We help IT Professionals succeed at work.

Should I run ComboFix?

3,556 Views
Last Modified: 2013-12-06
I'm problems with my desktop computer. The applications are extremely slow. I ran PC Tools and it found some spyware on it. I clean that off and it didn't really help. I'm including a Hi Jack This log. I'm wondering if I should now run ComboFix on it.
hijackthis-desktop.txt
Comment
Watch Question

Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
You are running an awful lot of applications, but they all are geared towards your Media Center.  Nothing seems to be obvious malware.  How much memory is in this computer?  Have you installed Service Pack 3?  --- You may need to upgrade your memory to a Gigabyte and perhaps clean out some of your startup applications.

Do you use you modem?  If not, removing the modem will eliminate the need for the modem's software (AGRSMMSG.exe).
Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
You are running the Yahoo Toolbar and Google Toolbar.  If you do not use them both, uninstall the one you do not use to free up some resources.
Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
Just running through your HiJack log again.  You should uninstall MyWebSearch.  This can usually be done through Add/Remove programs.  Then rerun Hijackthis and tell it to fix any remaining parts of MWSBAR (My Web Search Bar).
Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
Are you using Microsoft Messenger (Instant Messenger)?  If not, double-click the icon in the system tray.  Go into Preferences and deselect Start with Windows and Run in Background.  Close the program and it should stop running at startup.

Author

Commented:
Okay, I just checked and I'm using service pack 2. So you're saying I should upgrade to service pack 3, right. And I only have 512k RAM. I know for myself that's not enough. Are they pretty much plug and play. Meaning once I install it, I can turn the computer back on and it will recognize there's more RAM? I don't have anything called MyWebSearch installed. So I'll have Hijackthis fix this. I'm not using Microsoft Messenger, I'm glad I now know how to get rid it that.

So I'm off to the store for some ram. I'll let you know my out come soon.
CERTIFIED EXPERT
Top Expert 2007

Commented:
My pc only have 512mb of RAM and with SP2 and my programs runs well.
The programs that installed there could play a part of the slowing down as already been suggested uninstall those that aren't needed, toolbars etc.

Not all nasties will show up in the Hijackthis scan. I would do an online scan with kaspersky to check if it finds anything(if you don't run combofix)

More RAM will certainly boost the performance so it's a good thing, as long as no new problems created.

Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
Sorry - no - I am not suggesting to Install Service Pack 3.  We need to address the issue first, then perhaps upgrade.  The service pack level indicates the minimum memory needed for best operation.  512MB is borderline for SP2 on XP Media Center - Upgrading to 1 GB would make a difference.
Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
It is not a bad idea to boot into Safe Mode and run ComboFix.

Author

Commented:
I haven't abandon this question, I'm still trying to get my computer back to normal. I didn't purchase more RAM yet. I did run Kaspersky online scan and if found two infections so I ran ComboFix. It never produced a log. So I'm not sure if it cleaned it up or not. I'm going to run Kaspersky again and see if it detects anything again. It's still running slower than usual.

Brenda
Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
Did you run ComboFix from safe mode?  It works best in normal mode, but it is sometimes necessary to do it from safe mode.
CERTIFIED EXPERT
Top Expert 2007

Commented:
running combofix in  Normal mode should be okay as that's the mode the author recommends the tool to be run.

Can we look at the combofix log? sometimes there are bd files that CF doesn't remove which shows in the logfile.

If the slowdown is not caused by any software installed in the system, rootkits or some hidden nasties also caused slowdowns.

Author

Commented:
Okay I ran combFix again and here's the log.
log.txt

Author

Commented:
I added a new printer before I started having problems. Do you think that could have something to do with the system slow down. I still have my old printer attached as well. I want to use both. Both printers are HP Photosmart just different models printers.
CERTIFIED EXPERT
Top Expert 2007

Commented:
Combofix had deleted a lot of bad files there, Alcan worm and others, but still some left which belonging to a Lop infection.

1. Open Notepad.
2. Now copy/paste the text between the lines below into the Notepad window:
------------------------------------------------------------------------
File::
C:\WINDOWS\Tasks\2DA002641423ADAC.job
c:\docume~1\mrs~1.hal\applic~1\rdrsof~1\creative phone surf.exe

Folder::
c:\docume~1\mrs~1.hal\applic~1\rdrsof~1
------------------------------------------------------------------------

3. Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt into ComboFix.exe. This will start ComboFix again.



You might also like to do an online scan withKaspersky.
Using Internet Explorer, run Kaspersky Online Scanner
http://www.kaspersky.com/virusscanner
   
* Click 'Accept' in the window that pops up.
* You will be prompted to install an ActiveX component from Kaspersky, Click on the information bar and select Install ActiveX Control if so. This may happen more than once. That is OK. You also may get a warning from your Windows Firewall. You can tell it to unblock.
* The program will launch and then start to download the latest definition files.
* Once the scanner is installed and the definitions downloaded, click 'Next'.
* Now click on 'Scan Settings'
* In the scan settings make sure that the following are selected:
          o Scan using the following Anti-Virus database: 'Extended' (If available, otherwise 'Standard')
          o Scan Options: 'Scan Archives' and 'Scan Mail Bases'
* Click 'OK'
* Now under 'Select a target to scan' select 'My Computer'
* The scan will take a while, so be patient and let it run. Once the scan is complete, it will display whether your system has been infected.
* Now click on the 'Save Report As...' button:
* Make sure it says Save as a text file - change it if not
* Save the file to your desktop.
Delphineous SilverwingGood Ol' Geek
CERTIFIED EXPERT

Commented:
The HP photosmart printers add a lot of overhead (monitoring, update downloader, etc) to your machine.  Are you using both printer or did the one replace the other?  If you are only using the new printer, you might consider uninstalling all of the HP components to clean up the old stuff, then reinstall the driver/software for the new printer.

Be careful with some of the virus/anti-spyware scanners.  AVG gives a false positive for the HP updater application being spyware.

Author

Commented:
Okay I ran ComboFix with the attached file and then I ran Kaspersky and I've attached to two log files. Kaspersky seemed to have found something left.
About the printer, I plan to use both. But that did bring to mind that I should uninstall my scanner that I will no longer be using.
Kas-log.txt
log.txt
CERTIFIED EXPERT
Top Expert 2007
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.