Unable to run any anti-virus or anti-malware programs, unable to load icons and taskbar on startup

[reavyan]

So I've been re-directed here. Hopefully someone can help me out; seems like a lot of people are having the same problem.

Anyway, just got a brand-spankin' new system put in two days ago. Runs like a charm...love it. A day later it is a complete and utter mess.

Stated with IE and Firefox being hijacked. At first it was random popups, then google re-directing to different sites. So I pop open hijack and Malwarebytes to catch the nasty that's doing this. Thing is though, I can't run Malwarebytes, Hijack, Symantec, or any other anti-malware or anti-virus program. Hijack dies off about two seconds after it is started, same thing for MB and everything else. Then it says I have no access to the program.

And now, after the whole damn system crashed on me, it simply will not load. I reboot and it only goes to the desktop, no icons, no taskbar...nada. Same thing in safe mode. I can access the task manager, but that's it.

Really at my wits end here. Would love it if someone could help me out. Thanks in advance.

[reavyan]

I'm also posting the Win32kDiag log. Really hope someone can be of assistance.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB917422\KB917422

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB917953\KB917953

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB924270\KB924270

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\explorer.exe

[1] 2005-04-07 05:33:57 1032192 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe (Microsoft Corporation)

[1] 2004-08-03 21:07:00 1032192 C:\WINDOWS\$NtUninstallKB884883$\explorer.exe (Microsoft Corporation)

[1] 2008-04-14 06:42:20 1033728 C:\WINDOWS\explorer.exe ()

[1] 2008-04-14 06:42:20 1033728 C:\WINDOWS\ServicePackFiles\i386\explorer.exe (Microsoft Corporation)

Found mount point : C:\WINDOWS\ime\chsime\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\shared\res\res

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\11.0.8173

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\DataColl\DataColl

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\EventCache\EventCache

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\Default

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1025\1025

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1028\1028

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1031\1031

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1037\1037

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1041\1041

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1042\1042

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1054\1054

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\2052\2052

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3076\3076

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\appmgmt\S-1-5-21-776561741-1417001333-682003330-1003\S-1-5-21-776561741-1417001333-682003330-1003

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\My Documents\My Documents

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Recent\Recent

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\dhcp\dhcp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\drivers\disdn\disdn

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\dumprep.exe

[1] 2004-08-03 21:07:00 10752 C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe (Microsoft Corporation)

[1] 2008-04-14 06:42:20 10752 C:\WINDOWS\ServicePackFiles\i386\dumprep.exe (Microsoft Corporation)

[1] 2008-04-14 06:42:20 10752 C:\WINDOWS\system32\dumprep.exe ()

Cannot access: C:\WINDOWS\system32\eventlog.dll

[1] 2004-08-03 21:07:00 55808 C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll (Microsoft Corporation)

[1] 2008-04-14 06:41:54 56320 C:\WINDOWS\ServicePackFiles\i386\eventlog.dll (Microsoft Corporation)

[1] 2008-04-14 06:41:54 61952 C:\WINDOWS\system32\eventlog.dll ()

[2] 2008-04-14 06:41:54 56320 C:\WINDOWS\system32\logevent.dll (Microsoft Corporation)

Found mount point : C:\WINDOWS\system32\export\export

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\GroupPolicy\User\User

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\Lang\Lang

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\LogFiles\WUDF\WUDF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\Macromed\update\update

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\MRT.exe

[1] 2006-11-15 21:20:40 10474920 C:\WINDOWS\system32\MRT.exe ()

Found mount point : C:\WINDOWS\system32\mui\dispspec\dispspec

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\sample\sample

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\ShellExt\ShellExt

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\bad\bad

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\good\good

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\snmp\snmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wins\wins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\xircom\xircom

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\Temp\Cookies\index.dat

[1] 2009-01-10 13:32:28 86327 C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat ()

[1] 2009-08-22 16:54:38 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ()

[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ()

[1] 2009-01-10 13:35:31 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011020090111\index.dat ()

[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ()

[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\Cookies\index.dat ()

[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\History\History.IE5\index.dat ()

[1] 2009-08-23 00:51:55 32768 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat ()

Cannot access: C:\WINDOWS\Temp\History\History.IE5\desktop.ini

[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()

[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()

[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()

[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()

[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()

[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()

[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()

[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()

[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\History\History.IE5\index.dat

[1] 2009-01-10 13:32:28 86327 C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat ()

[1] 2009-08-22 16:54:38 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ()

[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ()

[1] 2009-01-10 13:35:31 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011020090111\index.dat ()

[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ()

[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\Cookies\index.dat ()

[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\History\History.IE5\index.dat ()

[1] 2009-08-23 00:51:55 32768 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini

[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()

[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()

[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()

[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()

[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()

[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()

[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()

[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()

[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini

[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()

[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()

[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()

[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()

[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()

[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()

[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()

[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()

[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini

[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()

[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()

[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()

[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()

[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()

[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()

[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()

[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()

[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini

[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()

[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()

[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()

[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()

[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()

[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()

[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()

[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()

[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat

[1] 2009-01-10 13:32:28 86327 C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat ()

[1] 2009-08-22 16:54:38 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ()

[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ()

[1] 2009-01-10 13:35:31 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011020090111\index.dat ()

[1] 2009-08-22 16:54:38 32768 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ()

[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\Cookies\index.dat ()

[1] 2009-08-23 00:51:55 16384 C:\WINDOWS\Temp\History\History.IE5\index.dat ()

[1] 2009-08-23 00:51:55 32768 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat ()

Cannot access: C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini

[1] 2006-09-01 08:44:02 65 C:\WINDOWS\%DownloadedProgramFiles%\desktop.ini ()

[1] 2007-01-04 01:20:31 227 C:\WINDOWS\assembly\Desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Downloaded Program Files\desktop.ini ()

[1] 2007-01-04 00:10:02 67 C:\WINDOWS\Fonts\desktop.ini ()

[1] 2007-01-04 00:09:28 65 C:\WINDOWS\Offline Web Pages\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini ()

[1] 2007-01-04 00:15:07 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\61WFMZ61\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S5612FAZ\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UJK9YNO1\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WRMBOVWR\desktop.ini ()

[1] 2007-01-04 00:15:07 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini ()

[1] 2007-01-04 00:09:30 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini ()

[1] 2007-01-03 18:57:45 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini ()

[1] 2007-01-04 00:10:28 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini ()

[1] 2007-01-04 00:10:28 482 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini ()

[1] 2007-01-04 00:10:28 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini ()

[1] 2007-01-04 00:10:28 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini ()

[1] 2004-08-03 21:07:00 2 C:\WINDOWS\system32\desktop.ini ()

[1] 2004-08-03 21:07:00 65 C:\WINDOWS\Tasks\desktop.ini ()

[1] 2009-08-22 00:21:26 145 C:\WINDOWS\Temp\History\History.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5CE1RDGA\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\5IFKRC6L\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8L1K1KTK\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-08-22 00:21:26 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MS7G05JQ\desktop.ini ()

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^

Finished!

[Katana]

Please note that all instructions given are customised for this computer only,

the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

1. Please Read All Instructions Carefully
   
2. If you don't understand something, stop and ask! Don't keep going on.
   
3. Please do not run any other tools or scans whilst I am helping you
   
4. Failure to reply within 5 days will result in the topic being closed.
   
5. Please continue to respond until I give you the "All Clear"
   (Just because you can't see a problem doesn't mean it isn't there)
   

If you can do those few things, everything should go smoothly

Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.

Be assured, any links I give are safe

----------------------------------------------------------------------------------------

Please delete any copy of Win32kDiag.exe that you have and download a fresh version below.

Please save this file to your desktop.

Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK.

When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

"%userprofile%\desktop\win32kdiag.exe" -f -r

Download and Run ComboFix (by sUBs)

Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial

• You must download it to and run it from your Desktop
  
• Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  
• Double click combofix.exe & follow the prompts.
  
• When finished, it will produce a log. Please save that log to post in your next reply
  
• Re-enable all the programs that were disabled during the running of ComboFix..
  

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.

This tool is not a toy and not for everyday use.

ComboFix SHOULD NOT be used unless requested by a forum helper

For instructions on how to disable your security programs, please see this topic

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.