Hello,

C:\windows\System32\Drivers\spko.sys doesn't seem to be there. I can't directly paste "C:\windows\System32\Drivers\spko.sys" in to the "file to scan" box and even when I use the browse option button the "spko.sys" driver is'nt in the drivers folder.

I've checked the "drivers" folder thoroughly for the driver "spko.sys"

Thanks

We need to show hidden files/folders

• Right Click Start
  
• Select Explore
  
• Select Organize
  
• Select Folder and Search Options
  
• Select the View tab
  
• Under the Hidden files and folders heading select Show hidden files and folders.
  
• Uncheck the Hide extensions for known file types option.
  
• Uncheck the Hide protected operating system files (recommended) option.
  
• Click yes to confirm that you really want to do this.
  
• Click Apply
  
• Click OK
  

==

Then, see if you can find it.

Hello,

The options are already applied, so I could'nt change anything

Ok.

Double-click SysProt.exe, and click on the Kernel Modules tab.

Allow it to scan, then look for the entry that contains this string: C:\windows\System32\Drivers\spko.sys

Select the result, then click Disable.

Restart your computer. Let me know how it is running, please.

I can't find "C:\windows\System32\Drivers\spko.sys" but there is something there called "\SystemsRoot\Systems32\Drivers\spkh.sys" ; if that helps.


cheers

Never mind, that file is safe. It is the core file that runs the program SysProt.

Now how is your computer running?

It's still slow because when it starts up it takes al long time than usuall and its the same with shutting down and everything else is slow aswell.

I would also say that the slowness has got worse because sometimes programmes stop responding.

Odd.

Please try the following and let me know if it gets better.

Please navigate to this webpage: http://support.microsoft.com/kb/313222 and see the section "Fix it for me" and click the Microsoft Fix-It button. This will download a fix utility to repair the security settings on your computer, due to damages of malware or other harmful system changes. Install the file after download.

Ok I've downloaded and ran the file.

it hasn't made much difference.

Did you restart your computer? Try that, then see what happens.

not much difference after restart.

Is the rootkit still there?

No. We removed that earlier.

Let's try some more modifications of your system to try to get it back on track.

Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky.fr and save it to your Desktop.

• Please close all other applications running on your system.
  
• Please double click GetSystemInfo.exe to open it.
  
• Click the Settings button.
  
• Set it to Maximum
  
• IMPORTANT! Then please click Customize - choose Driver / Ports tab and
• Uncheck Scan Ports.
  
• Click Create Report to run it.
  
• It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop. Please upload the folder to Kaspersky GSI Parser and click the Submit button.
  

Please copy and paste the url of the GSI Parser report (not the log) in your next reply.

it didnt make a zip folder called "GetSystemInfo_XXXXXXXXXXXXXX.zip"
it named it something else

should I still upload it?

well i did anyway this is the url to the report

http://www.getsysteminfo.com/read.php?file=ea47c72893c7efde912390455cc3209a