and extensions.</p><p><strong>Scheduled Tasks</strong> – Displays the modules loaded by tasks and applications scheduled from Windows Task Scheduler.</p><p><strong>Services</strong> – Displays the modules loaded as Windows Services.</p><p><strong>Drivers</strong> – Displays only the kernel-mode drivers that are in currently enabled on the system.</p><p><strong>Codecs</strong> – Displays the autorun items loaded by various coders-decoders used for handling media files like audio and video files.</p><p><strong>Boot Execute</strong> – Displays the autorun items loaded by applications, services and commands executed during the time period between the system boot-up and the user log-on.</p><p><strong>Image Hijacks</strong> – Displays the modules loaded by image file execution options of various applications installed in your system. Most of the malware modify the image file execution options of a legitimate application and make themselves to run when the real application is started. Autorun Analyzer enables you to identify such illegitimate autorun items loaded by malware that affect the image file execution options of legitimate applications and to disable / remove them.</p><p><strong>AppInit</strong> – Displays the application initialization Dynamic Link Library (DLL) modules loaded as autorun items.</p><p><strong>KnownDLLS</strong> – Displays the DLL modules loaded by Windows for the start-up applications that reference those DLLs.</p><p><strong>Winlogon</strong> – Displays the DLL modules registered for Winlogon notification of logon events.</p><p><strong>Winsock Providers</strong> – Displays the DLL modules registered for Winsock protocols, including Winsock service providers.</p><p></p><p>An anti-malware software do not scan Winsock Service Providers as it is treated as a safe zone. Taking advantage of this, some malware enter into your system as a Winsock Service Provider. But Autorun Analyzer can identify the DLL modules loaded by Winsock Service Providers and notify you if they are untrusted. It also enables you to remove those untrusted modules from your system.</p><p><strong>Print</strong> – Displays the DLLs load into the print spoolers configured as services to start with Windows. Some malware find their entry through Print spooling service to start themselves automatically during system start-up.</p><p><strong>LSA Providers</strong> – Displays the DLL modules registered by Local Security Authority (LSA) authentication, notification and security packages.</p><p><strong>Network</strong> – Displays the DLL modules loaded by network connection services.</p><p></p><p></p><p>Its better that you do this in categories</p><p>If you are not able to delete some entries, just leave it.</p><p></p><p>Try to not delete entries by Publisher "<span style="color: #b30000">Microsoft Corporation</span>".</p><p></p><p><u><span style="color: #336600"><strong><span style="font-size: 18px"><em>DELETE ALL UNNECESSARY ENTRIES</em></span></strong></span></u></p><p></p><p>Start Autorun Analyzer</p><p></p><p></p><ul> <li data-xf-list-type="ul">In explorer shell extension entry , you can see Baidu entry with no Image path. Since the file does not exist in system the entry associated with must be deleted.</li> </ul><p></p><p></p><p>[ATTACH=full]21474[/ATTACH]</p><ul> <li data-xf-list-type="ul">Delete the entry</li> </ul><p>[ATTACH=full]21475[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Scheduled task</li> <li data-xf-list-type="ul">Below you can see one entry which has “image path” but there is no description or publisher.</li> <li data-xf-list-type="ul">You should look online for it.</li> <li data-xf-list-type="ul">The file “gathernetworkinfo.vbs” is safe so you don not need to delete it</li> </ul><p>[ATTACH=full]21476[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Here is driver entry with name "A2DDA" with “Image path” saying "File not found". It means the file in not there in the hard disk.<br /> </li> <li data-xf-list-type="ul">It can be deleted.</li> </ul><p>[ATTACH=full]21477[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Here is driver entry named "cleanhlp" for which the file does not exist . So its safe to delete the entry</li> </ul><p>[ATTACH=full]21478[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Again file not found in hard disk. It can be deleted.</li> </ul><p>[ATTACH=full]21479[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Here are two entries with o description & Publisher info. But the files exist in system and are safe.</li> <li data-xf-list-type="ul">So no need to delete it</li> </ul><p>[ATTACH=full]21480[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Here is codecs entry. Three entries are there with no file in hard disk.</li> <li data-xf-list-type="ul">So it can be deleted</li> </ul><p>[ATTACH=full]21481[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">Here again “file not found” . It can be deleted.</li> </ul><p>[ATTACH=full]21482[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">here again “File not found”. It can be deleted.</li> </ul><p>[ATTACH=full]21483[/ATTACH]</p><p></p><ul> <li data-xf-list-type="ul">here in LSA provider. Entry size is zero.</li> <li data-xf-list-type="ul">It can be deleted.</li> </ul><p><a href="https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7_19092014_002550.jpg" target="_blank"><img src="http://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7_19092014_002550.jpg?w=595&h=279" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><p></p><p></p><ul> <li data-xf-list-type="ul">Delete or Untick the entries for which “Image Path” shows “File not found”</li> </ul><p></p><p><a href="https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002016.jpg" target="_blank"><img src="https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002016.jpg?w=595" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><p></p><p></p><p></p><p><a href="https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002101.jpg" target="_blank"><img src="https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002101.jpg?w=595" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><p></p><p></p><p></p><p>Reboot when done</p></blockquote><p></p>
[QUOTE="viktik, post: 263821, member: 12848"] After installing/uninstalling few applications some entries gets left in startup that are not valid. These autorun entries causes delayed bootup or other error messages during bootup. There is no automatic cleaning tool. You need to do it manually. For that you need Comodo Cleaning Essentials. Comodo Cleaning Essentials (CCE) is a set of computer security tools designed to help users identify and remove malware and unsafe processes from infected computers. Major features include: [LIST] [*][B]KillSwitch[/B] – an advanced system monitoring tool that allows users to identify, monitor and stop any unsafe processes that are running on their system. [*][B]Malware scanner[/B] – Fully customizable scanner capable of unearthing and removing viruses, rootkits, hidden files and malicious registry keys hidden deep in your system. [*][B]:)Autorun Analyzer[/B] – An advanced utility to view and handle services and programs that were loaded when your system booted-up. [/LIST] CCE is a lightweight, portable application which requires no installation and can be run directly from removable media such as a USB key, CD or DVD. Home users can quickly and easily run scans and operate the software with the minimum of fuss. More experienced users will enjoy the high levels of visibility and control over system processes and the ability to configure customized scans from the granular options menu. [I][B]DOWNLOAD LINK[/B][/I] [I][B]COMODO CLEANING ESSENTIALS 8 ( 64 Bit )[/B][/I] [LIST] [*][URL='http://www.mediafire.com/download/6klk1hm697p2uq1/Comodo_Cleaning_Essentials__8__%28_CCE_8_%29_x64.zip']Comodo Cleaning Essentials 8 ( CCE 8 ) x64.zip[/URL] [*][URL='https://onedrive.live.com/redir?resid=466C1F222B28E55D%21422&authkey=%21AD2c5h89z68d-ZY&ithint=file%2czip']Comodo Cleaning Essentials 8 ( CCE 8 ) x64.zip[/URL] [*][URL='http://%20https://mega.nz/#%21stEGmDRD%219s-1ZMI4K2foNudzBBybr2SnQEz0y1OrE756M8tdT_c']https://mega.nz/#!stEGmDRD!9s-1ZMI4K2foNudzBBybr2SnQEz0y1OrE756M8tdT_c[/URL] [/LIST] [I][B]COMODO CLEANING ESSENTIALS 8 ( 32 Bit )[/B][/I] [LIST] [*][URL='http://www.mediafire.com/download/wn8s68sd8k7mgjz/Comodo_Cleaning_Essentials__8__%28_CCE_8_%29_x86.zip']Comodo Cleaning Essentials 8 ( CCE 8 ) x86.zip[/URL] [*][URL='https://onedrive.live.com/redir?resid=466C1F222B28E55D%21421&authkey=%21ACTD6mOm_ym04cY&ithint=file%2czip']Comodo Cleaning Essentials 8 ( CCE 8 ) x86.zip[/URL] [*][URL='http://%20https://mega.nz/#%21Zs91CQbK%21_Z4i_QBqyaBj-he96KeaTkp9yf4-cpApcChU0vXchqI']https://mega.nz/#!Zs91CQbK!_Z4i_QBqyaBj-he96KeaTkp9yf4-cpApcChU0vXchqI[/URL] [/LIST] Read about categories [LIST] [*][URL="http://help.comodo.com/topic-119-1-328-3611-Introduction-to-Autorun-Analyzer.html"]Comodo Cleaning Essentials Version 2.5,Introduction to Autorun Analyzer, Free Malware Removal[/URL] [/LIST] [B]Everything[/B] – Displays all the autorun items in the main display pane. Logon – Displays only the autorun items identified from standard autostart locations such as the Startup folder for all users, the Registry Run keys, and standard application launch locations. [B]Explorer[/B] – Displays only the Explorer shell extensions from various installed applications, browser helper objects (BHO), explorer toolbars, active setup executions and shell execute hooks. [B]Internet Explorer[/B] – Displays only the BHOs, Internet Explorer toolbars and extensions. [B]Scheduled Tasks[/B] – Displays the modules loaded by tasks and applications scheduled from Windows Task Scheduler. [B]Services[/B] – Displays the modules loaded as Windows Services. [B]Drivers[/B] – Displays only the kernel-mode drivers that are in currently enabled on the system. [B]Codecs[/B] – Displays the autorun items loaded by various coders-decoders used for handling media files like audio and video files. [B]Boot Execute[/B] – Displays the autorun items loaded by applications, services and commands executed during the time period between the system boot-up and the user log-on. [B]Image Hijacks[/B] – Displays the modules loaded by image file execution options of various applications installed in your system. Most of the malware modify the image file execution options of a legitimate application and make themselves to run when the real application is started. Autorun Analyzer enables you to identify such illegitimate autorun items loaded by malware that affect the image file execution options of legitimate applications and to disable / remove them. [B]AppInit[/B] – Displays the application initialization Dynamic Link Library (DLL) modules loaded as autorun items. [B]KnownDLLS[/B] – Displays the DLL modules loaded by Windows for the start-up applications that reference those DLLs. [B]Winlogon[/B] – Displays the DLL modules registered for Winlogon notification of logon events. [B]Winsock Providers[/B] – Displays the DLL modules registered for Winsock protocols, including Winsock service providers. An anti-malware software do not scan Winsock Service Providers as it is treated as a safe zone. Taking advantage of this, some malware enter into your system as a Winsock Service Provider. But Autorun Analyzer can identify the DLL modules loaded by Winsock Service Providers and notify you if they are untrusted. It also enables you to remove those untrusted modules from your system. [B]Print[/B] – Displays the DLLs load into the print spoolers configured as services to start with Windows. Some malware find their entry through Print spooling service to start themselves automatically during system start-up. [B]LSA Providers[/B] – Displays the DLL modules registered by Local Security Authority (LSA) authentication, notification and security packages. [B]Network[/B] – Displays the DLL modules loaded by network connection services. Its better that you do this in categories If you are not able to delete some entries, just leave it. Try to not delete entries by Publisher "[COLOR=#b30000]Microsoft Corporation[/COLOR]". [U][COLOR=#336600][B][SIZE=5][I]DELETE ALL UNNECESSARY ENTRIES[/I][/SIZE][/B][/COLOR][/U] Start Autorun Analyzer [LIST] [*]In explorer shell extension entry , you can see Baidu entry with no Image path. Since the file does not exist in system the entry associated with must be deleted. [/LIST] [ATTACH=full]21474[/ATTACH] [LIST] [*]Delete the entry [/LIST] [ATTACH=full]21475[/ATTACH] [LIST] [*]Scheduled task [*]Below you can see one entry which has “image path” but there is no description or publisher. [*]You should look online for it. [*]The file “gathernetworkinfo.vbs” is safe so you don not need to delete it [/LIST] [ATTACH=full]21476[/ATTACH] [LIST] [*]Here is driver entry with name "A2DDA" with “Image path” saying "File not found". It means the file in not there in the hard disk. [*]It can be deleted. [/LIST] [ATTACH=full]21477[/ATTACH] [LIST] [*]Here is driver entry named "cleanhlp" for which the file does not exist . So its safe to delete the entry [/LIST] [ATTACH=full]21478[/ATTACH] [LIST] [*]Again file not found in hard disk. It can be deleted. [/LIST] [ATTACH=full]21479[/ATTACH] [LIST] [*]Here are two entries with o description & Publisher info. But the files exist in system and are safe. [*]So no need to delete it [/LIST] [ATTACH=full]21480[/ATTACH] [LIST] [*]Here is codecs entry. Three entries are there with no file in hard disk. [*]So it can be deleted [/LIST] [ATTACH=full]21481[/ATTACH] [LIST] [*]Here again “file not found” . It can be deleted. [/LIST] [ATTACH=full]21482[/ATTACH] [LIST] [*]here again “File not found”. It can be deleted. [/LIST] [ATTACH=full]21483[/ATTACH] [LIST] [*]here in LSA provider. Entry size is zero. [*]It can be deleted. [/LIST] [URL='https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7_19092014_002550.jpg'][IMG]http://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7_19092014_002550.jpg?w=595&h=279[/IMG][/URL] [LIST] [*]Delete or Untick the entries for which “Image Path” shows “File not found” [/LIST] [URL='https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002016.jpg'][IMG]https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002016.jpg?w=595[/IMG][/URL] [URL='https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002101.jpg'][IMG]https://cyberraiden.files.wordpress.com/2014/09/comodo-autoruns-7-remove-invalid-entries_20092014_002101.jpg?w=595[/IMG][/URL] Reboot when done [/QUOTE]
Insert quotes…
Verification
Post reply
Top