For instance Hijackthis will run for a second and stop, same for malwarebytes or any other app. Microsoft Security Essentials has it's service stopped and it will not restart, if I reload the application it will download updates and seem fine right up until I start a scan then after it appears to hit an area it suddenly goes red-x.
I checked the security and it removes all users and admins from the security on the file so you can not execute or even rename it, the only security left on it is from everyone and that group does not show up in any security list.
The ONLY thing I managed to get to run before it dies is viperrescue but even after it executes it gets nailed by the security change so it will not run a second time.
It seems to indicate a rootkit but does not seem to clean it, the scary thing is when it ran it sounded like the harddrive clicked off and back on several times as though it had dropped power for an instant.
The threat item it lists is c:\windows\system32\drivers\vbma25fc.sys giving an ID of Trojan.win32.olmarik.agn
RKILL says it removes \\.\globalroot\Device\svchost.exe\svchost.exe but if I run RKill again it says the same even in safemode.
I am starting this thread is I can not find anyone who seems to have cleaned a PC once it reaches this state of operations, most threads I find die after a few posts and my assumption is the person either took it in and had it reformatted or reformatted it themselves.
I would really like to see this beast killed once and for all!
Thanks for any help!
Edited by dpcsit, 21 December 2010 - 08:43 AM.