Windows 7 Virus and Spyware removal guide Step # 5

Running the Cleaning Tools

All of these tools are Free and they work Great! Some of the tools do have Pay Versions. If you find a particular tool helpful and would like to utilize some of the extra features like active scanning for example, then please purchase a license.

The free tools are free, but some of the authors work because they love what they do. So if given the oppurtunity and you have found a particular tool helpful, then visit the authors site and click the Donate Button.

Continue to Step

1.) Super Anti Spyware
2.) Malware Bytes
3.) AVG Anti-Virus
4.) Spybot Search and Destroy
5.) TDDS Killer
6.)MS Security Essentials
7.) MS Windows Defender
8.) MS Malicious Software removal
9.) Process Explorer
10.) HiJack_This
11.) Trend Micro House Call
12.) McAfee Stinger
13.) ESET Online Scanner
14.) C-Cleaner
15.) UnHide
16.) Emsisoft
17.) Power Eraser – Symantic
18.) Norton removal tools

Super Anti Spyware

Download Super Anti Spyware

1.) Download Super Anti Spyware to the Cleaners folder on your desktop, then click on the “SuperAntiSpyware.exe” file

2.)Click “Next”

3.)Click “I Agree”

4.)Click “Next”

5.)Click “Next”

6.)Click “Next”

7.)Click “Finished”

8.)When the Updates are done Downloading, Click “Close”

9.)You will now see the main Super Anti Spyware screen

10.)Click “Check for Updates”

11.)Click “Close” when the updates are done

12.)Make sure the selected scan type is “Complete Scan”

13.)Now Click “Scan your Computer”

14.)Place a “check mark” in the box next to the drives you wish to scan and then click “Start Complete Scan”

15.)When the Scan is Complete Click “Continue”

16.)Then Click “Remove Threats”

17.) Then Clcik “OK”

18.) Click “Finished”

19.)Close Super Anti Spyware by clicking on the “X”

Malware Bytes

Download Malware bytes

1.) Download Malwarebytes into the cleaners folder on your desktop and the run the “MBAM-Setup-xxxxxx-xxx.exe” file

2.)Selct your Language and click “OK”

3.)Click “Next”

4.)Click on the “I Accept” radio button and the select “Next”

5.)Click “Next”

6.) Click “Next”

7.) Click “Next”

8.) Click “Next”

9.)Click “Install”

10.)Click “Finsh”

11.)Click “OK” This screen will dissappear

12.) Click “OK”

13.)Select “Decline”

14.)Click on the Update tab and then click“Check for Updates”

15.)Screen will disappear after checking for updates

16.) Click ‘OK”

17.)Click on the ”Scanner” Tab, choose “perform full Scan”, and then select “Scan”

18.)Select the Drive(s) you wish to scan, Usually just the C:\ drive. Click “Scan”

19.)You will not see the scanner, scanning the system.

20.) When the Scan completes you will receive this message Click “OK”

21.) If you have Detected Malware, Your Screen will look like this. Make sure all of the items you want to remove are checked, then selct “Remove Selected”

22.) Click “Yes”

23.) Click “Yes” to Restart.

AVG Anti-Virus

Download AVG Free Edition

1.)Download AVG Free Edition to the Cleaners folder on the desktop, and open the “AVG Free installer”

2.)Click “Accept”

3.)Select “Basic Protection”, then Click “Next”

4.)Click “Next”

5.) Click “Next”

6.)AVG will Start to Install

7.) Click “Finish”

8.)Click “Update Now”

9.)Click “Update”

10.)Click “Close”

11.) Repeat Steps 8, 9, and 10 until you get the message “Update Completed Successfully”

12.)Click “Scan Now”

13.)AVG will now scan your PC.

14.) When AVG Completes, You will see the results screen. When done viewing the results, Close AVG.

Spybot Search and Destroy

Download Spybot Search and Destroy

1.)Download Spybot Search and Destroy into the Cleaners folder on your Desktop, Run the SpyBotsdxxx installer

2.)Click “OK”

3.)Selct “Next”

4.)Select “Personal use and will decide later” and then selct “Next”

5.)Select ”Next”

6.)Select “I Agree” and Selct “Next”

7.)Select “Next”

8.)Select “Install”

9.)Spybot Search and destroy will start to load.

10.)Select all three Check Boxes and click “Allow Access”

11.) Click “Finish”

12.)Click “Close”

13.)Select the “Experienced User Mode”

14.)Select “Update”

15.) Select “Update”

16.) Spybot Search and destroy Will now Update

17.)When the Update finishes, All Items listed should now be Green, Close this window.

18.)Click “Scan the system”

19.)Click “Standard System Scan”

20.)Click “Yes”

21.)Spybot Search and destroy is now Scanning.

22.)When the Scanning is Complete, Just Click “OK”

23.)In the bottom right corner of this screen Click “Fix Above”

24.)When done fixing the selected issue’s the Item will UnCheck and turn green.

25.) Close Spybot Search and Destroy.

TDDS Killer

Download TDDS Killer

1.)download TDDS killer into the cleaners folder onto your desktop, then open “tddskiller.zip”

2.)Click on “TDSSKiller.EXE”

3.)Click “Run”

4.)Click “Load Update”

5.)This screen will disappear

6.)Click “Start Scan”

7.) The system will scan. This scan takes about two minutes.

8.)Click “Close” when Done

9.)Click “Close”

MS Security Essentials

Download Microsoft Security Essentials 32bit

Choose which version to Download and Install. You will need to determine whether you have a 32 bit or 64 bit Windows 7 operating system. The enus\amd64\mseinstall.exe is for 64 bit Windows 7 OS’s and the enus\x86\mseinstall.exe is for the 32 bit Windows 7 OS.

1.)Determine whether you have 32 or 64 bit OS by “Right Mouse” clicking on the Computer Icon

“Right Mouse” Click on the “Computer Icon” located on your desktop.

OR - Click on the “Start button Orb” and then “Right Mouse” Click on the “Computer Icon”

2.)Select “Properties”

3.)Look in the System section of the Screen, next to system type is the bit level your Windows 7 operates at. Close this Screen.

4.)Download the installer to the cleaners folder on your desktop.Click on the MSEInstaller.exe for a 32 bit systems or MSEInstaller64.exe for a 64 bit systems.

5.)Click “Next”

6.)Click “I Agree”

7.)Choose “I do not want to join the program at this time” and the Click “Next”

8.)Leave the Check mark in the check box and select “Next”

9.)Click “Install”

10.)MS Security Essentials will start to Install.

11.)Click “Finish”

12.)MS Security Essentials will now Update.

13.) MS Security Essentials will now Scan your PC.

14.)When the scan is complete, select “Clean Computer”

15.)MS Security Essentials will now remove any threats it has found.

16.) Close Security Essentials when Done.

Microsoft Windows Defender

Run Windows Defender – Windows Defender is built into Windows 7

1.)To start Windows Defender, Click the link Above, or click on “Start” then select “Control Panel”

2.)Locate (View by:) in the top right corner of the control panel window, If the (view) is on category, then change the view to Small Icons.

3.)Select “Small Icons”

4.)Then Click Windows Defender

5.)Click on the “Down Arrow” to the right of the Question Mark in the Blue Circle, and select “Check for Updates”

6.)Windows Defender will now Update.

7.)Click the “Down Arrow” next to the word “Scan” and choose “Full Scan”

8.)Windows Defender will now start to scan

9.)When Windows Defender finishes, Windows Defender will Show the scan results, you can now close Windows Defender

MS Malicious Software removal Tool

Download Microsoft Malicious Software Removal Tool

1.) Download The Microsfot Malicous Removal Tool to the cleaners folder on your Desktop, The Open the “Malicious software remova tool ***.exe”

2.) will now start to Install.

3.)Click “Next”

4.)Select “Full Scan” and the Click “Next”

5.) The Malicious Software Removal Tool will now Scan your System

6.)When the Microsoft Malicious Software removal tool finishes, The Windows will Close.

Process Explorer

Process Explorer, a powerful tool for inspecting and controlling processes, threads, loaded DLLs, and more, adds GPU utilization and memory monitoring on Vista and higher. It also adds the ability to restart services, has a smaller memory footprint, and has visually cleaner performance graphs. This application can be used to find the Source files for many malware type infections. Process Explorer can be used to find information about files that is not normally seen. This tool is for advanced users. This tool does not remove Malware, Spyware, or Viruses. I illustrate this tool to show some of many features that can be used to track down system issue’s. This is just a brief overview on some basic functions with-in Process explorer.

Download http://live.sysinternals.com

1.) Download Procexp.exe to the Cleaners Folder on your desktop.

2.)Open “Procexp.exe”

3.) When you open process explorer, a window will open that will look like this. This screen I Call the “Main Interface Screen” or “MIS”

4.) Getting familiar with Process Explorer as a tool may take a little bit of time. So let’s take a look at the some of the core components that will help you navigate around Process Explorer.

4A.)       Menu Bar

4B.)       Shortcut Bar

4C.)        System Information Bar

4D.)       Column Headers Bar

4E.)       MIS - Main Interface Screen

5.) What you are seeing on the “MIS” screen are a list of all of the applications and services that are currently running on your computer. Those processes and applications are listed under the column header of “Process”. Next to some of the processes are a “-“ sign and “+” sign. If you see a “-“ sign, this indicates that the process has been expanded to list any sub-processes that the primary process is using. The “+” sign indicates that there are sub-processes but, viewing the tree has not been expanded. So in short when you click on the “+” sign that will expand the process out so you can see the next item listed in that tree and the “-“ sign is used to collapse the tree view so you only see the primary process. Below is a sample of the wininit.exe service expanded one level and then the same process expanded even further.

6.) The Next column in the “MIS” is “PID”. PID is the Process Identifier. PID is extremely useful in enabling you to see which processes are running as part of the same instance. Meaning, if more than one application or service has the Same PID then that application or service are sharing the same SVCHost.exe service. SVCHost.exe service manages system services that run from dynamic link libraries (files with extension .dll). An example for SVCHost system services are: "Automatic Updates", "Windows Firewall", "Plug and Play", "Fax Service", "Windows Themes" and many more.
At startup, Svchost.exe checks the services portion of the registry and constructs a list of services that it needs to load. Under normal conditions, multiple instances of Svchost.exe will be running simultaneously. Each Svchost.exe session can contain a grouping of services, so that many services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

7.) The Next column in the “MIS” is “CPU”, CPU is Central Processing Unit, The CPU is the “Brain” of the Computer and is responsible for sending all of the information that your computer uses to the right places. As you use different applications or services the CPU will process the functions of that application or service. When those functions are being processed, those functions utilizes certain percentages of the available threads on the processor. An application or service will always utilize some percentage of the CPU and then when that service or application is no longer loading, they will release the portion of the CPU they were using. By releasing the area of the CPU they were using, this will now free up those threads for other application and services to use. Process Explorer is extremely useful in identifying those applications or services that are not releasing CPU usage.

8.) The Next column(s) in the “MIS” is “Private Bytes” and “Working Set”. Private Bytes and Working set both refer to memory utilization. Each application and service uses your systems memory as a temporary storage place for information that needs to get processed by the CPU. This is why if you install more memory into your system the better the system will run. The difference between Private Bytes and Working set is that the Private Bytes is the amount of memory your system reserves for a specific applications or service where Working Set is the amount of memory that an application or service is currently using.

9.) The Last column(s) in the “MIS” are “Description” and “Company Name”. The Description Column just describes the function of the application or service. Not all application or services have a description. The Company Name is the name of the company the wrote that particular application or service.

10.) You can change all of the column information to view specific information based on what you may be looking for. For instance the default MIS options is on the “Process Image” Tab. You can change this view to see items additional items that relate to performance, I/O, GPU, Handles, DLL, .Net, Memory, Disk, and Network Utilization. To add or remove different views within the MIS;

Click “View” on the menu Bar

Then choose “Select Columns….” From the drop down list.

11.) Choose which MIS options you’d like to view, simply by clicking on the tab of interest, and choose your options.

12.)Here is a collage of “MIS” Views and options in which you can choose for the “MIS”

13.) Once you have chosen your views, the options you selected will now be on the “MIS” Screen.

14.) A couple of quick things that Process Explorer can do for you are: Create a dump file for a single process, provide detailed information on specific services, view all of the files one service uses to run, and finally show source file locations for applications and services, which is great for Malware infested PC’s

To create a dump file for a specfic application or service, simply “right mouse” click on a application or service in the MIS and choose to create either a full or mini dump for that service. This will create a log file that can be helpful in tracking down application or service related issues as well as debug them.

To view specific application or service information, just “right mouse” click on the service or application and choose “properties” and you can view details information about that application or service just by navigating around the Tabs.

To view all of the dependency files that an application or service uses to run. Click on “VIEW” in the menu bar, then choose “Show Lower Pane”, the click on ”View” and choose whether you want to view the DLL’s or the Handles

The Shortcut Bar gives you mouse over options to quickly do a number of views for you.

One of the most useful tools is the Find Windows Process button which is located in the shortcut bar. This “target” button can be dragged onto of any open application and the service or file that the application is running will get highlighted in the “MIS” window. I recently used this to Identify the source file location for a PC infected with Fakeware.

Find the “Find windows Process” button then click and hold the left mouse button and drag the “target” over the error message the user is getting. This will Identify the running process

16.) In Process Explorer, Double click on the process that is now bolded, This will show you the file name and path that will need to be removed.

HiJackThis

Download HiJackThis

1.) Download HiJackThis into the cleaners folder onto your desktop, then open

2.)Click “I Accept”

3.)Click “Do a system Scan Only”

4.) What you see in this list are all of the Internet Explorer web browsing setting and configuration stored in the registry of your PC. These setting specify what your default search engine is, Any addons that you might have installed, Browser helper objects, toolbars, and Items that start when your PC Starts.What you are looking for in here is anything that might stand out as an obvoius PC Infections. If unsure what to do , I recommend that you post the results of theHiJackThis log file to a Technical Solutions forum board like Experts-Exchange.com and people there will look at the log file and guide you on which items should be removed. In most cases even if you make a mistake and checkmark and remove something you did not want to, The reality is your system will not stop working. Infact in most cases you can remove everything (Not recommending or suggesting that you do)in the scan results and you system would most likely be just fine.

The Folks at TrendMicro say:

Analyzing your HijackThis Log
Many popular support forums on the web provide free technical assistance by using your HijackThis log file to help you analyze and fix what may be wrong with your computer.
If you are not a professional user Trend Micro encourages you to submit your log file to one of the HijackThis forums.
Every forum has its own rules. Be sure to read the forum rules before posting your HijackThis log file.
HijackThis forums are an amazing community of people willing and able to help individuals with malware problems on their computers.
IMPORTANT: Please submit your HijackThis log to only one forum.

Do not change any settings if you are unsure of what to do. Visit one of the HijackThis forums.

HijackThis inspects your computer browser and operating system settings to generate a log file of the current state of your computer.
Using HijackThis you can selectively remove unwanted settings and files from your computer.
Because the settings identified in a HijackThis log file can belong to both legitimate software and unwanted malware it is important to use extreme caution when selecting to removing anything using HijackThis.

Here is a list of technical forums you can join and submit a HiJackThis Log to:

5 Star Support Forums

Gladiator Security Forums

5.) So being properly warned if you want continue, this is what you do. Find Items that you would like to remove and click in the box next to the item.

6.)Here, I have selected some Items that I do not want starting when starting my PC, Additional Item you may want to look for are Toolbars, Missing file, or bad links. By removing Items from this list, you are not deleting any applications, files or programs, instead you are just removing registry keys pointers that automatically enable a potentially unwanted application or service from loading when your PC starts.

7.)Click “Fixed Checked”

8.) Click “Yes”

9.) You are done, You can Re-Scan the system by Clicking on “Scan” again or just exit the HiJackThis application.

11.)Some Additional tools exist with-in HiJackThis and they can be quite usefull. To access the additional tools, Click “Config”

12.)Shown Here is the Main Window which shows you your current Internet Explorer default information. You can change your default home page(start page) amungst other other options.

13.)On the Backups Tab, you can restore anything that you may have checked and removed earlier. If you’d like to restore and entry, just put a check mark in the check box next to the entry that needs restoring and click Restore,

14.)On the Misc Tools Tab there are four tools of interest. Proceess Manager, Host File Manager, Startup list Log, and Uninstall manager.

15.)”Process manager”, like Task Manager, Shows all of the running processes on your computer. If you select the Show Dll’s option, you can select anyone of the processes and see what dll’s are running in conjunction with a process or application. This tool will also allow you end or “kill” the process. To kill a running process, Click the process you’d like to end, When that process in highlighted, Click on the” Kill Proccess” button at the bottom of the screen.

16.)The “Host file Manager” will show you your host file on the PC. This is where a lot of “browser hijacks’ attack and then the hijack writes and stores information to redirect you to unwanted web pages. If you Host file look like what is in this screen shot then your are good. If you have addition entries other than what is seen here, Highlight the entry and then Click Remove Entry. Be carefull not to delete # ::1 localhost or any entries above that line.

17.)Opening the “Startup List log” is a great tool for identifying problem a user may be having when the Operating Systems load or tracking down Malware and Viruses that may be loading as your PC restarts.

18.)The “Add/ Remove Programs Manager” is an excellent tool for un-installing applications that do not show up in the Add/remove list of the Windows 7 OS, So using this tools may allow to un-install applications that may be hiding the fact that the application is actually installed.

Trend Micro House Call

Download House Call from Trend Micro

1.)Choose the version that is needed for your Windows 7 version

2.)Download Trend Micro House Call into the Cleaners folder on your desktop, then Open “HousecallLauncher.exe” or “HousecallLauncher64.exe” depending on the Windows 7 version you are running.

3.)Click “Run”

4.)Trend Micro HouseCall will automatically update itself.

5.)Select “I Accept” and then Click “Next”

6.)Click on “Settings” located underneath the Scan Now Button

7.)Choose “Full system scan” and then Click “OK”

8.)Click “Scan Now”

9.)Trend Micro House Call will now begin to scan.

10.)When the scan Finishes, Click “Close”

McAfee Stinger

Download Stinger

1.) download Stinger into the cleaners folder onto your desktop, then open “Stinger_xxxx-xx.exe”

2.)Click “Scan now”, and Stinger will start to Scan.

3.)When Stinger is complete, “Close” the window.

ESET SysInspector

1.) Go To http://www.eset.com to use the Online Virus and Malware Scanner located here http://www.eset.com/us/online-scanner. This site can be used to run Specific Virus Cleaner removal tools or do a Virus Scan on your PC for an unknown threat.

2.) Click “Eset Online Scanner”

3.) Check the “YES, I Accept the terms of Use” check box and then Click “Start”

4.) Notice the yellow bar appear at the top of the screen.

5.) .) Right mouse click on the yellow bar that appears ontop of the screen and select “Install This Add-on for All User on this Computer”

6.) Click “Retry” if you receive the following screen.

7.)Click “Install”

8.)Click “Start”

9.)The Scanner will down the scanning database.

10.) Then the Scanner will begin to scan.

11.)Select “Uninstall on Close” and the Select “Finish”, Close the next windows that appears.

C-Cleaner

Download CCleaner

1.)Download and run the”CCsetupxxx.exe”

2.)Selcect “OK”

3.)Click “Next”

4.)Click “I Agree”

5.)”UnCheck” the bottom three optionsand then Click “Next”

6.)”Un-Check” the install google tool bar options and then Click “Install”

7.)Click “Finish”

8.)Click “NO”

9.)Click on “Analyze” when CCleaner is done analyzing your system Click “Run Cleaner“

10.)Click “OK”

11.) The files will start to delete. When the files are done removing Repeat steps 9 and 10 until no more files are found.

12.)Click On “Registry” on the left hand side of the screen,then select “Scan for Issues” when the scanner finishes select “Fix Selected Issues”

13.)Click “NO”

14.)Select “Fix All Selected Issues”

15.)Repeat Steps 12, 13, and 14 until no more issues are found.

UnHide

Download Unhide

Unhide.exe should only be used if in the case where a serious virus and malware infection has occurred and those malware infections caused your desktop and programs icons to disappear. Unhide does not clean any viruses or malware. Instead Unhide.exe is used to restore file attributes that have been changed as a result of a virus or malware infection. If you find that your icons from your start menu, documents folder, desktop, and explorer seem to be missing then run Unhide.exe.

1.)Download unhide.exe into the cleaners folder onto your desktop, Click “Unhide.exe”

2.) This windows will appear, this usually take about 10 minutes.

3.)When Unhide finishes, Click “OK”

4.)All Unhide.exe screens will dissappear, “DONE”
Emisoft

Download Emsisoft

http://www.emsisoft.com/en/software/eek/

1.)Download EMSIsoft Emergency Kit.zip to the cleaners folder on your Desktop. Open the zip file.

2.)Click “Extract all files”

3.)Click “Extract”

4.)The File will start to Copy

5.)Click on the “Run folder” and open “a2emergencykit.exe”

6.)Click “Run”

7.)Click “Yes”

8.) An Update Will Run

9.)Click “Menu” the Click “Scan PC”

10.)Choose “Deep Scan” and the Click “Scan”

11.) You system is now being Scanned.

12.)When the Scan is Complete, Place a Checkmark next to the Items you’d like to remove and select “Delete selected Objects”

13.)Click “Yes”

14.)Close “Emsisoft”

Power Eraser – Symantic

Download http://liveupdate.symantec.com

Only Use Norton power Eraser a s a last resort tool for removing files from an infected PC.

Symantec Says:

“Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully.”

1.)Open “Norton Power Eraser”(NPE.exe)

2.)Click “I Accept”

3.)If you get the following message, just click on the word “here”

4.)Click “Scan”

5.)Click “Continue”

6.)Norton power Eraser will now begin to Scan.

7.)If Norton Power eraser finds suspicious files, you can Scan each file found to see if it has know signatures, before fixing the file. If the result of the scan is “No known Signatures” uncheck the Fix CheckBox. You only want to fix files that have known signatures.

8.)Check the files you wish to Scan and click “Scan” and the say “Yes”

9.)When complete, If you choose to Fix the File(s) then place a checkmark next to the files you wish to Fix

10.)Click “Fix”

11.) This will create a restore point incase you Fixed the wrong file

12.)Click “Restart”

Norton removal tools

Download Symantec Norton Antivirus and Internet Removal tools

I post a link to Symantic removal tools, because in some cases, When a browser hijack occurs, The browser hijack interferes with the Internet security piece with-in the OS. This may require a user to Un-install Norton Anti-Virus or Security Suite. I some cases the Norton Security Suite and Anti-Virus does not Un-Install completely clean. Symantec has made removal tools specifically to remove there software cleanly.

I have also found an Older tool Called RNIS.EXE (Remove Norton Internet Security) as a great tool for resetting the protocol Stack for computers that have a browser Hijack.
Safe Mode

1.) To bring your Windows 7 computer into Safe Mode, here’s what you need to do.

2.) Turn the Computer Off

3.) While the computer is Turned Off, find the F8 key on your Keyboard.

4.) Power the PC back ON, as soon as you power the PC back on, start tapping the F8 key until you see the Advanced Boot Menu Options Screen. If you do not get this screen you will need to power off the PC and repeat step 3.

5.)Using the Arrow Keys on your Keyboard, Move the highlighting bar until “Safe Mode” is highlighted, Then hit the Enter Key Twice.

3.)You should now get a screen that looks like this. Wait three or four minutes and then Login.

4.)When the system is loaded into safe mode, You will see the word Safe Mode in the four corners of the screen, You resolution will be set very minimal

5.)When done in safe Mode, Simply restart your computer.

Removing unwanted programs

1.) Click on “Start”

2.)Click “Control Panel”

3.) Click on “Programs and Features”

4.) Select “Uninstall a program”

5.)Highlight the program you want to Un-Install, then Select the Uninstall button.

6.)Follow the Prompts to complete the application Un-Install.

MsConfig

Using MSConfig

1.)Click on the “Start Button”

2.)Type in the Windows search enging box “MsConfig” then hit the “Enter” Key or Double click msconfig.exe from the menu.

3.)Click on the “Startup Tab” and unselect applications that you do not want running on startup.

4.)IMPORTANT
IMPORTANT IMPORTANT YOU MUST READ THIS BEFORE CONTINUING

Click on the “Services” TAB, Before you do anything you must click the “Hide all Microsoft services” before continuing.

Once you have selected the “Hide All Microsoft services” as seen in this screen shot, You can now un-check the service or services you not want to start automatically when windows starts.

5.)Click “Apply” and “OK” and the “Restart”

Adjusting Virtual Memory

To adjust Virtual Memory

1.) To adjust the virtual memory , Click On “Start”
“Right mouse” Click on “Computer”
Select “Properties” from the drop down menu
Click on the “Advanced System Settings” link on the left
Click on the “Advanced” Tab and the select “Settings” in the performance section.
Click on the “Change” button in the Virtual memory section
Unselect the “Automatically managed page file size for all drives”
Choose “Custom Size” The Initial size should about twice the amount of RAM your system has installed and the Maximum size should be twice the Initial Size.
When you are done Click “Apply” and the “OK”