Can't run Anti-Malware. Only MGTools

One of my computers have been severely infected. I tried following the Read Me First thread, but SuperAntiSpyware, AntiMalware Bytes and ComboFix will not work on that computer.

In the end, I took that harddrive and made it a slave to another computer. I ran all the scans above, except ComboFix ran on my c:/. I didn't know how to make it run a scan on the slave drive.

All malware was removed with those programs. In addition to those, I used a squared to remove additional malware. After re-installing the infected harddrive, the fake antivirus malware is gone, but there is still something there. I see the residual files in CCleaner(that and MGTools are the only scans I can run). In addition, many files are now missing from the c:\windows directory. The desktop wouldn't display. Desktop.ini was missing as was explorer.exe. Internet Explorer won't work now either. Turns out iexplorer.exe from the InternetExplorer folder was missing. I copied all these files from another computer. I was able to get the desktop back, but not internet explorer.

I downloaded firefox to a thumbdrive and tried installing it. It installed, but wouldn't work either.

One final interesting thing. When I right click Combo.exe on the desktop, one of the options is "run as". I clicked this and a screen came up saying:

Which user account do you want to run this program
Current User(DDW65YG1/Administrator)
(box checked off) Protect my computer and data from unauthorized program activity​

At the bottom, there was another box which I could check which would allow me to choose other users. I tried all different users and combinations to no affect. I also tried to uncheck the "Protect my computer from unauthorized program activity" box, but again to no affect.

I am left with a MGTools zip file that did run and the ability to make the drive a slave and run scans from a different main drive.

I'll wait for your request to post the MGTools file. Any help you can provide would be greatly appreciated.

 

Sorry for the repost. I'm not looking to bump the thread.

I re-read my post and wanted to clarify that although SuperAntiSpyware and Malwarebytes is coming up clean scanning the infected harddrive in a slave format, when I re-install the infected harddrive to the original computer and log in to the user's desktop, when I hit CTRL+ALT+DEL, it tells me task manager can not be displayed because this user's doesn't have entitlements.

I can log out and log in under Administrator and access task manager, but still can not run Spybot, SuperAntiSpyware, ComboFix or Malwarebytes even now. The only programs that can run now are "a squared", CCleaner and MGTools.

I can't even access the online scans now as the internet is not working.

 

Back in the day when I first signed up, it was made clear not to attach files until requested. By the time I realized everyone else was attaching with their post, I didn't want to bump AGAIN.

Log attached.

Thanks for taking a look.

 

New problem. Can't log in now.

I tried in safe mode and regular mode.

There are three accounts. One personal with Administrator priv, one titled Administrator and one created Administrator2 that I created to try to get around the Anti-Malware not running.

When I attempt to log in, it started to log in then says "saving information" and logs off. It brings me back to the screen where I can chose the log in user. I tried hitting CTRL+ALT+DEL and manually wrote in Administrator, still no success.

I'm left to accessing it as a slave or if you have a workaround to logging me in.

 

How would I create a new user account when the harddrive is a slave?

My secondary problem is accessing the personal "My Documents" folder. The main personal user was password protected. When I go in through Documents and Settings, John Smith, My Documents, it tells me My Documents access is denied. Is there a way around this to access the personal files as well.

 

I got excited for a moment thinking you had a way to access users in slave mode.

Right clicking the folders and sharing or changing the security settings on them isn't working. I was able to share the John Smith folder right after Documents and Settings, but when I try to do the same to My Documents folder, it tells me access denied.

I'm going to try deleting the files you listed in slave mode. If that doesn't get me access, I'll install, update and run all the anti virus and web based anti virus in slave mode and try again.

We've purchased a new harddrive, re-installed windows and necessary drivers for that system so we're operational again on it, but there are files on the infected drive we need. Besides, now its more of a winning issue.

I know internet explorer will probably never work correctly again and most of the system files are either corrupt, missing or have been replaced by system files from another computer, but even if it won't function, I'm going to get that malware.

Thank you for your help Tim. I won't trouble you again on this issue unless I can regain control of the harddrive as a primary drive.
David