help (repost from driver thread)

I have been getting BSOD errors related to bad drivers but have been unable to identify which ones (the malware removal guide replaced qmgr.dll but the problem persists) computer runs at normal speed in safe mode without errors, but in normal mode it is only a matter of time before explorer.exe crashes which makes it difficult to install any new software
(other symptoms: desktop icons keep refreshing themselves)

any help or fresh ideas to try is appreciated

PC: XP home, Pentium 4, 2G RAM, 4G pagefile, 80G HD
anitvirus: avira (no detections in logs prior to problem though I've seen several computers get infected by scareware despite avira, spywareblaster, and using spybotS&D's host file so i know avira is not reliable for everything)
firewall: sygate
browser: firefox
scan disk: did not find any file corruption or bad sectors on hard drive
driver verifier: identified ctjystk.sys and cdralw2k and I have disabled them via autoruns and their associated windows service but explorer crash problems persist
sfc /scannow: could not complete due to explorer crash in normal mode and could not initiate in safemode
recovery console: could not install due to explorer crash in normal mode and could not install in safemode

RogueKiller (could not install/run in safemode)
Malwarebytes Anti-Malware (no detections when I ran the scan, this is a shared computer so it is possible it was infected and whoever tried to remove the infection only removed it partially)
TDSSKiller (could not install/run in safemode)
HitmanPro (could not install/run in safemode)
MGtools (ran and logs are attached)

either malwarebytes or MGtools disabled my system restore so that is no longer an option either(never had 100% success with restores anyways)

btw, are there any successful methods of preventing scareware from getting onto a computer?

 

when i click on the icons nothing happens (do they require network enabled safemode perhaps? or is an infection preventing those programs from executing?)

those are all the logs from the C:\ directory that I zipped, if MG tools creates a zipped log file by itself, what directory is it in?

well my system restore points were intact before running those two tools and attempting to run the other 3, and afterwards my system restore was completely turned off without any program asking me to. I was only prompted to reboot.

you are preaching to the choir, I've been using the advice on this forum for years, and for a computer to run for 12+years before it gets its first infection is a pretty good testament about the effectiveness of the advice offered in these forums. I was merely wondering if anyone knew of specific prevention software to block known rouges from ever installing themselves onto your system(along the same lines as spywareblaster and spybotS&D blacklisting known bad websites to prevent users from ever going there), since googling only turned up afterthefact removal methods and not prevention. Or is there an AV that performs better at this particular portion of the protection than avira since avira does great at detecting and quarantining other things but does not catch all the rouges out there.

 

thank you very much for taking the time to figure out what happened, I think you are right, the lack of updates was probably incompatible with some of the malware removal software. Before all this I was not able to update my AV(program, not database) because the newest version did not support my version of windows as well.

I have reformatted and installed xp pro sp3 and have no problems at the moment with the same hardware and drivers.