-
This can sometimes happen if you have malwarebytes realtiime protection turned on. Try disabling realtime protection and also temporarily disable avast as before.
Disable MBAM Real-Time protection
- Right-click on the MBAM icon in the System Tray and uncheck Enable Protection.
- When asked, "Are you sure you want to disable the MBAM Protection Module?", click Yes.
- Right-click on the MBAM icon again and then uncheck Start with Windows.
- Restart your computer for the changes to take effect.
-
My apologies, I missed where you said you had disabled mbam and avast.
Let me check though your list of installed programs to see what else may be causing it.
-
Be sure to follow the above mbam instructions, then follow the below instructions and make sure to reboot the computer before attempting the OTL fix again.
Disable Stopzilla
- Right-click the "Stopzilla" icon in the system tray next to the clock. Click "Disable Real Time Protection" radio button under Spyware Protection.
- Select "Disable" under Pop-up Protection. Uncheck the "Auto-enable Stopzilla whenever my computer starts".
- Click "OK" to save the changes.
-
Same problem it freezes as soon as the killing processes phase starts
-
OK, we know combofix is working so we will use that. See instructions below and then follow the MiniToolBox instructions in the earlier post.
ComboFix - CFScript
This script is for this user and computer ONLY! Using this tool incorrectly could cause problems with your operating system... preventing it from ever starting again!
You will not have Internet access when you execute ComboFix. All open windows will need to be closed!
- Please open Notepad and copy/paste all the text below... into the window:
Code:
file::
C:\Documents and Settings\Chris\Local Settings\Application Data\Mozilla\Firefox\Profiles\lrp7h7bg.default\Cache(3)\3C4BBE48d01
C:\Documents and Settings\Chris\Local Settings\Application Data\Mozilla\Firefox\Profiles\lrp7h7bg.default\Cache(4)\8466DE95d01
- Save it to your desktop as CFScript.txt
- Please disable avast! Antivirus .
Right Click on the Avast! icon in the System tray and select Avast Shields Control.
Select Disable until Computer is restarted.
Please close all open application windows. - Drag the CFScript.txt (icon) into the ComboFix.exe icon... as seen in the image below:
http://i526.photobucket.com/albums/c...ScriptDrag.gif
This will cause ComboFix to run again.
Do Not use your keyboard or mouse click anywhere in the ComboFix window, as this may cause the program to stall or crash.
Do Not touch your computer when ComboFix is running! - When finished ComboFix will create a log file... you can save this file to a convenient place.
Please copy/paste the ComboFix log file in your next reply.
-
ComboFix 12-04-09.05 - Chris 1/2012 Wed 13:37:24.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1033.18.1012.501 [GMT -5:00]
Running from: c:\documents and settings\Chris\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Chris\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\Chris\Local Settings\Application Data\Mozilla\Firefox\Profiles\lrp7h7bg.default\Cache(3)\3C4BBE48d01"
"c:\documents and settings\Chris\Local Settings\Application Data\Mozilla\Firefox\Profiles\lrp7h7bg.default\Cache(4)\8466DE95d01"
.
Error: Cfiles.dat
.
((((((((((((((((((((((((( Files Created from 2012-03-11 to 2012-04-11 )))))))))))))))))))))))))))))))
.
.
2012-04-11 16:34 . 2012-04-11 16:34 -------- d-----w- C:\_OTL
2012-04-10 12:29 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-04-10 12:29 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-04-10 12:29 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-04-10 12:29 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-04-10 12:29 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-04-10 12:29 . 2012-03-06 23:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-04-10 12:29 . 2012-03-06 23:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-04-10 12:29 . 2012-03-06 22:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-04-10 12:26 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-04-10 12:25 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-10 12:24 . 2012-04-10 12:24 -------- d-----w- c:\program files\AVAST Software
2012-04-10 12:24 . 2012-04-10 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-04-04 21:50 . 2012-04-04 21:50 -------- d-----w- c:\program files\Common Files\Java
2012-04-04 21:50 . 2012-04-04 21:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-03 06:29 . 2012-01-19 15:22 42864 ----a-r- c:\windows\system32\SBBD.EXE
2012-04-03 06:29 . 2012-01-12 14:26 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-04-03 06:29 . 2012-04-03 06:29 -------- d-----w- c:\program files\Common Files\iS3
2012-04-03 06:25 . 2012-04-03 06:35 -------- d-----w- c:\program files\Common Files\PC Tools
2012-04-03 06:25 . 2012-04-03 06:25 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2012-04-03 06:25 . 2012-04-03 06:25 -------- d-----w- c:\documents and settings\Chris\Application Data\TestApp
2012-04-03 06:05 . 2012-04-03 06:05 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-03 05:54 . 2012-04-03 05:54 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-03 00:02 . 2012-04-03 05:54 -------- d-----w- c:\program files\ERUNT
2012-04-02 21:59 . 2008-06-20 11:51 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2012-04-02 17:04 . 2012-04-03 05:51 -------- d-s---w- c:\documents and settings\LocalService\UserData
2012-04-02 16:59 . 2012-04-09 21:53 -------- d-sh--w- c:\documents and settings\Chris\Local Settings\Application Data\ad7217cf
2012-04-02 06:46 . 2012-04-02 07:11 -------- d-----w- C:\UTSUSEMI
2012-04-02 02:31 . 2012-04-02 02:31 -------- d-----w- C:\NOMAD
2012-04-01 19:18 . 2012-04-01 19:21 -------- d-----w- c:\program files\ぴんくはてな
2012-04-01 19:07 . 2012-04-01 19:07 -------- d-----w- c:\program files\あかべぇそふとつぅTRY
2012-04-01 03:46 . 2012-04-01 03:46 -------- d-----w- c:\program files\アークシェル
2012-03-31 23:40 . 2012-03-31 23:40 -------- d-----w- c:\program files\DO
2012-03-31 15:31 . 2012-03-31 21:53 -------- d-----w- C:\アイル
2012-03-31 06:26 . 2012-04-03 05:48 -------- d-----w- c:\program files\教えてっ!おねてぃー
2012-03-31 04:36 . 2012-03-31 04:36 -------- d-----w- c:\program files\Vanadis
2012-03-31 02:58 . 2012-03-31 02:58 -------- d-----w- c:\program files\DualMage
2012-03-31 02:22 . 2012-03-31 02:24 -------- d-----w- c:\program files\euphoria
2012-03-31 02:17 . 2012-03-31 02:18 -------- d-----w- c:\documents and settings\Chris\Application Data\蠱惑の刻
2012-03-31 02:13 . 2012-04-11 13:43 -------- d-----w- c:\program files\蠱惑の刻
2012-03-30 21:46 . 2012-03-30 22:06 -------- d-----w- c:\program files\Acmeholic
2012-03-30 21:34 . 2012-03-30 21:34 -------- d-----w- c:\program files\SPEED
2012-03-30 20:42 . 2012-03-30 20:42 196616 ----a-w- c:\windows\system32\SARCheck.dll
2012-03-30 20:40 . 2012-03-30 20:45 -------- d-----w- c:\program files\ドキドキ母娘レッスン
2012-03-30 20:12 . 2012-03-30 20:12 -------- d-----w- C:\萌♂
2012-03-30 19:53 . 2012-03-30 19:53 -------- d-----w- C:\maika
2012-03-30 19:13 . 2012-03-31 00:04 -------- d-----w- c:\program files\touchable
2012-03-30 04:21 . 2012-03-30 04:21 -------- d-----w- c:\program files\Guilty
2012-03-30 02:41 . 2012-03-30 02:41 -------- d-----w- c:\program files\CLOCKUP
2012-03-30 01:53 . 2012-03-30 01:53 -------- d-----w- c:\program files\Atheros
2012-03-29 23:58 . 2001-08-17 17:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2012-03-29 23:56 . 2008-04-15 03:00 38912 -c--a-w- c:\windows\system32\dllcache\sm9aw.dll
2012-03-29 23:55 . 2001-08-17 17:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2012-03-29 23:55 . 2008-04-14 03:05 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys
2012-03-29 23:55 . 2001-08-18 03:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2012-03-29 23:55 . 2001-08-17 17:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
2012-03-29 23:55 . 2001-08-17 19:56 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2012-03-29 23:55 . 2001-08-17 17:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2012-03-29 23:55 . 2001-08-17 19:56 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll
2012-03-29 23:55 . 2001-08-17 17:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2012-03-29 23:55 . 2008-04-15 03:00 3901 -c--a-w- c:\windows\system32\dllcache\siint5.dll
2012-03-29 23:55 . 2012-04-03 00:37 -------- d-----w- C:\temp
2012-03-29 23:55 . 2001-07-21 19:29 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2012-03-29 23:54 . 2001-07-21 19:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2012-03-29 23:54 . 2001-08-17 17:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2012-03-29 23:54 . 2001-08-18 03:36 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2012-03-29 23:54 . 2001-08-17 17:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2012-03-29 23:54 . 2001-08-17 18:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2012-03-29 23:54 . 2001-08-17 18:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2012-03-29 23:54 . 2001-08-18 03:36 26112 -c--a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2012-03-29 23:54 . 2001-08-17 18:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2012-03-29 23:54 . 2008-04-14 05:15 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2012-03-29 23:54 . 2001-08-17 18:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2012-03-29 23:54 . 2001-08-18 03:36 57856 -c--a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2012-03-29 23:53 . 2001-08-17 18:51 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2012-03-29 23:53 . 2001-08-17 18:51 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2012-03-29 23:53 . 2001-08-17 18:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
2012-03-29 23:53 . 2001-08-17 18:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2012-03-29 23:53 . 2008-04-15 03:00 43904 -c--a-w- c:\windows\system32\dllcache\sbp2port.sys
2012-03-29 23:53 . 2001-08-18 03:36 495616 -c--a-w- c:\windows\system32\dllcache\sblfx.dll
2012-03-29 23:53 . 2001-08-17 17:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2012-03-29 23:53 . 2001-08-17 19:56 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2012-03-29 23:53 . 2001-08-17 17:50 77824 -c--a-w- c:\windows\system32\dllcache\s3sav4m.sys
2012-03-29 23:53 . 2001-08-17 19:56 198400 -c--a-w- c:\windows\system32\dllcache\s3sav4.dll
2012-03-29 23:52 . 2001-08-17 17:50 61504 -c--a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2012-03-29 23:52 . 2001-08-17 19:56 179264 -c--a-w- c:\windows\system32\dllcache\s3sav3d.dll
2012-03-29 23:52 . 2001-08-17 19:56 210496 -c--a-w- c:\windows\system32\dllcache\s3mvirge.dll
2012-03-29 23:52 . 2001-08-18 03:36 62496 -c--a-w- c:\windows\system32\dllcache\s3mtrio.dll
2012-03-29 23:52 . 2001-08-17 17:50 41216 -c--a-w- c:\windows\system32\dllcache\s3mt3d.sys
2012-03-29 23:52 . 2001-08-17 19:56 182272 -c--a-w- c:\windows\system32\dllcache\s3mt3d.dll
2012-03-29 23:52 . 2001-08-17 17:50 166720 -c--a-w- c:\windows\system32\dllcache\s3m.sys
2012-03-29 23:52 . 2001-08-17 18:57 65664 -c--a-w- c:\windows\system32\dllcache\s3legacy.sys
2012-03-29 23:52 . 2008-04-14 03:04 166912 -c--a-w- c:\windows\system32\dllcache\s3gnbm.sys
2012-03-29 23:52 . 2008-04-14 10:42 397056 -c--a-w- c:\windows\system32\dllcache\s3gnb.dll
2012-03-29 23:50 . 2001-08-18 03:36 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2012-03-29 23:49 . 2001-08-17 18:28 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys
2012-03-29 23:48 . 2001-08-17 19:07 19840 -c--a-w- c:\windows\system32\dllcache\philtune.sys
2012-03-29 23:48 . 2001-08-17 19:04 92416 -c--a-w- c:\windows\system32\dllcache\phildec.sys
2012-03-29 23:48 . 2001-08-17 19:04 173696 -c--a-w- c:\windows\system32\dllcache\philcam2.sys
2012-03-29 23:48 . 2001-08-17 19:04 75776 -c--a-w- c:\windows\system32\dllcache\philcam1.sys
2012-03-29 23:48 . 2001-08-18 03:36 16384 -c--a-w- c:\windows\system32\dllcache\philcam1.dll
2012-03-29 23:48 . 2008-04-14 10:40 259328 -c--a-w- c:\windows\system32\dllcache\perm3dd.dll
2012-03-29 23:48 . 2008-04-14 05:14 28032 -c--a-w- c:\windows\system32\dllcache\perm3.sys
2012-03-29 23:48 . 2008-04-14 10:40 211584 -c--a-w- c:\windows\system32\dllcache\perm2dll.dll
2012-03-29 23:48 . 2008-04-14 05:14 27904 -c--a-w- c:\windows\system32\dllcache\perm2.sys
2012-03-29 23:48 . 2008-04-14 02:42 169984 -c--a-w- c:\windows\system32\dllcache\pcx500.sys
2012-03-29 23:48 . 2001-08-18 03:36 86016 -c--a-w- c:\windows\system32\dllcache\pctspk.exe
2012-03-29 23:48 . 2001-08-17 17:11 35328 -c--a-w- c:\windows\system32\dllcache\pcntpci5.sys
2012-03-29 23:47 . 2001-08-17 17:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2012-03-29 23:47 . 2001-08-17 17:11 30282 -c--a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2012-03-29 23:47 . 2001-08-17 17:12 26153 -c--a-w- c:\windows\system32\dllcache\pcmlm56.sys
2012-03-29 23:47 . 2008-04-14 03:05 29502 -c--a-w- c:\windows\system32\dllcache\pca200e.sys
2012-03-29 23:47 . 2001-08-17 17:12 30495 -c--a-w- c:\windows\system32\dllcache\pc100nds.sys
2012-03-29 23:47 . 2001-08-18 03:36 41984 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll
2012-03-29 23:47 . 2001-08-18 03:36 44544 -c--a-w- c:\windows\system32\dllcache\ovui2.dll
2012-03-29 23:47 . 2001-08-17 19:05 25216 -c--a-w- c:\windows\system32\dllcache\ovsound2.sys
2012-03-29 23:47 . 2001-08-18 03:36 39424 -c--a-w- c:\windows\system32\dllcache\ovcoms.exe
2012-03-29 23:47 . 2001-08-18 03:36 20480 -c--a-w- c:\windows\system32\dllcache\ovcomc.dll
2012-03-29 23:46 . 2001-08-17 19:05 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys
2012-03-29 23:46 . 2001-08-18 03:36 116736 -c--a-w- c:\windows\system32\dllcache\ovcodec2.dll
2012-03-29 23:46 . 2001-08-17 19:05 31872 -c--a-w- c:\windows\system32\dllcache\ovce.sys
2012-03-29 23:46 . 2001-08-17 19:05 28032 -c--a-w- c:\windows\system32\dllcache\ovcd.sys
2012-03-29 23:46 . 2001-08-17 19:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2012-03-29 23:46 . 2001-08-17 19:05 25088 -c--a-w- c:\windows\system32\dllcache\ovca.sys
2012-03-29 23:46 . 2001-08-17 18:28 54186 -c--a-w- c:\windows\system32\dllcache\otcsercb.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 21:49 . 2010-10-12 20:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56 . 2009-02-23 14:59 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-03 09:22 . 2008-04-15 03:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2010-06-02 10:22 . 2010-06-02 10:22 89944 ----a-w- c:\program files\DSETUP.dll
2010-06-02 10:22 . 2010-06-02 10:22 537432 ----a-w- c:\program files\DXSETUP.exe
2010-06-02 10:22 . 2010-06-02 10:22 1801048 ----a-w- c:\program files\dsetup32.dll
2012-03-13 04:39 . 2012-03-25 06:16 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-09_22.00.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 05:02 . 2009-07-12 05:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2012-04-11 17:58 . 2012-04-11 17:58 16384 c:\windows\Temp\Perflib_Perfdata_730.dat
+ 2009-07-12 05:02 . 2009-07-12 05:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2012-04-10 12:27 . 2012-04-10 12:27 219648 c:\windows\Installer\f0366.msi
+ 2012-04-11 13:38 . 2012-04-11 13:38 253952 c:\windows\ERDNT\AutoBackup\4-11-2012\Users\00000002\UsrClass.dat
+ 2012-04-11 13:38 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\4-11-2012\ERDNT.EXE
+ 2012-04-10 12:12 . 2012-04-10 12:12 253952 c:\windows\ERDNT\AutoBackup\4-10-2012\Users\00000002\UsrClass.dat
+ 2012-04-10 12:12 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\4-10-2012\ERDNT.EXE
+ 2009-07-12 05:02 . 2009-07-12 05:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2012-04-11 13:38 . 2012-04-11 13:38 13766656 c:\windows\ERDNT\AutoBackup\4-11-2012\Users\00000001\ntuser.dat
+ 2012-04-10 12:12 . 2012-04-10 12:12 13766656 c:\windows\ERDNT\AutoBackup\4-10-2012\Users\00000001\ntuser.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1044480]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-15 208952]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-05-14 821768]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2008-05-22 425984]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
c:\documents and settings\Chris\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-6-4 114688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TPSvc]
TPSvc.dll [BU]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\ソ\ニア\\極楽バイパー ランジェリー 赤\\Bin\\VPLanRed.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Documents and Settings\\Chris\\My Documents\\Downloads\\STOPzilla_Setup.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jucheck.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4/10/2012 7:29 AM 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4/10/2012 7:29 AM 337880]
R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;c:\program files\VMLaunch\BuddyVM.sys [3/25/2009 12:56 PM 15488]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/10/2012 7:29 AM 20696]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [1/3/2011 5:10 AM 21992]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/23/2009 9:59 AM 654408]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [10/13/2009 8:33 PM 95200]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/23/2009 9:50 AM 24652]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2/23/2009 9:59 AM 22344]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 10:58 AM 11336]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2/23/2009 1:15 AM 96856]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\documents and settings\Chris\Application Data\Mozilla\Firefox\Profiles\lrp7h7bg.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-UltraISO_is1 - c:\program files\UltraISO\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-11 13:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-123947885-3055150098-3939964369-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EROTICA PEACH\0j00O0・n0ラS纐*0^7_6R'`竡ロcT0qN、N^]
"Order"=hex:08,00,00,00,02,00,00,00,22,01,00,00,01,00,00,00,02,00,00,00,80,00,
00,00,00,00,00,00,72,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,60,00,36,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\經USヤg^F0U000ソ該e*0}vO0痂・・sYSO_0a0^]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,10,b2,29,00,00,00,00,5e,8b,83,
cb,72,17,cd,01,05,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
"Changed"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Uninstall\經USヤg^F0U000ソ該e*0}vO0痂・・sYSO_0a0^]
"UninstallString"="c:\\WINDOWS\\IsUn0411.exe -f\"c:\\Program Files\\アークシェル\\口唇包柔\\koushin.isu\""
"DisplayName"="口唇包柔~うさみみ調教 白く濡れる女体たち~"
.
[HKEY_LOCAL_MACHINE\software\S*t*u*d*i*o*ェ尻`\エ0ヒ0・]
"InstalledFolder"="c:\\Studio邪恋\\ゴニン!?"
.
[HKEY_LOCAL_MACHINE\software\「0・ッ0キ0ァ0・\經USヤg^F0U000ソ該e*0}vO0痂・・sYSO_0a0^\1.00.000]
"srcpath"="d:\\koushin\\"
"dstpath"="c:\\Program Files\\アークシェル\\口唇包柔"
"Version"="0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3176)
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-04-11 13:54:57
ComboFix-quarantined-files.txt 2012-04-11 18:54
ComboFix2.txt 2012-04-10 21:29
ComboFix3.txt 2012-04-09 22:07
.
Pre-Run: 20,287,537,152 bytes free
Post-Run: 22,711,504,896 bytes free
.
- - End Of File - - 2035B0157BE9067833C4A41D2ABF4442
-
Please run minitoolbox now.
MiniToolBox
Please download MiniToolBox© by farbar and save it to your desktop. Click here.
- Double click on MiniToolBox.exe to run it.
Please check (tick) the following options:
- Flush DNS
- List IP Configuration
- List Winsock Entries
- List Last 10 Event Viewer Errors
- List Devices (Only Problems)
- Click on the GO button. A log will open.
- Please post the contents of this log. It can also be found on the desktop as Result.txt.
-
MiniToolBox by Farbar Version: 18-01-2012
Ran by Chris (administrator) on 11-04-2012 at 15:04:16
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IP Configuration: ================================
Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC = Local Area Connection (Media disconnected)
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Local Area Connection"
set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
# Interface IP Configuration for "Wireless Network Connection"
set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : SnowSakura
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : hsd1.tn.comcast.net.
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-23-8B-69-F1-4D
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : 00-24-2B-23-BC-24
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.105
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
Lease Obtained. . . . . . . . . . : Wednesday, April 11, 2012 1:16:00 PM
Lease Expires . . . . . . . . . . : Thursday, April 12, 2012 1:16:00 PM
Server: cdns01.comcast.net
Address: 75.75.75.75
Name: google.com
Addresses: 74.125.159.101, 74.125.159.100, 74.125.159.139, 74.125.159.102
74.125.159.113, 74.125.159.138
Pinging google.com [74.125.159.102] with 32 bytes of data:
Reply from 74.125.159.102: bytes=32 time=19ms TTL=54
Reply from 74.125.159.102: bytes=32 time=19ms TTL=54
Ping statistics for 74.125.159.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 19ms, Average = 19ms
Server: cdns01.comcast.net
Address: 75.75.75.75
Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24
Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=92ms TTL=51
Reply from 72.30.38.140: bytes=32 time=166ms TTL=51
Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 92ms, Maximum = 166ms, Average = 129ms
Server: cdns01.comcast.net
Address: 75.75.75.75
Name: bleepingcomputer.com
Address: 208.43.87.2
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.
Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x3 ...00 23 8b 69 f1 4d ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC - Packet Scheduler Miniport
0x20002 ...00 24 2b 23 bc 24 ...... Atheros AR5007EG Wireless Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.105 192.168.1.105 30
192.168.1.105 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.1.255 255.255.255.255 192.168.1.105 192.168.1.105 30
224.0.0.0 240.0.0.0 192.168.1.105 192.168.1.105 30
255.255.255.255 255.255.255.255 192.168.1.105 3 1
255.255.255.255 255.255.255.255 192.168.1.105 192.168.1.105 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/10/2012 10:57:02 AM) (Source: Application Hang) (User: )
Description: Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (04/09/2012 10:31:36 AM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 11.0.0.4454, faulting module mozalloc.dll, version 11.0.0.4454, fault address 0x0000195d.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (04/02/2012 02:10:27 AM) (Source: Application Error) (User: )
Description: Faulting application seraph.exe, version 1.0.0.1, faulting module user32.dll, version 5.1.2600.5512, fault address 0x000187aa.
Processing media-specific event for [seraph.exe!ws!]
Error: (04/02/2012 02:06:43 AM) (Source: Application Error) (User: )
Description: Faulting application seraph.exe, version 1.0.0.1, faulting module user32.dll, version 5.1.2600.5512, fault address 0x000187aa.
Processing media-specific event for [seraph.exe!ws!]
Error: (04/02/2012 02:04:50 AM) (Source: Application Error) (User: )
Description: Faulting application seraph.exe, version 1.0.0.1, faulting module user32.dll, version 5.1.2600.5512, fault address 0x000187aa.
Processing media-specific event for [seraph.exe!ws!]
Error: (04/02/2012 02:03:12 AM) (Source: Application Error) (User: )
Description: Faulting application seraph.exe, version 1.0.0.1, faulting module user32.dll, version 5.1.2600.5512, fault address 0x000187aa.
Processing media-specific event for [seraph.exe!ws!]
Error: (04/02/2012 01:58:56 AM) (Source: Application Error) (User: )
Description: Faulting application seraph.exe, version 1.0.0.1, faulting module user32.dll, version 5.1.2600.5512, fault address 0x000187aa.
Processing media-specific event for [seraph.exe!ws!]
Error: (03/31/2012 09:42:32 PM) (Source: MsiInstaller) (User: Chris)Chris
Description: ? : ???????????? -- ??? 1324? ???? ?? '????????????' ?????????????????
Error: (03/31/2012 09:31:54 PM) (Source: MsiInstaller) (User: Chris)Chris
Description: ? : ???????????? -- ??? 1324? ???? ?? '????????????' ?????????????????
Error: (03/31/2012 09:28:37 PM) (Source: MsiInstaller) (User: Chris)Chris
Description: ? : ???????????? -- ??? 1324? ???? ?? '????????????' ?????????????????
System errors:
=============
Error: (04/11/2012 00:55:59 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 00:55:58 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 00:55:58 PM) (Source: Service Control Manager) (User: )
Description: The IviRegMgr service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 00:05:00 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 00:04:59 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 00:04:59 PM) (Source: Service Control Manager) (User: )
Description: The IviRegMgr service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 11:45:46 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 11:45:46 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 11:45:46 AM) (Source: Service Control Manager) (User: )
Description: The IviRegMgr service terminated unexpectedly. It has done this 1 time(s).
Error: (04/11/2012 11:34:09 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
========================= Devices: ================================
**** End of log ****
-
Minitoolbox shows no issues that would affect your wireless card. You appear to be connected to it now. Are you still having issues with it? If so, please describe.
Also let me know if there are any other symptoms relating to the infection.
Thanks,
diver79.
-
No I'm not seeing any other problems currently, just need to remove stopzilla and defrag so it's not so slow