uwatech
2010-10-18, 16:33
I've been repairing PCs for 7 years now, and I've never run across one that had me stumped. I could just ghost this thing and forget about it, but now I'm really curious about what's going on with this one.
It's a Dell Optiplex 360. I tried booting in safe mode and running combofix as the admin. It starts to run, but rather than say "stage 1 complete, stage 2 complete, ect..." it says, "Access is Denied, Access is Denied...." and so on. I saved combofix to the desktop as cf.exe and tried running it two ways. First, just clicking it. The second, go to start, run, and type:
"%userprofile%\desktop\cf.exe" /killall
Also, I tried installing SuperAntiSpyware and MalwareBytes. Both had the same result - they would install, update, and when the scan started - it would close. When I try to reopen it, I see a blank shortcut icon and it says the specified path cannot be found.
I tried running TrendMicro RootkitBuster too. Same thing.
The last thing I tried was using UBCD4Win. It has a suite of tools in there, all doing the same thing as described above. The only thing that could scan was Spybot S&D. It found 15 total traces:
Microsoft.Windows.System - 2
Microsoft.WindowsSecurityCenter.Antivirus.Override - 1
SweetIM - 12
Clicked fix selected and rebooted the PC. Same thing. Anybody have any pointers or tools you can think of that I haven't used? By default, since it's a University PC, it has Vipre Antivirus on it, which is also no longer running.
Thanks in advance!
It's a Dell Optiplex 360. I tried booting in safe mode and running combofix as the admin. It starts to run, but rather than say "stage 1 complete, stage 2 complete, ect..." it says, "Access is Denied, Access is Denied...." and so on. I saved combofix to the desktop as cf.exe and tried running it two ways. First, just clicking it. The second, go to start, run, and type:
"%userprofile%\desktop\cf.exe" /killall
Also, I tried installing SuperAntiSpyware and MalwareBytes. Both had the same result - they would install, update, and when the scan started - it would close. When I try to reopen it, I see a blank shortcut icon and it says the specified path cannot be found.
I tried running TrendMicro RootkitBuster too. Same thing.
The last thing I tried was using UBCD4Win. It has a suite of tools in there, all doing the same thing as described above. The only thing that could scan was Spybot S&D. It found 15 total traces:
Microsoft.Windows.System - 2
Microsoft.WindowsSecurityCenter.Antivirus.Override - 1
SweetIM - 12
Clicked fix selected and rebooted the PC. Same thing. Anybody have any pointers or tools you can think of that I haven't used? By default, since it's a University PC, it has Vipre Antivirus on it, which is also no longer running.
Thanks in advance!