Possible infection - what can I try?

I have a Vista 32 bit box that has strange behavior, it may or may not be a virus or malware. My main account "Magnum" starts logging in and gets to Welcome and then immediately goes to "logging off". I can only log in in Safe Mode.

Another account has been created, called User. I don't think I created it but I can use it. When in the User account, which is an Admin, I canNOT access Magnum files even with overriding the security warning.

Within the Magnum account (under Safe Mode) I have not been able to detect anything. Some programs (DDS script and ComboFix) stall and never finish.

Is there anything I can try with NOD32 v5 to find something? I think I have most settings enabled.

Is sure feels that I have something, but nothing is getting detected. Frustrating.

Any suggestions welcome,

Thanks,
Rob.

 

PM Sent

 

You can try to create a Eset Rescue Disk

http://kb.eset.com/esetkb/index?page=content&id=SOLN2103

 

on the surface it sounds more like profile corruption possible not because of malware. to exclude malware as a cause you can also ask for assistance from one of the experienced volunteer sites listed
www.wilderssecurity.com/showpost.php?p=1533481&postcount=3

 

Thanks for the reply, I have not ruled out a profile corruption issue. In my mind, I discounted that some since I can login in Safe Mode. In Safe Mode, the desktop is fine, internet is fine, all files seem fine. When I run DSS ( a diagnostic script) it hangs and ultimately crashes the computer (blue screen).

I will ping one of the volunteers, I had not seen that before.

Thanks,
Rob.

 

Thanks for this suggestion, I made the ESET rescue disk (took a bit of time) and I will try it tomorrow.

Thanks,
Rob.

 

The ESET disk ran and showed an old school progress bar loading Windows but then the screen never came on. I suspect the Windows kit did not include a driver for it? I may try again, but not sure if I know enough to create an ESET rescue disk.

Kapersky offers an ISO that you can download. I did that and ran it. It found a Keylogger in a ZIP file (Trojan-PSW.Win32.Agent.uju), but I can't tell if it is active or not. The CD did not recommend removing it and I will go back and remove it.

I don't think a Keylogger would cause my profile behavior. So I am thinking it is not malware but some other problem.

I would like any advice on how to get the ESET disc to work? (all I got was a blank screen).

Thanks!