Please review logs...

insan_art · Jun 2, 2009

Hello again Major Geeks!

This time I'm working on a friend's laptop and desktop. This thread is regarding the laptop (desktop thread will follow shortly when I'm done scanning).

Laptop Specs:
Gateway MX6025
Windows XP Home
Celeron M
248MB RAM

When I first started, the system was SUPER slow and something was blocking the internet. After going through just the house cleaning ("basic maintenance") the internet came back and things got much faster (I was actually able to come here to download a few of the utilities I forgot!). Still has some ticks tho. Ran SAS, MBAM, ComboFix and MGtools with absolutely no problems. The logs are attached. Please let me know what else needs to be cleaned up on this machine!

Thanks!

TimW · Jun 3, 2009

Your logs are clean....but there is no way this computer will ever "zip along."

Total Physical Memory 256.00 MB
Available Physical Memory 33.69 MB

Not with AVG8 on it and that little amount of RAM.

Run this: Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

If you are not having any other malware problems, it is time to do our final steps:

We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /u

Notes: The space between the combofix" and the /u, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

Delete the C:\combofix folder from combofix (if it exists)

Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.

Go to add/remove programs and uninstall HijackThis.

You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip

If you are running Vista, Windows XP or Windows ME, do the below:

Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.

Then reboot and Enable System Restore to create a new clean Restore Point.

After doing the above, you should work thru the below link:

How to Protect yourself from malware!

insan_art · Jun 3, 2009

TimW said: ↑

Your logs are clean....but there is no way this computer will ever "zip along."
Click to expand...

Thanks for your help once again TimW. You know, I think I still owe you t-shirt from the last time you helped me out!

Yes, I know, this laptop in question will never be really fast. The owner is just going to use it for reading news online and sending email to family, so it'll be fine for her. It was given to her for free by her sister, so she's not complaining..

About AVG8 - seems to be running fine on this laptop. Everything is much faster now than before when I first started, so honestly, it doesn't seem to be affecting the speed too much. Like I said before, these folks don't need a powerhouse, just email.

Again, as always, thank you for the wonderful help! Have a great day! :heart

insan_art · Jun 4, 2009

Hello TimW.

One quick follow up question: I'm having trouble un-installing combofix. I installed/ran it from the desktop as is suggested and I'm copying and pasting the command you provided (checking that all spaces and quotes are in place) but it keeps trying to run combofix again, not uninstall it. I keep getting the warning to turn off my virus scanner before proceeding. Maybe I'm jumping the gun - I don't remember this happening before when doing the un-install.

Any insight? Am I doing something wrong?

Thanks again!

TimW · Jun 6, 2009

Are you sure you are putting in the /u ?

If you are and it still is not working, you can just delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, C:\WINDOWS\nircmd.exe, C:\combofix.txt and C:\ComboFix-quarantined-files.txt logs that were created.

insan_art · Jun 6, 2009

Yes, I'm sure I was inputting it correctly. First was copying and pasting directly from your instructions, then after a number of failures I found the command "Combofix /u" on bleeping computer - this produced the same results as yours did.

Thanks for your help. I'll just delete the files as you've advised.

TimW · Jun 8, 2009

You are quite welcome...safe surfing.

Log in or Sign up

Please review logs...

insan_art Private First Class

Attached Files:

laptop-ComboFix.txt

laptop-mbam-log-2009-05-31 (19-20-48).txt

laptop-MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

insan_art Private First Class

insan_art Private First Class

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

insan_art Private First Class

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member