Inactive 2 constant issues

sukar · 2010/12/31

[Inactive] 2 constant issues

i had initially made a post in the windows XP thread regarding this
issue, but i was advised by the admin to read the malware and virus
removal threat instructions and post my result here

i tried to run a full scan with microsoft securtiy essentials but
before the scan could complete my pc would restart

when i tried to run a full scan with malwarebytes it would freeze and
give me the following msg : "instruction at 0x7c910cce referenced
memory at 0x091bdb68. the memory could not be read "....which i know
is some sort of svchost.exe error

however when i ran the perform quick scan with malwarebytes it
performed the scan successfully and did not detect any errors

the 2 constant errors i keep experiencing are that my firefox 3.6.13 keeps
crashing and my pc randomly restart at times

I have posted all the logs that are required

thank you all for your help

sukar · 2010/12/31

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5427

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/31/2010 7:23:51 PM
mbam-log-2010-12-31 (19-23-51).txt

Scan type: Quick scan
Objects scanned: 128856
Time elapsed: 4 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

sukar · 2010/12/31

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-31 20:48:57
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7 ST3808110AS rev.3.AAH
Running: jwqbtky5.exe; Driver: C:\DOCUME~1\ZAHEER~1\LOCALS~1\Temp\uxtdipow.sys

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6EB9000, 0x1C5D38, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\System32\svchost.exe[948] SHELL32.dll!DragQueryFileAorW + 69A4 7CA1ECDD 1 Byte [7C]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

sukar · 2010/12/31

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel Drivers (total 120):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7A70000 \WINDOWS\system32\KDCOM.DLL
0xF7980000 \WINDOWS\system32\BOOTVID.dll
0xF7441000 ACPI.sys
0xF7A72000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7430000 pci.sys
0xF7570000 isapnp.sys
0xF7B38000 pciide.sys
0xF77F0000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7580000 MountMgr.sys
0xF7411000 ftdisk.sys
0xF7A74000 dmload.sys
0xF73EB000 dmio.sys
0xF77F8000 PartMgr.sys
0xF7590000 VolSnap.sys
0xF73D3000 atapi.sys
0xF75A0000 disk.sys
0xF75B0000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF73B3000 fltmgr.sys
0xF73A1000 sr.sys
0xF738A000 KSecDD.sys
0xF72FD000 Ntfs.sys
0xF72D0000 NDIS.sys
0xF7984000 RecAgent.sys
0xF72B6000 Mup.sys
0xF7670000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6EB8000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF6EA4000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF78A0000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF6E80000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF78A8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7680000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7690000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF76A0000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6E5D000 \SystemRoot\system32\DRIVERS\ks.sys
0xF78B0000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF6E35000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF78B8000 \SystemRoot\system32\DRIVERS\RTL8139.SYS
0xF6DD2000 \SystemRoot\system32\DRIVERS\slntamr.sys
0xF7A2C000 \SystemRoot\system32\DRIVERS\SlWdmSup.sys
0xF6DB3000 \SystemRoot\system32\DRIVERS\Mtlmnt5.sys
0xF78C0000 \SystemRoot\System32\Drivers\Modem.SYS
0xF78C8000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF76B0000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7A38000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF6D77000 \SystemRoot\system32\DRIVERS\parport.sys
0xF76C0000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF78D0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF78D8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7C9C000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF76D0000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7A3C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6D60000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF76E0000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF76F0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF78E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6D4F000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7700000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF78E8000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF78F0000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6D1F000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7710000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A7C000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6CC1000 \SystemRoot\system32\DRIVERS\update.sys
0xF7A58000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7720000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7750000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7A7E000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF2245000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF2221000 \SystemRoot\system32\drivers\portcls.sys
0xF7760000 \SystemRoot\system32\drivers\drmk.sys
0xF7A14000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xF78F8000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF11D6000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0xF7910000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF7A8A000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7C42000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A8C000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7920000 \SystemRoot\System32\drivers\vga.sys
0xF7A8E000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A90000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7928000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7930000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF6D8F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF117B000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF1122000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF10FA000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF10D4000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF10B2000 \SystemRoot\System32\drivers\afd.sys
0xF77A0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF77B0000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF1087000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF1017000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF77C0000 \SystemRoot\System32\Drivers\Fips.SYS
0xF0FCB000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xF0FB3000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7AA0000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF2211000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7938000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7C12000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF065000 \SystemRoot\System32\ati2cqag.dll
0xBF0FE000 \SystemRoot\System32\atikvmag.dll
0xBF182000 \SystemRoot\System32\atiok3x2.dll
0xBF1CD000 \SystemRoot\System32\ati3duag.dll
0xBF572000 \SystemRoot\System32\ativvaxx.dll
0xEEB8F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xEE84E000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7ADC000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xEE6DE000 \SystemRoot\system32\DRIVERS\srv.sys
0xEE5B1000 \SystemRoot\system32\drivers\wdmaud.sys
0xEE8EB000 \SystemRoot\system32\drivers\sysaudio.sys
0xEE1B0000 \SystemRoot\System32\Drivers\HTTP.sys
0xF77E0000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xEDD91000 \??\C:\DOCUME~1\ZAHEER~1\LOCALS~1\Temp\uxtdipow.sys
0xEDD66000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 29):
0 System Idle Process
4 System
492 C:\WINDOWS\system32\smss.exe
540 csrss.exe
572 C:\WINDOWS\system32\winlogon.exe
616 C:\WINDOWS\system32\services.exe
628 C:\WINDOWS\system32\lsass.exe
792 C:\WINDOWS\system32\ati2evxx.exe
812 C:\WINDOWS\system32\svchost.exe
868 svchost.exe
908 C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
948 C:\WINDOWS\system32\svchost.exe
1024 svchost.exe
1072 svchost.exe
1196 C:\WINDOWS\system32\ati2evxx.exe
1228 C:\WINDOWS\system32\spoolsv.exe
1356 svchost.exe
1460 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1496 C:\Program Files\Bonjour\mDNSResponder.exe
1548 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
1664 C:\WINDOWS\system32\slserv.exe
1728 C:\WINDOWS\system32\svchost.exe
1948 C:\WINDOWS\explorer.exe
1592 alg.exe
1644 C:\WINDOWS\system32\ctfmon.exe
1760 C:\Program Files\Messenger\msmsgs.exe
2092 C:\Program Files\iPod\bin\iPodService.exe
3564 C:\WINDOWS\system32\wuauclt.exe
2636 F:\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: ST3808110AS, Rev: 3.AAH

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Done!

sukar · 2010/12/31

DDS (Ver_10-12-12.02) - NTFSx86
Run by Zaheer Hussain at 20:52:04.95 on Fri 12/31/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.571 [GMT 5:00]

AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
F:\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>;*.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\zaheer~1\applic~1\mozilla\firefox\profiles\82nl9yny.default\
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-8-28 1691480]

=============== Created Last 30 ================

2010-12-31 14:17:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-31 14:17:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-31 12:51:23 -------- d-----w- c:\program files\SIW
2010-12-31 11:53:29 -------- d-----w- c:\docume~1\alluse~1\applic~1\RegCure
2010-12-31 10:45:34 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{f94eb21a-bb8e-4dc8-9959-b6bc50702eca}\mpengine.dll
2010-12-31 10:35:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-29 17:39:25 -------- d-----w- c:\docume~1\zaheer~1\applic~1\Malwarebytes
2010-12-29 17:39:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-27 14:00:54 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-12-27 14:00:54 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-12-16 10:48:48 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-16 10:48:48 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-16 10:48:48 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-16 10:48:47 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-16 10:48:46 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-16 10:48:45 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-16 10:48:43 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-16 10:42:21 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 10:41:22 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-15 14:56:13 -------- d-----w- c:\docume~1\zaheer~1\locals~1\applic~1\Conduit
2010-12-15 14:56:00 -------- d-----w- c:\docume~1\zaheer~1\locals~1\applic~1\Temp
2010-12-14 16:56:15 -------- d-sh--w- c:\documents and settings\zaheer hussain\IECompatCache

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe

============= FINISH: 20:52:26.04 ===============

sukar · 2010/12/31

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/27/2010 12:40:56 PM
System Uptime: 12/31/2010 7:15:32 PM (1 hours ago)

Motherboard: Intel Corporation | | D101GGC
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 775 | 3000/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 59.3 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_D6008086&REV_82\3&61AAA01&0&A0
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_D6008086&REV_82\3&61AAA01&0&A0
Service:

==== System Restore Points ===================

RP64: 10/3/2010 2:01:15 PM - System Checkpoint
RP65: 10/4/2010 6:34:36 PM - Software Distribution Service 3.0
RP66: 10/5/2010 7:21:49 PM - Software Distribution Service 3.0
RP67: 10/6/2010 7:55:27 PM - System Checkpoint
RP68: 10/6/2010 8:14:33 PM - Software Distribution Service 3.0
RP69: 10/7/2010 8:29:07 PM - Software Distribution Service 3.0
RP70: 10/8/2010 9:14:34 PM - Software Distribution Service 3.0
RP71: 10/9/2010 9:48:55 PM - System Checkpoint
RP72: 10/10/2010 11:17:05 PM - Software Distribution Service 3.0
RP73: 10/12/2010 6:26:13 PM - Software Distribution Service 3.0
RP74: 10/12/2010 10:41:43 PM - Software Distribution Service 3.0
RP75: 10/13/2010 6:32:52 PM - Software Distribution Service 3.0
RP76: 10/14/2010 7:00:07 PM - System Checkpoint
RP77: 10/14/2010 9:17:10 PM - Software Distribution Service 3.0
RP78: 10/15/2010 9:51:11 PM - System Checkpoint
RP79: 10/16/2010 12:08:21 PM - Software Distribution Service 3.0
RP80: 10/17/2010 2:19:15 PM - System Checkpoint
RP81: 10/18/2010 8:40:13 AM - Software Distribution Service 3.0
RP82: 10/19/2010 8:51:24 AM - System Checkpoint
RP83: 10/19/2010 6:17:51 PM - Software Distribution Service 3.0
RP84: 10/20/2010 6:28:11 PM - Software Distribution Service 3.0
RP85: 10/21/2010 6:57:50 PM - System Checkpoint
RP86: 10/22/2010 5:40:35 PM - Software Distribution Service 3.0
RP87: 10/23/2010 6:22:34 PM - System Checkpoint
RP88: 10/24/2010 2:37:05 AM - Software Distribution Service 3.0
RP89: 10/24/2010 9:11:31 PM - Software Distribution Service 3.0
RP90: 10/24/2010 11:54:08 PM - Removed Windows Live Upload Tool
RP91: 10/24/2010 11:54:23 PM - Removed Windows Live Sign-in Assistant
RP92: 10/25/2010 12:00:38 AM - Installed MSN Messenger 7.5
RP93: 10/25/2010 10:55:51 PM - Removed Windows Live Sign-in Assistant
RP94: 10/25/2010 10:56:07 PM - Removed Windows Live Upload Tool
RP95: 10/25/2010 11:00:13 PM - Installed MSN Messenger 7.5
RP96: 10/25/2010 11:01:28 PM - Removed MSN Messenger 7.5
RP97: 10/25/2010 11:05:06 PM - Installed Windows Live Messenger
RP98: 10/25/2010 11:06:13 PM - Removed Windows Live Messenger
RP99: 10/25/2010 11:13:00 PM - Installed Windows Live Messenger
RP100: 10/25/2010 11:23:18 PM - Software Distribution Service 3.0
RP101: 10/27/2010 12:15:58 AM - Software Distribution Service 3.0
RP102: 10/28/2010 8:45:29 AM - Software Distribution Service 3.0
RP103: 10/29/2010 6:17:35 PM - Software Distribution Service 3.0
RP104: 10/30/2010 8:25:25 PM - System Checkpoint
RP105: 10/30/2010 11:54:18 PM - Removed Skype Toolbars
RP106: 10/30/2010 11:54:30 PM - Removed Skypeâ„¢ 5.0
RP107: 10/31/2010 10:48:12 PM - Software Distribution Service 3.0
RP108: 11/1/2010 11:16:46 PM - Software Distribution Service 3.0
RP109: 11/2/2010 12:13:03 AM - Software Distribution Service 3.0
RP110: 11/3/2010 12:56:37 AM - System Checkpoint
RP111: 11/3/2010 8:27:03 AM - Software Distribution Service 3.0
RP112: 11/4/2010 8:37:15 AM - Software Distribution Service 3.0
RP113: 11/5/2010 8:45:23 AM - Software Distribution Service 3.0
RP114: 11/6/2010 12:14:59 PM - Software Distribution Service 3.0
RP115: 11/7/2010 12:46:52 PM - Software Distribution Service 3.0
RP116: 11/7/2010 8:42:29 PM - Installed Windows Media Player 11
RP117: 11/7/2010 8:45:01 PM - Software Distribution Service 3.0
RP118: 11/8/2010 5:43:33 PM - Software Distribution Service 3.0
RP119: 11/9/2010 6:22:45 PM - System Checkpoint
RP120: 11/10/2010 4:51:47 PM - Software Distribution Service 3.0
RP121: 11/11/2010 5:17:21 PM - Software Distribution Service 3.0
RP122: 11/12/2010 6:16:11 PM - System Checkpoint
RP123: 11/12/2010 9:27:25 PM - Software Distribution Service 3.0
RP124: 11/14/2010 1:16:32 AM - Software Distribution Service 3.0
RP125: 11/15/2010 3:27:27 PM - Software Distribution Service 3.0
RP126: 11/16/2010 3:53:53 PM - System Checkpoint
RP127: 11/17/2010 12:06:19 PM - Software Distribution Service 3.0
RP128: 11/18/2010 4:52:43 PM - Software Distribution Service 3.0
RP129: 11/19/2010 5:44:20 PM - System Checkpoint
RP130: 11/20/2010 1:14:40 PM - Software Distribution Service 3.0
RP131: 11/21/2010 2:58:36 PM - System Checkpoint
RP132: 11/22/2010 3:21:00 PM - Software Distribution Service 3.0
RP133: 11/23/2010 6:19:46 PM - Software Distribution Service 3.0
RP134: 11/24/2010 6:20:12 PM - System Checkpoint
RP135: 11/25/2010 8:45:28 AM - Software Distribution Service 3.0
RP136: 11/26/2010 12:45:21 PM - Software Distribution Service 3.0
RP137: 11/27/2010 5:32:49 PM - Software Distribution Service 3.0
RP138: 11/28/2010 6:25:30 PM - System Checkpoint
RP139: 11/28/2010 10:20:17 PM - Software Distribution Service 3.0
RP140: 11/30/2010 12:15:01 AM - System Checkpoint
RP141: 11/30/2010 5:54:57 PM - Software Distribution Service 3.0
RP142: 12/1/2010 6:20:03 PM - System Checkpoint
RP143: 12/2/2010 8:46:41 AM - Software Distribution Service 3.0
RP144: 12/3/2010 8:53:32 AM - Software Distribution Service 3.0
RP145: 12/4/2010 12:20:33 PM - Software Distribution Service 3.0
RP146: 12/5/2010 1:04:08 PM - Software Distribution Service 3.0
RP147: 12/6/2010 6:21:18 PM - Software Distribution Service 3.0
RP148: 12/7/2010 6:57:55 PM - System Checkpoint
RP149: 12/8/2010 - Software Distribution Service 3.0
RP150: 12/9/2010 12:04:36 AM - System Checkpoint
RP151: 12/9/2010 8:34:31 AM - Software Distribution Service 3.0
RP152: 12/10/2010 8:37:04 AM - Software Distribution Service 3.0
RP153: 12/11/2010 12:08:57 PM - Software Distribution Service 3.0
RP154: 12/12/2010 12:30:14 PM - System Checkpoint
RP155: 12/12/2010 2:27:27 PM - Software Distribution Service 3.0
RP156: 12/13/2010 6:00:57 PM - Software Distribution Service 3.0
RP157: 12/14/2010 6:18:11 PM - System Checkpoint
RP158: 12/14/2010 11:05:59 PM - Software Distribution Service 3.0
RP159: 12/15/2010 11:15:00 PM - System Checkpoint
RP160: 12/16/2010 11:24:18 AM - Software Distribution Service 3.0
RP161: 12/17/2010 2:47:02 AM - Software Distribution Service 3.0
RP162: 12/17/2010 1:50:58 PM - Software Distribution Service 3.0
RP163: 12/18/2010 2:01:16 PM - System Checkpoint
RP164: 12/18/2010 2:50:28 PM - Software Distribution Service 3.0
RP165: 12/18/2010 3:01:44 PM - Software Distribution Service 3.0
RP166: 12/19/2010 3:28:58 PM - System Checkpoint
RP167: 12/20/2010 5:52:41 PM - Software Distribution Service 3.0
RP168: 12/21/2010 6:38:15 PM - System Checkpoint
RP169: 12/22/2010 8:38:04 AM - Software Distribution Service 3.0
RP170: 12/23/2010 8:41:50 AM - Software Distribution Service 3.0
RP171: 12/24/2010 5:07:56 PM - Software Distribution Service 3.0
RP172: 12/25/2010 5:45:00 PM - System Checkpoint
RP173: 12/26/2010 12:50:37 PM - Software Distribution Service 3.0
RP174: 12/27/2010 3:31:20 PM - Software Distribution Service 3.0
RP175: 12/28/2010 5:48:36 PM - Software Distribution Service 3.0
RP176: 12/29/2010 6:13:11 PM - System Checkpoint
RP177: 12/29/2010 9:20:15 PM - Software Distribution Service 3.0
RP178: 12/30/2010 8:23:35 PM - Restore Operation
RP179: 12/31/2010 12:51:24 AM - Software Distribution Service 3.0
RP180: 12/31/2010 5:02:51 PM - RegCure Backup

==== Installed Programs ======================

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Grandmaster Chess Tournament
High Definition Audio Driver Package - KB888111
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
hp deskjet 5550 series
hp deskjet 5550 series (Remove only)
hp print screen utility
iTunes
K-Lite Codec Pack 6.3.5 (Full)
Malwarebytes' Anti-Malware
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.6.13)
MSVCRT
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SIW version 2010.07.14
Skins
Update for 2007 Microsoft Office System (KB967642)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Veetle TV 0.9.18
WebFldrs XP
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows XP Service Pack 3
WinRAR
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

12/31/2010 8:52:07 PM, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
12/31/2010 7:27:19 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
12/31/2010 7:13:19 PM, error: Service Control Manager [7034] - The SmartLinkService service terminated unexpectedly. It has done this 1 time(s).
12/31/2010 7:13:19 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
12/31/2010 7:13:19 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
12/31/2010 7:13:19 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2010 7:13:18 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
12/31/2010 7:12:17 PM, error: System Error [1003] - Error code 10000050, parameter1 c15c397c, parameter2 00000000, parameter3 80505f37, parameter4 00000000.
12/31/2010 4:52:19 PM, error: System Error [1003] - Error code 10000050, parameter1 c414997c, parameter2 00000000, parameter3 80505f37, parameter4 00000000.
12/31/2010 4:40:56 PM, error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\WINDOWS\system32\ieframe.dll
12/31/2010 4:40:56 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/31/2010 4:40:56 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/31/2010 3:45:30 PM, error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\WINDOWS\system32\drivers\Msfs.sys
12/31/2010 3:45:30 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/31/2010 3:45:30 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/30/2010 8:33:15 AM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf8931d4, parameter3 ee428690, parameter4 00000000.
12/30/2010 7:18:56 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf927d63, parameter3 ee3ecc30, parameter4 00000000.
12/30/2010 7:18:46 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf927d66, parameter3 ee490c30, parameter4 00000000.
12/30/2010 7:16:10 PM, error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\MSOCache\All Users\{90120000-0011-0000-0000-0000000FF1CE}-C\ProPlsWW.cab->OFFDIAG.EXE_0001
12/30/2010 7:16:10 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/30/2010 7:16:10 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/29/2010 9:41:22 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf80ef90, parameter3 ee591c88, parameter4 00000000.
12/29/2010 9:41:20 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf80faf3, parameter3 ee7f66d0, parameter4 00000000.
12/29/2010 9:35:35 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf08ee7a, parameter3 edc9c768, parameter4 00000000.
12/29/2010 11:37:09 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf87b56a, parameter3 ee1c292c, parameter4 00000000.
12/28/2010 8:27:31 AM, error: System Error [1003] - Error code 1000000a, parameter1 00000002, parameter2 0000001c, parameter3 00000001, parameter4 804fb03c.
12/28/2010 5:49:37 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB972696 (Definition 1.95.2722.0).
12/28/2010 5:48:52 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.2656.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80070643 Error description: Fatal error during installation.
12/28/2010 5:48:49 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.95.2722.0 Previous Signature Version: 1.95.2656.0 Update Source: User Update Stage: Install Source Path: Signature Type: AntiVirus Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.6402.0 Previous Engine Version: 1.1.6402.0 Error code: 0x8050a005 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.
12/28/2010 5:48:49 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.95.2722.0 Previous Signature Version: 1.95.2656.0 Update Source: User Update Stage: Install Source Path: Signature Type: AntiSpyware Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.6402.0 Previous Engine Version: 1.1.6402.0 Error code: 0x8050a005 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.
12/27/2010 3:20:53 PM, error: Dhcp [1002] - The IP address lease 192.168.1.33 for the Network Card with network address 0016767819E2 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/26/2010 5:52:01 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Microsoft Antimalware Service service, but this action failed with the following error: An instance of the service is already running.
12/26/2010 5:51:46 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
12/26/2010 5:51:04 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/26/2010 5:51:04 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070006 Error description: The handle is invalid. Reason: The filter driver was unloaded unexpectedly.
12/26/2010 5:50:56 PM, error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Documents and Settings\Zaheer Hussain\Local Settings\Temp\iet3D.tmp.exe->(WiseSfx)->(ZipSfx)->UNWISE32.EXE
12/26/2010 5:33:30 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf092e2d, parameter3 ededf69c, parameter4 00000000.

==== End Of File ===========================

broni · 2010/12/31

I don't see much here, but we can keep checking...

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.

If you're stuck, or you're not sure about certain step, always ask before doing anything else.

Please refrain from running tools or applying updates other than those I suggest.

Never run more than one scan at a time.

Keep updating me regarding your computer behavior, good, or bad.

The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.

I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================================================

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

[color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

[color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion ", restart computer to fix the issue.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.pif
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.

If using Vista or Windows 7 right-click on it and choose Run As Administrator.

A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

If not, delete the file, then download and use the one provided in Link 2.

If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.

Do not reboot until instructed.

If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

sukar · 2010/12/31

ComboFix 10-12-31.01 - Zaheer Hussain 01/01/2011 1:02.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.561 [GMT 5:00]
Running from: c:\documents and settings\Zaheer Hussain\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((( Files Created from 2010-11-28 to 2010-12-31 )))))))))))))))))))))))))))))))
.

2010-12-31 11:53 . 2010-12-31 12:03 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2010-12-31 10:45 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F94EB21A-BB8E-4DC8-9959-B6BC50702ECA}\mpengine.dll
2010-12-31 10:35 . 2010-12-31 17:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-29 17:39 . 2010-12-29 17:39 -------- d-----w- c:\documents and settings\Zaheer Hussain\Application Data\Malwarebytes
2010-12-29 17:39 . 2010-12-29 17:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-12-27 14:00 . 2008-04-13 18:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-12-27 14:00 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-12-16 10:48 . 2010-11-06 00:26 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-16 10:48 . 2010-11-06 00:26 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-16 10:48 . 2010-11-06 00:26 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-16 10:48 . 2010-11-06 00:26 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-16 10:48 . 2010-11-06 00:26 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-16 10:48 . 2010-11-06 00:26 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-16 10:48 . 2010-11-06 00:26 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-16 10:42 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 10:41 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-15 14:56 . 2010-12-29 15:05 -------- d-----w- c:\documents and settings\Zaheer Hussain\Local Settings\Application Data\Conduit
2010-12-15 14:56 . 2010-12-15 14:56 -------- d-----w- c:\documents and settings\Zaheer Hussain\Local Settings\Application Data\Temp
2010-12-14 16:56 . 2010-12-14 16:56 -------- d-sh--w- c:\documents and settings\Zaheer Hussain\IECompatCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2010-08-27 07:36 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-10 04:33 . 2010-08-28 15:15 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-11-06 00:26 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-04 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-24 19:01 . 2010-10-24 19:01 15256 ----a-w- c:\documents and settings\Zaheer Hussain\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
2010-10-19 20:51 . 2010-08-27 12:33 222080 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSSE "= "c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-14 1094224]
"RTHDCPL "= "RTHDCPL.EXE" [2010-07-28 19557480]
"HPDJ Taskbar Utility "= "c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-18 188416]
"StartCCC "= "c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-22 35760]
"Adobe ARM "= "c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting "= "c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@= "Service "

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE "=
"c:\\Program Files\\uTorrent\\uTorrent.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8/28/2010 10:42 PM 1691480]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Zaheer Hussain\Application Data\Mozilla\Firefox\Profiles\82nl9yny.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-01 01:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101 "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(568)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1348)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2011-01-01 01:15:34
ComboFix-quarantined-files.txt 2010-12-31 20:15

Pre-Run: 63,595,089,920 bytes free
Post-Run: 63,554,052,096 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 9B1066C389E2C0CB288B517032FE0A62

broni · 2010/12/31

Nothing there....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

IMPORTANT! UN-check Remove found threats

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, push List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

sukar · 2011/01/01

NOTE** MY PC AUTOMATICALLY RESTARTED DURING THE ESET SCAN AND IT DID NOT FIND ANY ERRORS (HENCE NO REPORT)

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Adobe Flash Player 10.1.102.64
Adobe Reader 9.4.1
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.13)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
``````````End of Log````````````

sukar · 2011/01/01

everytime my pc restarts it states it has recovered from a serious error
next time it does ill try getting some sort of detailed report on it

when i try to run malwarebytes to perform a full scan i get this msg "

malwarebytes anti malware: mbam.exe - application error

the instruction "0x7c90fb88" referenced memory at "0x7ffddc2a ". The memory could not be "written "

broni · 2011/01/01

everytime my pc restarts it states it has recovered from a serious error
next time it does ill try getting some sort of detailed report on it
Click to expand...

Please, do.

================================================================

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.
On this page:

make sure, you have both boxes UN-checked AND (important!) click on Decline button

===============================================================

Regarding MBAM...

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility.
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here.

================================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. Please, let me know, how your computer is doing.

sukar · 2011/01/02

i have currently 3 adobe software installed

adobe flash player 10 activeX
adobe flash player 10 plugin
adobe reader 9.4.1

should i uninstall all 3 after installing the new file?

after install malware do i perform a full scan?

what is OTL?

sukar · 2011/01/02

so my pc keeps starting itself still
this is the msg that was displayed (note: this message does not always appear, more of a once in a while thing)

the system has recovered from a serious error
a log of this error has been created
to see what data this error report contains, click here
then i do click there, this is displayed:

error signature:
BCCode : 1000008e BCP1 : C0000005 BCP2 : 8052A917 BCP3 : EE405B18
BCP4 : 00000000 OSVer : 5_1_2600 SP : 3_0 Product : 256_1

to view our technical information about the error report, click here:
when i click here, this is displayed:

C:\DOCUME~1\ZAHEER~1\LOCALS~1\Temp\WERb668.dir00\Mini010211-02.dmp
C:\DOCUME~1\ZAHEER~1\LOCALS~1\Temp\WERb668.dir00\sysdata.xml

broni · 2011/01/02

should i uninstall all 3 after installing the new file?
Click to expand...

No. You need first two. Only Adobe Reader has to be updated.

so my pc keeps starting itself still
Click to expand...

You must have some other issues then...

Finish all of my steps first...

sukar · 2011/01/02

after install malware do i perform a full scan?

what is OTL?

(when i do install the latest version of adobe, i dont see the old version in control panel anymore)

broni · 2011/01/02

"Quick scan" in MBAM is sufficient.

Sorry about OTL...
Skip step 1
Instead of step 2, do this:

a.) Uninstall Combofix:
Go Start > Run [Vista users, go Start> "Start search"]
Type in:
Combofix /Uninstall
Note the space between the "Combofix" and the "/Uninstall "
Click OK (Vista users - press Enter).
Restart computer.

b.) Please download OTC to your desktop. It'll remove most tools and logs we used so far. If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Double-click OTC.exe to run it. (Vista and 7 users, please right click on OTC and select "Run as an Administrator ")

Click on the CleanUp! button and follow the prompts.

You will be asked to reboot the machine to finish the Cleanup process, choose Yes. If it doesn't ask you to reboot, restart computer manually.

After the reboot all the tools we used should be gone.

The tool will delete itself once it finishes.

sukar · 2011/01/03

nothing has changed, firefox is still crashing and the pc is restarting automatically at a frequent basis

the errors logs i posted at the bottom of the first page are the reports that are indicated by each time the pc restarts

broni · 2011/01/03

In that case...

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

Log in or Sign up

Inactive 2 constant issues

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive 2 constant issues

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

broni Moderator Malware Analyst

sukar Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches