Computer very slow de to an unresponsive script

ban777 · Joined: Jun 19, 2008 Posts: 1

Dear help,

[u][u]I found your site and did a report from combofix.
Here is the log:

ComboFix 08-06-19.1 - Administrator 06/20/2008 10:04:22.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.874.1.1033.18.849 [GMT 7:00]
Running from: C:\Documents and Settings\Administrator\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-05-20 to 2008-06-20 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 03:07 --------- dc----w C:\Documents and Settings\Administrator\Application Data\utorrent
2008-06-20 03:03 --------- dc----w C:\Documents and Settings\Administrator\Application Data\DMCache
2008-06-20 02:42 --------- dc----w C:\Program Files\PeerGuardian2
2008-06-19 14:17 --------- dc----w C:\Documents and Settings\Administrator\Application Data\Skype
2008-06-19 11:49 --------- dc----w C:\Documents and Settings\Administrator\Application Data\skypePM
2008-06-19 04:26 22,328 -c--a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-19 04:26 107,832 -c--a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-19 00:58 --------- dc----w C:\Program Files\GT Interactive
2008-06-19 00:39 405,504 -c--a-w C:\WINDOWS\system32\srkey.exe
2008-06-19 00:39 --------- dc----w C:\Program Files\Small Rockets
2008-06-19 00:28 --------- dc----w C:\Program Files\On Hand Software
2008-06-19 00:22 --------- dc----w C:\Program Files\Star Defender 2
2008-06-19 00:13 --------- dc----w C:\Program Files\Chicken Invaders 2
2008-06-19 00:03 --------- dc----w C:\Documents and Settings\Administrator\Application Data\Chessmaster Challenge
2008-06-19 00:02 --------- dc----w C:\Program Files\Chessmaster Challenge
2008-06-19 00:01 --------- dc----w C:\Program Files\Grandmaster Chess
2008-06-19 00:01 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-06-19 00:00 --------- dc----w C:\Program Files\Gunner 2
2008-06-18 23:43 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-06-18 02:40 --------- dc----w C:\Program Files\War Chess
2008-06-15 23:53 --------- dc----w C:\Documents and Settings\Administrator\Application Data\IDM
2008-06-15 16:41 --------- dc----w C:\Program Files\Common Files\AOL
2008-06-15 04:55 --------- dc----w C:\Program Files\MagicDisc
2008-06-14 16:12 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\ATI
2008-06-14 16:07 --------- dc----w C:\Program Files\ATI
2008-06-14 16:06 --------- dc----w C:\Program Files\ATI Technologies
2008-06-14 14:58 --------- dc----w C:\Program Files\Spybot - Search & Destroy
2008-06-14 14:26 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads
2008-06-14 14:23 --------- dc----w C:\Program Files\Viewpoint
2008-06-14 14:23 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Viewpoint
2008-06-14 14:23 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL OCP
2008-06-14 14:23 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\AOL
2008-06-14 14:04 --------- dc----w C:\Program Files\filehippo.com
2008-06-14 13:58 --------- dc----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-14 13:55 --------- dc----w C:\Program Files\MyPlayCity.com
2008-06-14 06:41 --------- dc----w C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-06-13 16:06 --------- dc----w C:\Program Files\microsoft frontpage
2008-06-13 15:09 66,872 -c--a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-13 12:26 22,328 -c--a-w C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
2008-06-10 22:03 --------- dc----w C:\Program Files\Ahead
2008-06-10 22:02 --------- dc----w C:\Program Files\Common Files\Ahead
2008-06-10 21:11 --------- dc----w C:\Program Files\ReflexiveArcade
2008-06-10 15:28 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-06-10 09:25 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
2008-06-10 09:22 --------- dc----w C:\Program Files\EPSON
2008-06-10 09:16 --------- dc----w C:\Program Files\uTorrent
2008-06-09 11:46 --------- dc----w C:\Program Files\MyPlayCity
2008-06-09 11:34 --------- dc----w C:\Program Files\Conduit
2008-06-08 16:08 --------- dc----w C:\Program Files\Windows Live Safety Center
2008-06-08 10:35 --------- dc----w C:\Program Files\BrainStimPro
2008-06-06 10:30 --------- dc----w C:\Program Files\JetAudio
2008-06-04 04:36 73,216 -c--a-w C:\WINDOWS\ST6UNST.EXE
2008-06-04 04:36 249,856 -c----w C:\WINDOWS\Setup1.exe
2008-06-01 22:13 --------- dc----w C:\Program Files\Microsoft Works
2008-06-01 22:12 --------- dc----w C:\Program Files\MSBuild
2008-06-01 22:09 --------- dc----w C:\Program Files\Microsoft.NET
2008-05-31 18:43 --------- dc-h--w C:\Program Files\InstallShield Installation Information
2008-05-31 12:44 --------- dc----w C:\Documents and Settings\Administrator\Application Data\TT111
2008-05-31 09:51 --------- dc----w C:\Program Files\TT111-V3
2008-05-31 06:44 --------- dc----w C:\Program Files\YouTube Downloader
2008-05-31 06:33 --------- dc----w C:\Program Files\FLVPlayer
2008-05-31 01:33 --------- dc----w C:\Program Files\Prima Games
2008-05-30 07:19 507,400 -c--a-w C:\WINDOWS\system32\XAudio2_1.dll
2008-05-30 07:18 238,088 -c--a-w C:\WINDOWS\system32\xactengine3_1.dll
2008-05-30 07:17 65,032 -c--a-w C:\WINDOWS\system32\XAPOFX1_0.dll
2008-05-30 07:17 25,608 -c--a-w C:\WINDOWS\system32\X3DAudio1_4.dll
2008-05-30 07:11 467,984 -c--a-w C:\WINDOWS\system32\d3dx10_38.dll
2008-05-30 07:11 3,850,760 -c--a-w C:\WINDOWS\system32\D3DX9_38.dll
2008-05-30 07:11 1,491,992 -c--a-w C:\WINDOWS\system32\D3DCompiler_38.dll
2008-05-28 14:24 --------- dc----w C:\Program Files\Common Files\Adobe
2008-05-28 14:24 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
2008-05-27 12:43 --------- dc----w C:\Program Files\Windows Live
2008-05-27 05:11 96,896 -c--a-w C:\WINDOWS\system32\drivers\mcdbus.sys
2008-05-27 04:31 --------- dc----w C:\Program Files\Unlocker
2008-05-27 03:33 --------- dc----w C:\Program Files\Advanced System Optimizer
2008-05-27 03:33 --------- dc----w C:\Documents and Settings\Administrator\Application Data\Systweak
2008-05-27 02:36 --------- dc----w C:\Program Files\SSC Service Utility
2008-05-27 02:03 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-27 02:03 --------- dc----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-27 01:49 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-05-25 13:30 5,248 -c--a-w C:\WINDOWS\system32\giveio.sys
2008-05-25 04:51 --------- dc----w C:\Program Files\Eset
2008-05-25 02:26 --------- dc----w C:\Documents and Settings\Administrator\Application Data\Virtual FlashCards
2008-05-25 02:25 --------- dc----w C:\Program Files\Virtual FlashCards
2008-05-24 18:23 --------- dc----w C:\Program Files\Java
2008-05-24 05:32 107,888 -c--a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-05-23 19:17 --------- dc----w C:\Program Files\id Software
2008-05-23 19:07 --------- dc----w C:\Program Files\FlashGet
2008-05-22 13:06 --------- dc----w C:\Program Files\Sun
2008-05-22 12:21 --------- dc----w C:\Program Files\Internet Download Manager
2008-05-21 21:29 --------- dc----w C:\Documents and Settings\Administrator\Application Data\COWON
2008-05-21 19:23 --------- dc----w C:\Program Files\Microsoft Visual Studio 8
2008-05-21 11:53 --------- dc----w C:\Program Files\Skype
2008-05-21 11:53 --------- dc----w C:\Program Files\Common Files\Skype
2008-05-21 11:53 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2008-05-20 19:56 --------- dc----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-05-20 19:50 9,344 -c--a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-05-20 19:50 8,320 -c--a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2008-05-20 19:50 12,632 -c--a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-20 19:40 --------- dc----w C:\Program Files\Lavasoft
.

------- Sigcheck -------

11/28/2007 01:29 PM 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\user32.dll

10/30/2006 03:27 AM 2059264 972df9bc435b2f077b02c5e8a09acf83 C:\WINDOWS\$hf_mig$\KB896256\SP2QFE\ntkrnlpa.exe
10/30/2006 04:50 PM 2057600 c031bfef4567086e97bc490c596d0a08 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
11/28/2007 01:43 PM 2062336 5cf9911d32a07860dab935adf265b8a9 C:\WINDOWS\system32\ntkrnlpa.exe
10/30/2006 04:50 PM 2057600 c031bfef4567086e97bc490c596d0a08 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

10/30/2006 07:13 PM 2182016 29664b5a66f187790006014f87adccdf C:\WINDOWS\$hf_mig$\KB896256\SP2QFE\ntoskrnl.exe
10/30/2006 05:27 PM 2180224 feb84e19ef70df785cc7050d85b20b8b C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
11/28/2007 01:34 PM 2185472 9a8f4f15f3a85f2b67525425f24df7f6 C:\WINDOWS\system32\ntoskrnl.exe
10/30/2006 05:27 PM 2180224 feb84e19ef70df785cc7050d85b20b8b C:\WINDOWS\system32\dllcache\ntoskrnl.exe

11/28/2007 01:33 PM 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
03/04/2008 01:44 PM 1470488 --a--c--- C:\Program Files\MyPlayCity\tbMyP0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "C:\Program Files\MyPlayCity\tbMyP0.dll" [03/04/2008 01:44 PM 1470488]

[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:56 AM 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM 4670704]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [05/19/2007 12:32 AM 207360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 11:34 AM 5724184]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [05/12/2008 08:03 PM 2598320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [11/28/2007 01:27 PM 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 05:32 AM 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 05:32 AM 455168]
"VistaDrive"="C:\WINDOWS\VistaDrive\VistaDrive.exe" [10/05/2006 08:56 PM 280779]
"VisualTooltip"="C:\Program Files\Utilities\VisualTooltip\VisualToolTip.exe" [04/25/2007 09:45 AM 956928]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [05/21/2008 01:48 AM 949376]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [05/21/2008 02:09 AM 1114192]
"SoundMan"="SOUNDMAN.EXE" [08/03/2006 08:12 PM 577536 C:\WINDOWS\SOUNDMAN.EXE]
"DriveSpace"="C:\Program Files\Drive Space Indicator\DrvSpace.exe" [11/25/2007 08:24 AM 258664]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/19/2008 12:58 PM 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [03/01/2008 08:06 PM 124928 C:\WINDOWS\system32\advpack.dll]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
MagicDisc.lnk.disabled [2551-06-15 11:55:35 652]
OneNote 2007 Screen Clipper and Launcher.lnk.disabled [2551-06-02 05:27:38 955]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll
"msacm.divxa32"= msaud32_divx.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe"
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
"LClock"=C:\Program Files\LClock\LClock.exe
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"ThePrivacyGuard"="H:\PROGRAM FILES\The Privacy Guard\ThePrivacyGuard.exe" /startup
"filehippo.com"="C:\Program Files\filehippo.com\UpdateChecker.exe" /background
"EPSON Stylus C90 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZP.EXE /FU "C:\WINDOWS\TEMP\E_S231.tmp" /EF "HKCU"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe"
"{B179023B-6238-4499-8F26-CD73E9D90E0A}"="C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe"
"ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"H:\\PROGRAM FILES\\id Software\\Enemy Territory - QUAKE Wars\\etqwded.exe"=
"H:\\PROGRAM FILES\\id Software\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"H:\\PROGRAM FILES\\EMULE\\emule.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"H:\\PROGRAM FILES\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;C:\WINDOWS\system32\DRIVERS\nvcchflt.sys [02/26/2006 10:21 PM]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [01/05/2007 04:38 AM]
R3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS [08/17/2001 07:11 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\setup\rsrc\Autorun.exe
\Shell\dinstall\command - G:\Directx\dxsetup.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{34A19196-274E-4D75-9D30-D7A45A0A4178}]
"%ProgramFiles%\Windows Sidebar\.\regsvr32.exe" /s wlsrvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6B9228DA-9C15-419e-856C-19E768A13BDC}]
"%ProgramFiles%\Windows Sidebar\.\regsvr32.exe" /s sbdrop.dll

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
HIDEC /W "%VAIOTOOLS%\regtlib.exe" "%ProgramFiles%\Windows Sidebar\sidebar.exe"
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-20 10:07:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 06/20/2008 10:08:41
ComboFix-quarantined-files.txt 2008-06-20 03:08:28

Pre-Run: 6,867,562,496 bytes free
Post-Run: 6,857,068,544 bytes free

240 --- E O F --- 2008-06-10 16:17:10

Any help will be highly appreciated...

drwho07 · Joined: Nov 29, 2007 Posts: 2238 Location: Central FL, USA

ban777,

Welcome to LG Forums.

We do have one expert that helps people with problems and reads their logs, from Hijack This and Combo Fix, but,
this is the wrong forum to post your logs in.

Under this "Problem Solvers" forum is a SUB-Forum for Hijack This logs.

That's where your post should go.

Good Luck,
The Doctor Cool