Hey everyone. I'm working on a client's computer, and to start with the welcome screen would not load to allow a login. It would boot to a black screen with a mouse cursor that could move, but no keystrokes or mouse clicks were accepted. I booted with "Last known good configuration" and to my surprise it actually let me to the login screen. Since then, I've done a couple virus scans with UltimateBootCD4Win and found several culprits and removed them.
The problem I'm now facing is that I cannot launch many programs. I'm trying to run some more scans like ComboFix, MalwareBytes AntiMalware, and SuperAntiSpyware. I had no problem installing MalwareBytes, but SuperAntiSpyware fails with an error when trying to install. I have ComboFix on my flash drive and I'm unable to open it either.
When clicking on certain shortcuts and executables such as ComboFix, MWB, SmitFraud, and others either fail to load throwing up an error, or the hourglass appears for maybe 1-2 seconds (and the process shows itself during this time in Task Manager) and then goes away and nothing happens.
Before posting this question I did some more scans with AVG and found several entries for a virus known as Trojan Horse Pakes.ckf. AVG Deleted them all in safemode, but I still cannot open the same executables. I read someone's post in another forum with the same virus blocking the exact same apps. I also tried TrendMicro's housecall, but the site will not load. I'm about to give up and reinstall windows, but I'd rather not have to do that. I've tried everything in safe mode and normal mode that I can think of. Has anyone successfully removed this virus yet?
As far as I can tell, HiJackThis looks clean as well.
All the UAC files are from the trojan rootkit I mentioned. I'm not entirely sure how this virus works and I was unable to find much information about it online. It blocked a lot of installations though. Thanks again for the suggestion. As far as I can tell the problem is solved. I will play around with it a little bit longer and come back tomorrow to accept your answer.