Jump to content
mekurtz

SAS shuts down during scan

Recommended Posts

I assume I've got a bug.

Try running SAS (and RUNSAS), get an error that I cannot access the path, don't have permissions. Try running it different ways. See below.

McAfee is running, but won't run a scan of what's out there. Shuts the scan down. Avast is loaded, but won't scan at all things that are there already.

Eventually, running SAS from a thumb drive...get the scan running. Quickly finds 6 things (Fake Rootkit UAC something or other). Runs for a minute with nothing else, then just terminates. No warning, not message. Have tried to remove the 6 quarantined items and started over, but after reboot they are there again.

Tried dowloading other tools, nothing will load onto that machine.

Ideas?

Share this post


Link to post
Share on other sites

The same thing. It finds Threat 'Rootkit.Agent/Gen-UACFake', 6 Detected Items. Continues scanning the Registry Items (finished with Memory Items). Then just completely stops.

It at least runs in safe mode (RUNSAS) which it does not in normal mode.

If I pause it at the 6 items, they are all windows/system32/UACxxxxxxx.dll if that helps

When I try to remove them in safe mode, I get a System Shutdown warning initiated by NT AUTHORITY/SYSTEM because the RPC service terminated unexpectedly

Share this post


Link to post
Share on other sites

Additional notes.

I've tried installing other antivirus programs in safe mode. Most don't even run. Hijack this for example won't even install.

The ones that are on my desktop are just greyed out (Avast, PC Tools, ThreatFire). They installed okay, but something is blocking access to them.

I'm the only User on the laptop (Dell), always had full rights.

When I log in safe mode it shows an Adminstrator login, not there during normal login. Not sure where it came from, but been rare to log in that way so may have just not noticed.

Thanks

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×