Laballa1
asked on
Should I run ComboFix?
I'm problems with my desktop computer. The applications are extremely slow. I ran PC Tools and it found some spyware on it. I clean that off and it didn't really help. I'm including a Hi Jack This log. I'm wondering if I should now run ComboFix on it.
hijackthis-desktop.txt
hijackthis-desktop.txt
You are running the Yahoo Toolbar and Google Toolbar. If you do not use them both, uninstall the one you do not use to free up some resources.
Just running through your HiJack log again. You should uninstall MyWebSearch. This can usually be done through Add/Remove programs. Then rerun Hijackthis and tell it to fix any remaining parts of MWSBAR (My Web Search Bar).
Are you using Microsoft Messenger (Instant Messenger)? If not, double-click the icon in the system tray. Go into Preferences and deselect Start with Windows and Run in Background. Close the program and it should stop running at startup.
ASKER
Okay, I just checked and I'm using service pack 2. So you're saying I should upgrade to service pack 3, right. And I only have 512k RAM. I know for myself that's not enough. Are they pretty much plug and play. Meaning once I install it, I can turn the computer back on and it will recognize there's more RAM? I don't have anything called MyWebSearch installed. So I'll have Hijackthis fix this. I'm not using Microsoft Messenger, I'm glad I now know how to get rid it that.
So I'm off to the store for some ram. I'll let you know my out come soon.
So I'm off to the store for some ram. I'll let you know my out come soon.
My pc only have 512mb of RAM and with SP2 and my programs runs well.
The programs that installed there could play a part of the slowing down as already been suggested uninstall those that aren't needed, toolbars etc.
Not all nasties will show up in the Hijackthis scan. I would do an online scan with kaspersky to check if it finds anything(if you don't run combofix)
More RAM will certainly boost the performance so it's a good thing, as long as no new problems created.
The programs that installed there could play a part of the slowing down as already been suggested uninstall those that aren't needed, toolbars etc.
Not all nasties will show up in the Hijackthis scan. I would do an online scan with kaspersky to check if it finds anything(if you don't run combofix)
More RAM will certainly boost the performance so it's a good thing, as long as no new problems created.
Sorry - no - I am not suggesting to Install Service Pack 3. We need to address the issue first, then perhaps upgrade. The service pack level indicates the minimum memory needed for best operation. 512MB is borderline for SP2 on XP Media Center - Upgrading to 1 GB would make a difference.
It is not a bad idea to boot into Safe Mode and run ComboFix.
ASKER
I haven't abandon this question, I'm still trying to get my computer back to normal. I didn't purchase more RAM yet. I did run Kaspersky online scan and if found two infections so I ran ComboFix. It never produced a log. So I'm not sure if it cleaned it up or not. I'm going to run Kaspersky again and see if it detects anything again. It's still running slower than usual.
Brenda
Brenda
Did you run ComboFix from safe mode? It works best in normal mode, but it is sometimes necessary to do it from safe mode.
running combofix in Normal mode should be okay as that's the mode the author recommends the tool to be run.
Can we look at the combofix log? sometimes there are bd files that CF doesn't remove which shows in the logfile.
If the slowdown is not caused by any software installed in the system, rootkits or some hidden nasties also caused slowdowns.
Can we look at the combofix log? sometimes there are bd files that CF doesn't remove which shows in the logfile.
If the slowdown is not caused by any software installed in the system, rootkits or some hidden nasties also caused slowdowns.
ASKER
Okay I ran combFix again and here's the log.
log.txt
log.txt
ASKER
I added a new printer before I started having problems. Do you think that could have something to do with the system slow down. I still have my old printer attached as well. I want to use both. Both printers are HP Photosmart just different models printers.
Combofix had deleted a lot of bad files there, Alcan worm and others, but still some left which belonging to a Lop infection.
1. Open Notepad.
2. Now copy/paste the text between the lines below into the Notepad window:
-------------------------- ---------- ---------- ---------- ---------- ------
File::
C:\WINDOWS\Tasks\2DA002641 423ADAC.jo b
c:\docume~1\mrs~1.hal\appl ic~1\rdrso f~1\creati ve phone surf.exe
Folder::
c:\docume~1\mrs~1.hal\appl ic~1\rdrso f~1
-------------------------- ---------- ---------- ---------- ---------- ------
3. Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt into ComboFix.exe. This will start ComboFix again.
You might also like to do an online scan withKaspersky.
Using Internet Explorer, run Kaspersky Online Scanner
http://www.kaspersky.com/virusscanner
* Click 'Accept' in the window that pops up.
* You will be prompted to install an ActiveX component from Kaspersky, Click on the information bar and select Install ActiveX Control if so. This may happen more than once. That is OK. You also may get a warning from your Windows Firewall. You can tell it to unblock.
* The program will launch and then start to download the latest definition files.
* Once the scanner is installed and the definitions downloaded, click 'Next'.
* Now click on 'Scan Settings'
* In the scan settings make sure that the following are selected:
o Scan using the following Anti-Virus database: 'Extended' (If available, otherwise 'Standard')
o Scan Options: 'Scan Archives' and 'Scan Mail Bases'
* Click 'OK'
* Now under 'Select a target to scan' select 'My Computer'
* The scan will take a while, so be patient and let it run. Once the scan is complete, it will display whether your system has been infected.
* Now click on the 'Save Report As...' button:
* Make sure it says Save as a text file - change it if not
* Save the file to your desktop.
1. Open Notepad.
2. Now copy/paste the text between the lines below into the Notepad window:
--------------------------
File::
C:\WINDOWS\Tasks\2DA002641
c:\docume~1\mrs~1.hal\appl
Folder::
c:\docume~1\mrs~1.hal\appl
--------------------------
3. Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt into ComboFix.exe. This will start ComboFix again.
You might also like to do an online scan withKaspersky.
Using Internet Explorer, run Kaspersky Online Scanner
http://www.kaspersky.com/virusscanner
* Click 'Accept' in the window that pops up.
* You will be prompted to install an ActiveX component from Kaspersky, Click on the information bar and select Install ActiveX Control if so. This may happen more than once. That is OK. You also may get a warning from your Windows Firewall. You can tell it to unblock.
* The program will launch and then start to download the latest definition files.
* Once the scanner is installed and the definitions downloaded, click 'Next'.
* Now click on 'Scan Settings'
* In the scan settings make sure that the following are selected:
o Scan using the following Anti-Virus database: 'Extended' (If available, otherwise 'Standard')
o Scan Options: 'Scan Archives' and 'Scan Mail Bases'
* Click 'OK'
* Now under 'Select a target to scan' select 'My Computer'
* The scan will take a while, so be patient and let it run. Once the scan is complete, it will display whether your system has been infected.
* Now click on the 'Save Report As...' button:
* Make sure it says Save as a text file - change it if not
* Save the file to your desktop.
The HP photosmart printers add a lot of overhead (monitoring, update downloader, etc) to your machine. Are you using both printer or did the one replace the other? If you are only using the new printer, you might consider uninstalling all of the HP components to clean up the old stuff, then reinstall the driver/software for the new printer.
Be careful with some of the virus/anti-spyware scanners. AVG gives a false positive for the HP updater application being spyware.
Be careful with some of the virus/anti-spyware scanners. AVG gives a false positive for the HP updater application being spyware.
ASKER
Okay I ran ComboFix with the attached file and then I ran Kaspersky and I've attached to two log files. Kaspersky seemed to have found something left.
About the printer, I plan to use both. But that did bring to mind that I should uninstall my scanner that I will no longer be using.
Kas-log.txt
log.txt
About the printer, I plan to use both. But that did bring to mind that I should uninstall my scanner that I will no longer be using.
Kas-log.txt
log.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you use you modem? If not, removing the modem will eliminate the need for the modem's software (AGRSMMSG.exe).