Technical info: PC - Intel Celeron CPU 2.40GHz / Windows XP Professional Version 2002 service pack 2 / HDDs 1.internal - C: 16GB + D: 64GB; 2.internal - F: 150GB 3.external G: 40GB + H: 200GB; 4.external I: 500GB (all external disc are always plugged in the PC)
I'm starting with the common usual trouble - During the last 5 or 6 months my PC has started working slower. Constantly messages start appearing like - C:\ drive is out of memory. I place all my files on other HDDs - internal and external. I put almost nothing in C:\ excepting the software I've worked for years. I constantly use CCleaner to empty the disk's space and options in Google Chrome (delete history) and Google Earth delete cache. Despite this, in a day or two the message appears again. Sometimes even in a two or three hours after cleaning and see 1,2GB free on C:\ the above message appear and when open the C: after that - the free space is not more than a 200MB. Several times I searched in C:\ folder by folder where is the memory gone. Its size is 16 GB but when I try to calculate the used size by generally summing up the folder sizes I cannot find more than a 10 or 12 GB used.
The antivirus software I've used is Avira AntiVir Personal and during the last months it caught some Trojans several times. And now the first attention - About three or four months ago I noticed that some of my external disks are renamed. G:- became H: and H: - became J: and I have no idea how it happened. Second attention - two weeks ago when I started one of my programmes this message appeared - This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem. Horrified, I found the same message when starting and some of the other programmes. Affected applications were Adobe Reader, Photoshop and Google Earth. Reinstalling helped only for the Adobe Reader. The other two cannot be started at all no matter I reinstaled them too. The same message appear again.
This time I start searching solutions. Fist I downloaded some software for repearing registry, diagnostics and something like that - Window Registry Repair 2.5; Advanced System Care 3.7.3 and others. I run them and they showed many errors in the system and fixed them. But nothing changed as a whole. Then I instaled one more antivir software - Avast!. It scaned the system and announced infection and warning for rootkit. Avast suggested to restart and they start scaning before loading Windows. Then they find some file infected with win32:alureon-FZ and one more error. They stated that the file cannot be repaired and I chose option - delete it. I did this scan three times and always the same thing happened. I also run AVG which didn't find anything. But Avast started constantly to open messages for the presence of rootkit. Then I run GMER and it showed the same as in the Avast's message - C:\Windows\system32\drivers\kbdclass.sys - high risk! Then I run another tool - Root Repeal but it couldn't start and blocked the system. I came across the info about ComboFix - downloaded it and moved it in the Desctop, disabled all tools and antivirs and started the ComboFix.exe from the desctop but it didn,t start...nothig happened.
Could someone please give advice what to do?
tcpview.txt file is attached below...
Edited by mrblond, 31 January 2011 - 08:42 AM.