im not able to run any of the programs specified in the help topic, all i can tell you is that i can't open explorer.exe and many other .exe files, there is nothing suspicious in the process tab in task manager, any help is greatly appreciated, thank you. Just to mention, i have spotted these processes in the task manager, but they went away after ending process: a.exe, find.exe
UPDATE: i ran sophos anti-rootkit and it discovered UACxxxxx.dll and UACxxxxxx.sys but could not remove because they're were in use by another application, i hope this helps a bit.
Root Repeal Log.
ROOTREPEAL © AD, 2007-2009
Scan Start Time: 2009/08/27 16:13
Program Version: Version 188.8.131.52
Windows Version: Windows XP SP3
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA97AA000 Size: 98304 File Visible: No Signed: -
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8A84000 Size: 8192 File Visible: No Signed: -
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA8E47000 Size: 49152 File Visible: No Signed: -
Image Path: C:\WINDOWS\win32k.sys:1
Address: 0xF897C000 Size: 20480 File Visible: No Signed: -
Image Path: C:\WINDOWS\win32k.sys:2
Address: 0xF87D4000 Size: 61440 File Visible: No Signed: -
End of added information. ~ OB
This infection that i got wasnt allowing me to run and programs, even when i rename start in safe mode or whatever, i was still unable until i ran RSIT.exe, a program that runs hijack this. log.txt 20KB 8 downloads
Edited by Orange Blossom, 31 August 2009 - 03:54 PM.