Buy Malwarebytes antimalware
Google
The Spykiller
  Home Help Search Calendar Login Register   *
Board Language: Deutsch English
Advertise on this site

Welcome to The Spykiller

You only need to register to  get help with malware cleaning on your computer or take part in the general discussion forums You DO NOT need to register to upload suspicious files for examination or download any of the tools or use any other part of this site.
It takes a very long time and a lot of hard work on our part to read all the logs posted here and research and prepare the fixes for you. In many cases each part of the fix takes about 30 minutes to prepare so a large part of our time is spent helping you

 INSTRUCTIONS - Read This Before Posting For Malware Removal Help
Digg This!
The Spykiller  > Spyware & Malware removal and General computer help > Malware removal and help > Topic: 1 have another PC...Performance Slow / Freeze Alot
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: 1 have another PC...Performance Slow / Freeze Alot  (Read 929 times)
0 Members and 1 Guest are viewing this topic.
ganezs
*
Offline Offline

Posts: 77
« on: August 23, 2008, 05:24:02 »
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:16:37 PM, on 8/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\CAPRPCSK.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Documents and Settings\Eisu\Desktop\ch128\ch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\System32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [liveNote] livenote.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RegKillElbyCheck] "C:\Program Files\Elaborate Bytes\DVD Region Killer\ElbyCheck.exe" /L RegKill
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Copy Handler] C:\Documents and Settings\Eisu\Desktop\ch128\ch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Canon LBP-800 Status Window.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe (file missing)

--
End of file - 7142 bytes
Report to moderator   Logged
ganezs
*
Offline Offline

Posts: 77
« Reply #1 on: August 23, 2008, 05:37:41 »
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-08-23 13:32:16
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT            sptd.sys                                                                                         ZwCreateKey [0xF862B0D0]
SSDT            sptd.sys                                                                                         ZwEnumerateKey [0xF8630FB2]
SSDT            sptd.sys                                                                                         ZwEnumerateValueKey [0xF8631340]
SSDT            sptd.sys                                                                                         ZwOpenKey [0xF862B0B0]
SSDT            sptd.sys                                                                                         ZwQueryKey [0xF8631418]
SSDT            sptd.sys                                                                                         ZwQueryValueKey [0xF8631298]
SSDT            sptd.sys                                                                                         ZwSetValueKey [0xF86314AA]

---- Kernel code sections - GMER 1.0.14 ----

?               C:\WINDOWS\system32\drivers\sptd.sys                                                             The process cannot access the file because it is being used by another process.
.text           USBPORT.SYS!DllUnload                                                                            F78D062C 5 Bytes  JMP 828F6360
?               System32\Drivers\afc8yqub.SYS                                                                    The system cannot find the file specified. !

---- User code sections - GMER 1.0.14 ----

.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!SetScrollInfo                                7E419056 7 Bytes  JMP 0496A68D C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!GetScrollInfo                                7E420DA2 7 Bytes  JMP 0496A615 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!ShowScrollBar                                7E42F2B3 5 Bytes  JMP 0496A711 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!GetScrollPos                                 7E42F6C4 5 Bytes  JMP 0496A63D C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!SetScrollPos                                 7E42F710 5 Bytes  JMP 0496A6B8 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!GetScrollRange                               7E42F747 5 Bytes  JMP 0496A662 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!SetScrollRange                               7E42F95B 5 Bytes  JMP 0496A6E3 C:\Program Files\Winamp\Plugins\gen_jumpex.dll
.text           C:\Program Files\Winamp\winamp.exe[3720] USER32.dll!EnableScrollBar                              7E467DDD 7 Bytes  JMP 0496A5ED C:\Program Files\Winamp\Plugins\gen_jumpex.dll

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT             \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt]                          [F864206C] sptd.sys
IAT             pci.sys[ntoskrnl.exe!IoDetachDevice]                                                             [F8642018] sptd.sys
IAT             pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack]                                                [F86649AE] sptd.sys
IAT             atapi.sys[ntoskrnl.exe!IoConnectInterrupt]                                                       [F864206C] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                               [F862BAD4] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                       [F862BC1A] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                              [F862BB9C] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                      [F862C748] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                              [F862C61E] sptd.sys
IAT             \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                               [F864129A] sptd.sys

---- Devices - GMER 1.0.14 ----

Device          \FileSystem\Ntfs \Ntfs                                                                           833D41E8

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                           sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)

Device          \FileSystem\Fastfat \FatCdrom                                                                    8286C790
Device          \Driver\NetBT \Device\NetBT_Tcpip_{727510F2-F1ED-4193-99C6-8BC6D9EC4B36}                         829196E8
Device          \Driver\usbohci \Device\USBPDO-0                                                                 828F5588
Device          \Driver\dmio \Device\DmControl\DmIoDaemon                                                        833D61E8
Device          \Driver\dmio \Device\DmControl\DmConfig                                                          833D61E8
Device          \Driver\dmio \Device\DmControl\DmPnP                                                             833D61E8
Device          \Driver\dmio \Device\DmControl\DmInfo                                                            833D61E8
Device          \Driver\usbohci \Device\USBPDO-1                                                                 828F5588
Device          \Driver\USBSTOR \Device\00000070                                                                 827B9790
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                           833561E8
Device          \Driver\USBSTOR \Device\00000071                                                                 827B9790
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                           833561E8
Device          \Driver\Cdrom \Device\CdRom0                                                                     828DD1E8
Device          \Driver\USBSTOR \Device\00000072                                                                 827B9790
Device          \Driver\Ftdisk \Device\HarddiskVolume3                                                           833561E8
Device          \Driver\Cdrom \Device\CdRom1                                                                     828DD1E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-22                                                     833551E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-c                                                      833551E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4                                                      833551E8
Device          \Driver\atapi \Device\Ide\IdePort0                                                               833551E8
Device          \Driver\atapi \Device\Ide\IdePort1                                                               833551E8
Device          \Driver\atapi \Device\Ide\IdePort2                                                               833551E8
Device          \Driver\atapi \Device\Ide\IdePort3                                                               833551E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-2e                                                     833551E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-17                                                     833551E8
Device          \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-36                                                     833551E8
Device          \Driver\USBSTOR \Device\00000073                                                                 827B9790
Device          \Driver\Ftdisk \Device\HarddiskVolume4                                                           833561E8
Device          \Driver\Ftdisk \Device\HarddiskVolume5                                                           833561E8
Device          \Driver\Ftdisk \Device\HarddiskVolume6                                                           833561E8
Device          \Driver\Ftdisk \Device\HarddiskVolume7                                                           833561E8
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                          829196E8
Device          \Driver\NetBT \Device\NetbiosSmb                                                                 829196E8
Device          \Driver\PCI_NTPNP8372 \Device\0000004c                                                           sptd.sys
Device          \Driver\usbohci \Device\USBFDO-0                                                                 828F5588
Device          \Driver\usbohci \Device\USBFDO-1                                                                 828F5588
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                82861790
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                      82861790
Device          \Driver\USBSTOR \Device\0000006f                                                                 827B9790
Device          \Driver\Ftdisk \Device\FtControl                                                                 833561E8
Device          \Driver\afc8yqub \Device\Scsi\afc8yqub1                                                          828FE790
Device          \FileSystem\Fastfat \Fat                                                                         8286C790

AttachedDevice  \FileSystem\Fastfat \Fat                                                                         sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)

Device          \FileSystem\Cdfs \Cdfs                                                                           82995790

---- Registry - GMER 1.0.14 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                               684275809
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                               -1670869367
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                               1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                 
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0              0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew           0xD3 0x4F 0x74 0x39 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0              C:\Program Files\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001       
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0     0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew  0xEC 0x46 0x36 0xF3 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                     
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                  0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew               0xD3 0x4F 0x74 0x39 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                  C:\Program Files\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001           
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew      0xEC 0x46 0x36 0xF3 ...
Reg             HKLM\SOFTWARE\Classes\.tpr@                                                                      tpr_auto_file
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\Conversion\Readable           
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\Conversion\Readable\Main     
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\Conversion\Readable\Main@     8
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\MiscStatus@                   512
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\Ole1Class@                    PBrush
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\ProgID@                       PBrush
Reg             HKLM\SOFTWARE\Classes\CLSID\{BA3BADF2-98D1-5396-1511-F1D768CA74BA}\TreatAs@                      {D3E34B21-9D75-101A-8C3D-00AA001A1652}
Reg             HKLM\SOFTWARE\Classes\tpr_auto_file@                                                             
Reg             HKLM\SOFTWARE\Classes\tpr_auto_file\shell                                                       
Reg             HKLM\SOFTWARE\Classes\tpr_auto_file\shell\Play                                                   
Reg             HKLM\SOFTWARE\Classes\tpr_auto_file\shell\Play@                                                  Play with VLC
Reg             HKLM\SOFTWARE\Classes\tpr_auto_file\shell\Play\command                                           
Reg             HKLM\SOFTWARE\Classes\tpr_auto_file\shell\Play\command@                                          C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file "%1"

---- EOF - GMER 1.0.14 ----
Report to moderator   Logged
ganezs
*
Offline Offline

Posts: 77
« Reply #2 on: August 23, 2008, 05:38:43 »
Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Report to moderator   Logged
Derek
Administrator
*****
Offline Offline

Posts: 11352
« Reply #3 on: August 23, 2008, 13:53:35 »
nothing there

how much ram does this one have

Please visit Combofix Guide & Instructions for instructions for downloading and running ComboFix: especially follow the advice about installing the recovery console

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply
Report to moderator   Logged
Derek
Microsoft MVP  Windows - Security
Modern Malware is so involved and difficult to fix that it takes a very long time and a lot of hard work and research to prepare the fixes for you. A large part of my time is spent helping you
Would you do all this for nothing?
 I run this site to raise funds for Hedgehog Rescue
Please donate if I have helped you or you have found this site useful.
Pages: [1]   Go Up
  Print  
The Spykiller  > Spyware & Malware removal and General computer help > Malware removal and help > Topic: 1 have another PC...Performance Slow / Freeze Alot
 « previous next »
 
Jump to:  

Donations

You have come to The Spykiller for help because your Antivirus or Antispyware hasn't been able to fix your problem.

Modern Malware has become so involved and difficult to fix that it takes a very long time and a lot of hard work to read all the logs posted here and research and prepare the fixes for you. In many cases each part of the fix takes about 30 minutes to prepare, so a large part of my time is spent helping you

Would you do all this for nothing?

The reason I run this site is to raise funds for Hedgehog Rescue

Please donate if I have helped you or you have found this site useful.

You can donate safely and securely by using the paypal service, just click on one of the buttons below.

To donate in UK £

To donate in US$

To donate in Euro €

Any amount no matter how small is gratefully accepted and needed to ensure we keep the Rescue Centre running

To donate via paypal when the button doesn't appear or the link doesn't work: just go to www.paypal.com or your country's paypal log in page and chose send money and use help@thehedgehog.co.uk as recipient email address and select other service as the option. then follow prompts


.

Useful Advice and Programs
  
  Information
   Security & Protection Blog
   Prevention
   Using Autoruns
     System Restore
  Rss feeds
     Microsoft at Home
     MSRC
     Malware blog
Kaspersky online scanner
Take the Kaspersky Challenge: See what your current antivirus is missing. Our free online virus scanner is a great way to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one.

Most importantly, you can see what viruses your current antivirus software let slip through! Now works with ANY Java enabled browser
Stop killing hedgehogs with strimmers
User
Welcome, Guest. Please login or register.
Did you miss your activation email?
September 06, 2010, 23:23:07

Login with username, password and session length
secunia Software inspector

Google ads
RoboForm: Learn more...

You have come to The Spykiller for help because your Antivirus or Antispyware hasn't been able to fix your problem.

Modern Malware is so involved and difficult to fix that it takes a very long time and a lot of hard work to read all the logs posted here and research and prepare the fixes for you.
In many cases each part of the fix takes about 30 minutes to prepare, so a large part of my time is spent helping you

Would you do all this for nothing?

I run this site to help raise funds for Hedgehog Rescue

Please donate if I have helped you or you have found this site useful.

You can donate safely and securely by using the PayPal service, just click on one of the buttons below.

To donate in UK £

To donate in US$

To donate in Euro €

Any amount no matter how small is gratefully accepted and needed to ensure we keep the Rescue Centre running
Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC
TinyPortal v0.9.8 © Bloc 		Valid XHTML 1.0! Valid CSS!
Page created in 0.131 seconds with 32 queries.

Google visited last this page Today at 19:40:06