Booting into safe mode makes no difference either. I can boot into safe mode with CMD prompt and get to the cmd prompt for use, but without knowing what to do here, it pretty much does me no good.
I booted using UBCD4Win and scanned with SAS. It found around 80 items and cleaned them but didn't help with the issue at hand. I'm thinking I've got a registry issue and may be posting in the wrong forum, but I know this thing is infected. I just need to get the registry fixed so I can run MBAM and others to clean this thing.
I'm going to keep fighting this thing while awaiting help. I'll edit this post with updates. Thanks for any help anyone can give.
UPDATE: Booted into safe mode command prompt and accessed my flash drive. Installed MBAM and started a scan, but one of those nasty little rootkits shut the scan down within 3 seconds. Started Combofix in this same fashion and it said it detected rootkit activity and needed to restart. I restarted but nothing happened.
UPDATE: Downloaded the latest ComboFix to my flash drive and ran it using the safe mode cmd prompt. It ran thru and rebooted. Still no icons, but I can get to the task manager now. Used the New Task button to start MBAM and it found 473 items on a quick scan. Rebooted and ran a full scan and it found 5. Rebooted again and another full scan is running now. Will run SAS in safe mode after MBAM finishes. Hopefully making some progress here. Still have no icons on the desktop though.
Something odd about this PC though. Its running Windows XP Home, but the windows files are under a WINNT folder that cannot be renamed. There is a folder on the C drive named "windows", and this folder only has a "temp" folder in it. Inside the temp folder is one file "GLF27.exe". When I try to use Task Manager to run explorer or get the control panel up, I get a pop up error "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."
Edited by possumbarnes, 02 November 2009 - 08:47 AM.