Jump to content

Malwarebytes

Unable to run any anti-virus or anti-malware programs, unable to load icons and taskbar on startup

- - - - -
Started by reavyan, Aug 22 2009 08:32 PM

3 replies to this topic

#1
reavyan
Posted 22 August 2009 - 08:32 PM

    New Member

  • Members
  • Pip
  • 3 posts
So I've been re-directed here. Hopefully someone can help me out; seems like a lot of people are having the same problem.

Anyway, just got a brand-spankin' new system put in two days ago. Runs like a charm...love it. A day later it is a complete and utter mess.

Stated with IE and Firefox being hijacked. At first it was random popups, then google re-directing to different sites. So I pop open hijack and Malwarebytes to catch the nasty that's doing this. Thing is though, I can't run Malwarebytes, Hijack, Symantec, or any other anti-malware or anti-virus program. Hijack dies off about two seconds after it is started, same thing for MB and everything else. Then it says I have no access to the program.

And now, after the whole damn system crashed on me, it simply will not load. I reboot and it only goes to the desktop, no icons, no taskbar...nada. Same thing in safe mode. I can access the task manager, but that's it.

Really at my wits end here. Would love it if someone could help me out. Thanks in advance.

#2
reavyan
Posted 23 August 2009 - 05:47 AM

    New Member

  • Members
  • Pip
  • 3 posts
I'm also posting the Win32kDiag log. Really hope someone can be of assistance.

WARNING: Could not get backup privileges!
Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB917422\KB917422
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB917953\KB917953
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB924270\KB924270
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\addins\addins
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\Temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\temp\temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\tmp\tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Config\Config
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard
Mount point destination : \Device\__max++>\^
Cannot access: C:\WINDOWS\explorer.exe
[1] 2005-04-07 05:33:57 1032192 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe (Microsoft Corporation)
[1] 2004-08-03 21:07:00 1032192 C:\WINDOWS\$NtUninstallKB884883$\explorer.exe (Microsoft Corporation)
[1] 2008-04-14 06:42:20 1033728 C:\WINDOWS\explorer.exe ()
[1] 2008-04-14 06:42:20 1033728 C:\WINDOWS\ServicePackFiles\i386\explorer.exe (Microsoft Corporation)

Found mount point : C:\WINDOWS\ime\chsime\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imejp\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imejp98\imejp98
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\shared\res\res
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\11.0.8173
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\msapps\msinfo\msinfo
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\DataColl\DataColl
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SoftwareDistribution\EventCache\EventCache
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\Default
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1025\1025
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1028\1028
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1031\1031
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1037\1037
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1041\1041
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1042\1042
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\1054\1054
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\2052\2052
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\3076\3076
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\appmgmt\S-1-5-21-776561741-1417001333-682003330-1003\S-1-5-21-776561741-1417001333-682003330-1003
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Desktop\Desktop
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Favorites\Favorites
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\My Documents\My Documents
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\config\systemprofile\Recent\Recent
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\dhcp\dhcp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\drivers\disdn\disdn
Mount point destination : \Device\__max++>\^
Cannot access: C:\WINDOWS\system32\dumprep.exe
[1] 2004-08-03 21:07:00 10752 C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe (Microsoft Corporation)
[1] 2008-04-14 06:42:20 10752 C:\WINDOWS\ServicePackFiles\i386\dumprep.exe (Microsoft Corporation)
[1] 2008-04-14 06:42:20 10752 C:\WINDOWS\system32\dumprep.exe ()

Cannot access: C:\WINDOWS\system32\eventlog.dll
[1] 2004-08-03 21:07:00 55808 C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll (Microsoft Corporation)
[1] 2008-04-14 06:41:54 56320 C:\WINDOWS\ServicePackFiles\i386\eventlog.dll (Microsoft Corporation)
[1] 2008-04-14 06:41:54 61952 C:\WINDOWS\system32\eventlog.dll ()
[2] 2008-04-14 06:41:54 56320 C:\WINDOWS\system32\logevent.dll (Microsoft Corporation)

Found mount point : C:\WINDOWS\system32\export\export
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\GroupPolicy\User\User
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\Lang\Lang
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\LogFiles\WUDF\WUDF
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\Macromed\update\update
Mount point destination : \Device\__max++>\^
Cannot access: C:\WINDOWS\system32\MRT.exe
[1] 2006-11-15 21:20:40 10474920 C:\WINDOWS\system32\MRT.exe ()

Found mount point : C:\WINDOWS\system32\mui\dispspec\dispspec
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\oobe\sample\sample
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\ShellExt\ShellExt
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\wbem\mof\bad\bad
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\wbem\mof\good\good
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\wbem\snmp\snmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\wins\wins
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\system32\xircom\xircom
Mount point destination : \Device\__max++>\^
Cannot access: C:\WINDOWS\Temp\Cookies\index.dat
[1] 2009-01-10 13:32:28 86327 C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat ()
[1] 2009-08-22 16:54:38 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ()
[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ()
[1] 2009-01-10 13:35:31 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011020090111\index.dat ()
[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ()
[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\Cookies\index.dat ()
[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\History\History.IE5\index.dat ()
[1] 2009-08-23 00:51:55 32768 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat ()

Cannot access: C:\WINDOWS\Temp\History\History.IE5\desktop.ini
[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()
[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()
[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()
[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()
[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()
[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()
[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()
[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()
[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\History\History.IE5\index.dat
[1] 2009-01-10 13:32:28 86327 C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat ()
[1] 2009-08-22 16:54:38 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ()
[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ()
[1] 2009-01-10 13:35:31 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011020090111\index.dat ()
[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ()
[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\Cookies\index.dat ()
[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\History\History.IE5\index.dat ()
[1] 2009-08-23 00:51:55 32768 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini
[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()
[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()
[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()
[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()
[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()
[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()
[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()
[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()
[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini
[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()
[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()
[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()
[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()
[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()
[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()
[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()
[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()
[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini
[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()
[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()
[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()
[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()
[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()
[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()
[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()
[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()
[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini
[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()
[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()
[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()
[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()
[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()
[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()
[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()
[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()
[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat
[1] 2009-01-10 13:32:28 86327 C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat ()
[1] 2009-08-22 16:54:38 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ()
[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ()
[1] 2009-01-10 13:35:31 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011020090111\index.dat ()
[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ()
[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\Cookies\index.dat ()
[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\History\History.IE5\index.dat ()
[1] 2009-08-23 00:51:55 32768 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini
[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()
[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()
[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()
[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()
[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()
[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()
[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()
[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()
[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()
[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()
[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()
[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()
[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()
[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()
[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()
[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp
Mount point destination : \Device\__max++>\^

Finished!

#3
Katana
Posted 25 August 2009 - 11:57 AM

    True Member

  • Experts
  • PipPipPipPip
  • 387 posts
  • Gender:Male
  • Location:Manchester UK
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
  • Please Read All Instructions Carefully
  • If you don't understand something, stop and ask! Don't keep going on.
  • Please do not run any other tools or scans whilst I am helping you
  • Failure to reply within 5 days will result in the topic being closed.
  • Please continue to respond until I give you the "All Clear"
    (Just because you can't see a problem doesn't mean it isn't there)
If you can do those few things, everything should go smoothly Posted Image

Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------

Please delete any copy of Win32kDiag.exe that you have and download a fresh version below.

Please save this file to your desktop.
Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK.
When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

"%userprofile%\desktop\win32kdiag.exe" -f -r



Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial

  • You must download it to and run it from your Desktop

  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.

  • Double click combofix.exe & follow the prompts.

  • When finished, it will produce a log. Please save that log to post in your next reply

  • Re-enable all the programs that were disabled during the running of ComboFix..


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

Quote

For instructions on how to disable your security programs, please see this topic
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Posted Image
PM's for help will be ignored

#4
AdvancedSetup
Posted 31 August 2009 - 07:49 PM

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 22,574 posts
  • Gender:Male
  • Location:US
Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.
Ron Lewis
Manager, Online Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

If you've posted to the HJT forum and it has been over 5 days without a response please send a Private Message asking for assistance.
Back to Resolved HijackThis Logs · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Computer Help
  3. Malware Removal - HijackThis Logs
  4. Resolved HijackThis Logs

Products

About

Partners

Follow Us