Protect Yourself From Tech Support Scams
May 11, 2020
Protect Yourself From Tech Support Scams
Tech support scams are an industry-wide issue where scammers trick you into paying for unnecessary technical support services. Additionally, some scammers may try to identify themselves as a Microsoft MVP.
Using Explorer, if you take a look in c:\documents and setings\shancey\application data, do you see the file called crobco.dll or do you not see it?
Since it does not get any hits that make sense in a Google search, that makes it suspicious.
I would use Autoruns to locate and Disable the startup item. Disabling a startup item does not delete or uninstall anything - it just disables it.
Reboot and see how things look.
Run for a while until you are comfortable that all your stuff works without it, then you can use Autoruns to delete the offending startup entry.
It is sometimes easy to get rid of the error message by doing something like disabling the startup item in msconfig (if you can even find it), but I suggest you fix the problem and not just fix the symptom of the problem by merely eliminating the startup
I would also not recommend that you start poking around in the registry to try and find the startup item and remove it unless you have a backup of your system or at least a backup of your registry since there is no "undo" or "quit without saving" option
in regedit. If you make a mistake, that's it.
Those ideas offer "quick" and sometimes risky relief of the symptom if they even work at all, but they may not actually fix the problem. I would also be wary of ideas that begin with the words "try". You do not need to try things, you need to fix things.
You don't need to try ideas that might work, you need to do something that is always going to work all the time.
Here are comprehensive instructions that will keep you safe and resolve your issue the "right" way.
There are very few .DLL files that should be loaded from the C:\WINDOWS folder and that is not one of them. If you can't find a good explanation for the file name in a Google search, chances are good that your system is now or has been infected with malicious
A "Cannot find...", "Cannot start..., "Cannot load...". "Could not run..." Cannot run" "Error loading..." or "specific module could not be found" message at startup is usually related to malware that was set to run at startup but the referenced file(s)
has been deleted after a malware scan leaving behind a registry entry or startup item pointing to a file that does not exist.
It could be from a malicious software removal or an uninstalled application. The entry may have a curious looking name since it was probably generated at random when the malware was installed. If you search your system for the referenced file, you may
not even find it.
Windows is trying to load this file but cannot locate it since the file was mostly likely removed during a scan for malicious software. However, an associated orphaned startup parameter or registry entry remains and is telling Windows to load the file
when you boot up or login.
You need to remove the referenced entry so Windows stops trying to load or run the file. It may or may not be in the registry but you can find it. Autoruns (see below) will find the item no matter where it is.
You need to be sure to fix the problem and not just fix the symptom of the problem by simply relieving your system of the displaying message - that is not a fix (there is a difference).
If you just locate and uncheck the item in msconfig, that disables the item but does not remove the reference to the bogus startup item from your computer. The msconfig program is not a startup manager, it is a troubleshooting tool. Disabling things
in msconfig to put a stop to the messages and thinking your problem is resolved is short sighted and leaves behind a sloppy XP configuration. Merely disabling the display of a startup error message should not count as a "solution" to the problem.
If you are comfortable editing the registry you can search for and remove the reference directly from there or remove it using a popular third party tool called Autoruns. The problem may not always be found in the registry though.
Before making any changes to your registry by hand or with third party tools, be sure to make a backup of the registry first. There is no undo or quit without saving option in regedit.
You can also use Autoruns to find the leftover startup item no matter where it is hiding. Autoruns does not install anything on your computer. It will display all of the startup locations where the reference might be so you can disable it or delete it
completely. Here is the download link for Autoruns:
Launch Autoruns.exe and wait for it to finish populating the list of entries.
When Autoruns is finished scanning your system, it will say "Ready" at the bottom left corner. Autoruns can be a little intimidating at first if you have never see it before since it displays a lot of information. You are really only interested in a
The problem item is usually in the system startup or user startup entries so click the Logon tab and see if the startup item is there.
Scroll through the list and look for a startup entry related to the file(s) in the error message.
If you don't find it in the Logon tab, look for it in the Everything tab.
You can also click File, Find to search the Logon or Everything tab for all or part of the name of the item.
Right-click on the offending entry and choose to delete it. If you are not sure what it is, you can just disable it (uncheck the entry), reboot and if the issue is resolved and things are running normally and everything is working okay, then delete the
offending entry. If you don't see it in Autoruns you may have to edit the registry and remove the item from the Startup folder there. Autoruns should display the same information though.
Since your system has or has had an infection, follow up with this:
Perform some scans for malicious software, then fix any remaining issues:
No matter what else you are using for malicious software protection, do this:
Download, install, update and do a quick scan (not at the same time) with these free malware detection programs: