My brother called me and asked for help with his desktop computer, I was a LAN Administrator years ago but have never seen this craziness. OK MY brother knows nothing about computers other then going to websites that force things on his system. I found his system incredibly slow and the A/V software I installed was totally useless it seemed like what ever he was infected with found a way around it. I then rebooted in safe mode and tried to look at the task manager but it was locked out. I was logged in as the administrator and it said the Admin has you locked out of that function. I then went on line and every time I typed in anything to do with security or a program name like hijack this the browser would shut down. I had to go to my house and send him files because I couldn't get him on his machine. I returned and loaded ad-aware 2007 via email and it loaded, i loaded spy bot search and destroy from email and it loaded, then I tried to load hijack this from the email and the computer closed the file. I then renamed the file and tried to open it and got the the second screen before it was closed by the computer. Something is shutting down these programs. Ad-aware and Spy bot found thousands of things and fixed them, the task manager now works but I can't get hijack this to load has anyone else ever seen this? I loaded security task manager and removed anything that shouldn't be there and now the McAfee A/V program seems to be working again ( it was loaded the whole time but I could not access it at all, at the worst of this infection pop ups from McAfee warning of registry entries would pop up but then close so fast you couldn't stop them.) If you know what this is please let me know how to fix it without having to re-format I hope!!
i was going to suggest renaming hjt, but you already did it. get a copy of this on there; http://www.besttechie.net/tools/mbam-setup.exe * Double-click mbam-setup.exe and follow the prompts to install the program. * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform FULL SCAN, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt boot into safe mode and do this: Click Start>Run then type %temp% Hit OK. Delete all the files you can. click Start>Run then type %windir%\temp hit ok. delete all the files you can Empty your Temp folders. Go to Start > Run and type:cleanmgr. Windows will scan. When done check these 3 and press *ok* to remove: Temporary Files Temporary Internet Files Recycle Bin using explorer(right click on start>explore) drill down to these you want to delete whats >inside< the folder, not the folder itself. C:\Documents and Settings\-Your Profile-\Local Settings\Temporary Internet Files\ (will dump all your cached internet content including cookies) C:\Documents and Settings\-Your Profile-\Local Settings\Temp\ C:\Documents and Settings\-Any other users Profile-\Local Settings\Temporary Internet Files\ C:\Documents and Settings\-Any other users Profile-\Local Settings\Temp\ also run AV in safe mode.you could also try getting a log with hjt in safe mode. reboot normally -------------------- if computer seems to be a little better then attempt a online scan otherwise i would keep the machine disconnected from the internet. online scan: http://www.eset.com/onlinescan/ uses Internet Explorer only check "YES" to accept terms click start button allow the ActiveX component to install click the start button. the Scanner will update. check both "Remove found threats" and "Scan unwanted applications" click scan when done you can find the scan log at:C:\Program Files\EsetOnlineScanner\log.txt please copy/paste that log in next reply. post the safe mode hjt log if possible the malwarebytes log the online scan result. echoreply
