Over 1 million tech questions and answers.

Task Manager Disabled, Regedit disabled, virus scanners detect but dont delete properly

Q: Task Manager Disabled, Regedit disabled, virus scanners detect but dont delete properly

Hi,

Ive had, what I believe to be a backdoor trojan on my computer for about 6 weeks now. It started with a malicious pop up which kept appearing making it look like i had loads of viruses and telling me that I needed to buy this virus scanner and my computer would not power off when shutting down. I knew I had a virus so I tried to use my scanner malwarebytes but it would not open, the virus had got to that as well. Eventually I tried copying malwarebytes to a removable media and managed to scan that way. I had lots of trojans including koobface. My computer was still really slow after the scan and they had not been properly deleted because each scan kept bringing the trojans again.

The next problem was my internet browser would not work, i eventually fixed it (cant remember how) but i believe the virus caused this. Then was the disabling of task manager, regedit and gpedit, which i have found by reading forums how to get this enabled again. I have since downloaded AVG, this tells me i have a trojan horse called 'generic7' again I keep scanning, the same viruses are found and deleted then on reboot they are there again. I also noticed that when i can access task manager some proccesses such as windows defender are really high and the only way to run the computer without it crashing/slowing down is to terminate the proccess. One new thing that has only just started to happen is that the ?task manager/ regit disable has by administrator? pop up sometimes appears and cant be closed, instead they multiplies and i have to reboot.

Although I will confess my anti virus prevention techniques are great, when i get viruses, i can usually delete it or use and scan and get rid of it myself. This is the worse virus I have ever dealt with.

If anyone gets and opportunity can you please look at my DDS and help me. It is much appreciated thanks.

Louise

RELEVANCY SCORE 200
Preferred Solution: Task Manager Disabled, Regedit disabled, virus scanners detect but dont delete properly

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Task Manager Disabled, Regedit disabled, virus scanners detect but dont delete properly

Hi and welcome to the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum,I am and I am here to help you!I ask that you refrain from running tools other than those we suggest to you while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.As I am in the final stages of training an Expert Coach will also oversee your fix. Your benefit will be "four eyes and two brains" but responses may be somewhat delayed so please be patient!!!!I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!==========I need a more detailed view of your computer.Please do this..............Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)==========With your next post please provide:* RSIT info.txt* RSIT log.txtI will review your logs and post instructions forthcoming.Regards,t

Read other 29 answers
RELEVANCY SCORE 156.4

Hello guys, this is my first post here. I have problem last few days. It could be some sort of malware or virus which cant be detected with AVG antivirus or Ad aware. This lap top hasnt been connected online for quite a while and problems started after used my USB flash disk. After that i couldnt open Task Manager(neighter with right click on task bar - text faded, nor with ctrl-alt-delete) or regedit. Also i cant boot into safe mode (when it starts, suddenly blue screen appears for a milisecond and computer restarts). I cant start AVG system scan, it reports that "application cannot run due to an error while verifying its electronic certificate". I can run AVG guard though. There was problem with C disk (i couldnt open it with double click and i had to use "explore" ). I resolved it by deleting "autorun.ini" file thru command prompt (it was hidden file and, another problem that occured, i cant edit folder options to make hidden files visible). There is also problem with language bar which is disabled and cannot be re-enabled cause its button is faded, though i dont care much about it.

I manage to enter to Task manager and regedit using trick with gpedit.msc. In "User configuration/Administrative templates/System/Ctrl+Alt+Del options/Remove task manager", default value is"not configured". I put disabled and i can use Task manager OR regedit again, but ONLY once! After i open and close ONE of those, i cant re-open it withou... Read more

A:Task Manager and regedit disabled, safe mode disabled, virus scan disabled... :s

It sounds very much like a virus. If you can get on the internet google regtools.vbs that script file should get your regedit working again but don't know for how long if it is a virus.

Read other 7 answers
RELEVANCY SCORE 134.4

I've been searching all over the interwebs and have found several tips on how to fix the task manager and regedit, but nothing has worked so far. I CAN enable them, but they just get disabled again after a few seconds. I've had this problem for a few months now. I'm not sure how it started, because I was away at college, and then I came back to my PC being all messed up.More recently, I came back home again yesterday, and now, right-clicking folders CRASHES MY COMPUTER! What the hell! I searched Google and found a few webpages about the problem but haven't really found anything that seems... relevant. One site talks about DivX, another talks about some windows update... I dunno. I haven't really tried to fix this problem yet, but I'm sure it's unrelated to my other ones. Besides, it doesn't seem like I can fix it without regedit and my task manager anyway.Someone on another forum told me to run ComboFix so I did, but I dunno what to do with the info it searched up, so I'll just post it here.ComboFix 09-05-24.01 - Jefferson Lam 05/24/2009 13:39.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1537 [GMT -7:00]Running from: c:\documents and settings\Jefferson Lam\Desktop\ComboFix.exeAV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))... Read more

A:Task manager disabled, regedit disabled, and right clicking folders crashes explorer.exe

Hello somedumbgamer,Please note the message text in blue at the top of the Am I infected? What do I do? forum.ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.If needed, we will direct you to our HJT Preparation Guide.Thank you for using BleepingComputer as your malware removal source.This topic is now closed. If you have any questions, please PM me or another Moderator.Regards, The weatherman

Read other 1 answers
RELEVANCY SCORE 132

hello i need help with this because it keeps coming back even though i have tried hijack and a bunch of other ones i do everything right by going into regedit and deleting it but it comes back after like 5 seconds the task manager and regedit only work for awhile too with the fixes and i have reformatted my computer like 4 times nothing works need help pls and thank you i also have this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:54:44 PM, on 12/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\igfxpers.exe
C:\WINDOWS\System32\wuauclt.exe
C:\DOCUME~1\andrewdo\LOCALS~1\Temp\wineakit.exe
C:\DOCUME~1\andrewdo\LOCALS~1\Temp\winlhitdp.exe
C:\DOCUME~1\andrewdo\LOCALS~1\Temp\naoa.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WIND... Read more

A:task manager and regedit disabled by virus

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 132

Hello,

Got a virus that disabled regedit and task manager. users/tyler/appdata/roaming/OvVb4FSsCcpW.exe is what keeps attempting to make changes to my computer. I can provide a hijackthis log if necessarry.

Thanks.

A:Task Manager and Regedit disabled by virus

Please download Malwarebytes Anti-Malware and save it to your desktop.Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet and double-click on the renamed file to install the application.
For instructions with screenshots, please refer to this Guide.When the installation begins, follow the prompts and do not make any changes to default settings.Malwarebytes will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.Click on the Scan button.When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.Make ... Read more

Read other 3 answers
RELEVANCY SCORE 132

hey guys, need help.
picked up a virus, it has disabled task manager and all run commands, regedit.exe, also cant open malwarebytes, or superantispyware, to attempt to get rid of it?

hjt log.
thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:17:07, on 12/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\AOL\1161798129\ee\aolsoftware.exe
c:\program files\common files\aol\1161798129\ee\aolsoftware.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\... Read more

A:virus! disabled task manager and regedit + hjt

ok after some time fiddling around, got task manager and regedit back. but virus still there and still cant open malwarebytes
 

Read other 1 answers
RELEVANCY SCORE 130.8

I brought my friend's pendrive when i opened it i saw a autorun.ini and i suddenly removed the pendrive .And when i press Ctrl + Alt +Del my taskmanger was gone it has been disabled by the administrater and same with regedit .I tried The Gpedit.msc method and it just enabled the taskmanager for 2 or 3 seconds after that again it showed problem.I scan my computer with AVG 8 latest It showed a lot of TANATO.M Virus in almost every exe of my games ,softwares and even system files,I deleted many files through AVG and then i uninstalled AVG becasue i wont let me open any thing .PLEASE HELP i also cant copy and paste any files as it freezes my COmputer

HERE IS MY HIJACK THIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24:35 PM, on 6/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\syst... Read more

Read other answers
RELEVANCY SCORE 130.8

Hi,

Since my computer has been infected by some virus it goes so slowly and i have some function disabled loke reg edit and task manager...

Can i receive some help?

TNX a lot!

Alexej.
DDS (Ver_09-10-26.01) - NTFSx86
Run by Alexej at 20:35:55.28 on 2009-11-08
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.3070.2554 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {0012EE20-534A-7C92-A010-1600080015C0}
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
D:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
D:\Programmi\Java\jre6\bin\jusched.exe
D:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
D:\Programmi\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
D:\Programmi\... Read more

A:INFECTED WITH SEVERAL VIRUS, task manager- regedit disabled

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 130.8

Here's my HJT logfile. I've done what I know so far, and before I start picking at my system files one at a time, I'd like to know if anyone here can help.


Logfile of HijackThis v1.99.1
Scan saved at 9:41:59 PM, on 12/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
C:\PROGRA~1\MICROI~1\INTERN~1\KPDrv4XP.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\Downloa... Read more

A:Regedit/Task Manager/gpedit disabled. Possible virus. Help

Hello Karma Walker and welcome to TSF,

Please--do not go picking away at your system files one by one.


Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out these instructions.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

******************************************

Download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the programOnce you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.

Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on " Recommended actions" and then select " Quarantine".
Under "Reports"Select "Automatically generate report after every scan"
Un-Select "Only if threats were found"

Close AVG Anti-Spyware. Do Not run a scan just yet, we will shortly.

------------

Please download Brute Force ... Read more

Read other 4 answers
RELEVANCY SCORE 129.2

I am not sure of the name of the virus, I know that it initially was a process called SCVHost.exe, trying to impersonate SVCHost.exe. My log is as follows

Logfile of HijackThis v1.99.1
Scan saved at 7:22:10 AM, on 2/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\HPZipm12.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Program Files\Zune\ZuneNss.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINNT\system32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsch... Read more

Read other answers
RELEVANCY SCORE 129.2

Basically, my cousin tried downloading these fake facebook password crackers and they had viruses. Now If i try to system restore, it fails because the file (C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHA0922H\all[2].js)
can't be extracted.
Furthermore I can't access such a file.
I tried using HJT and i have the log which i will leave at the end.
When i try to access task manager it says it has been disabled by the administrator. Same with Registry Editor. Also, When i try to access safe mode, I can't select safe mode or any other option and the timer just runs out and the computer starts up normally. Can anyone help me?
Here's the log by the way.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:21:12 PM, on 7/11/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Users\Chris\Downloads\HijackThis.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.... Read more

A:Virus disabled Task Manager, Regedit, and Safe mode

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:***************************************************First, I need to know if you still need help! To tell me this, please click on http://www.bleepingcomputer.com/logreply/409028 and follow the instructions there. If you do not still need help, this is all you need to do. If you do need help please continue below.***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have p... Read more

Read other 2 answers
RELEVANCY SCORE 128

Hi,
I am using Windows XP Home. My Laptop is infected by Virus. So when i try to access task Manager it is saying, Task Manager is disabled by administrator even though i have admin Privilages. I went through several forums and found i can enable it by Regedit. But when i try to oepn regedit again it is also saying Regedit has been disabled by Administrator. I am not able to see the folder options also.I think all these are due to virus.When i scan my computer using Trend Micro Pc-cillin i found a virus which is not fixed by that software. Name is "WORM SOHANAD.DW" and the software is saying manually delete the file which is located in the folloing path

"c:\windows\system32\scvshosts.exe" But i could not able to delete the file .So could you please let me know how shoul i get rid off the virus and how to enable my Task Manager, Regedit and Folder ootions.

Quick help is appreciated. I am suffering and trying all possible solutions for past one week. But no success.

Thanks
Naga Kumar

A:Restore Task Manager, Regedit and Folder Options Disabled by Virus

Hi dasariraja and welcome to TSF !

First thing is to get rid of the virus, then we'll provide you with the steps needed to restore your missing options.

Please follow the "HJT - 5 steps against malware" link in my sig. Read the instructions there very carefully. If there's some step that you can't take just skip it and post your final logs in a new thread in the HijackThis section. Our security analysts will review them and get back to you. Please be patient as that section is usually very busy.

If you can't access the control panel for the first step, try running appwiz.cpl from start => run to access the add/remove programs utility.

Read other 1 answers
RELEVANCY SCORE 119.6

I seem to have a virus disabling my task manager and registry editor. I have run spybot and malwarebyte's anti-malware. The list each one finds includes mentions of task manager and regedit. When I fix the problems, I'm able to open the two programs for about 5-10 seconds. The virus then seems to reapply itself.

Here is my log for malwarebytes:

Malwarebytes' Anti-Malware 1.41
Database version: 2825
Windows 5.1.2600 Service Pack 3

10/26/2009 3:26:45 PM
mbam-log-2009-10-26 (15-26-45).txt

Scan type: Full Scan (C:\|)
Objects scanned: 209821
Time elapsed: 1 hour(s), 14 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Inf... Read more

A:Task manager and regedit disabled

Hello, I am moving this from XP to the Am I Infected forum. Please Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.Next run ATF and SAS:Note.. SAS doesn't open the registry hives for other user accounts on the system, so scans should be done from each user account.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the... Read more

Read other 7 answers
RELEVANCY SCORE 119.6

Hi:

My task manager has been disabled as well as regedit. I also keep getting a CThelper.exe pop up that says I have no disk in the drive.

As I found on another post, I downloaded RSIT. Here are the results from the log.txt file. The info.txt is attached.

Thanks for your help, John

=========================

Logfile of random's system information tool 1.05 (written by random/random)
Run by John at 2008-12-28 07:55:15
Microsoft Windows XP Professional Service Pack 2
System drive C: has 76 GB (51%) free of 148 GB
Total RAM: 2046 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:55:22 AM, on 12/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel... Read more

A:Task Manager / Regedit Disabled

Hi:

My task manager has been disabled as well as regedit. I also keep getting a CThelper.exe pop up that says I have no disk in the drive.

As requested, I've provided the information needed below and in the attachments.

Thanks for your help, John

DDS (Version 1.1.0) - NTFSx86
Run by John at 21:29:43.09 on Tue 12/30/2008
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1470 [GMT -6:00]

AV: McAfee VirusScan *On-access scanning disabled* (Outdated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files... Read more

Read other 11 answers
RELEVANCY SCORE 119.6

Well, somehow Task Manager and registry editor got disabled and I can't get it working. Even with gpedit.msc I open it once, than I can't open another. Same with registry editor. Please help me out.
------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 9:03:50 AM, on 9/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\laxtp.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winpirvo.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1... Read more

Read other answers
RELEVANCY SCORE 119.6

Another Big Problem Mr.TSG.
Now when i press crtl + alt + del , it says Task manager has been disabled by your administrator.
Plz Help this time also..

My HJT Log is attached

Please also tell how dangerous it is to hold on with windows with such a problem ?

Thanks as always
 

A:Task Manager and Regedit Disabled !!

please help
 

Read other 2 answers
RELEVANCY SCORE 119.6

Original post

http://www.techsupportforum.com/f100...ed-428542.html

i believe it was a virus that is doing all this because my PC were all find back then till i downloaded a patch for an online game

IMPORTANT INFO:1.Window XP Service Pack 2
2.Task Manager and Regedit disabled
3.I cant access to any official antivirus website
(except for websites like download.com)
4.Task manager and Regedit are not manually disabled


ok this is what happened...

I start to realised that my pc was infected when i tried to end a task using task manager and i got this error stating that "task manager has been disabled by your administrator" . first i thought it was just a technical error so i start to go through some guide to enable my task manager as it was . Then i found this guide that by running Regedit i could enable my task manager back as it was , but then i also realised that my Regedit was also disabled . Since this computer belong to me and no one is touching it because i'm a single guy who live alone , so i guess it should be a virus .

im quite lost.. i dont know what to do.. even though i go through the tutorials .. sorry im a newbie xD

the dds seems to be not responding and the only thing i got was the logs..
i think this should be it

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-11-05 14:26:20
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\user\LOCALS~1\Temp\kxtdapob.sys


---- Services - GMER 1.0.15 ... Read more

A:Task Manager and Regedit disabled

Hello -

Let's see if we can get some logs from this tool.
Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt here.
Please attach info.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\rsit\info.txt

Click Upload.



---------------------------------------------------------------------------------------------

Read other 19 answers
RELEVANCY SCORE 119.6

My computer is really weird, a week now...gone so slow, CTRL+ALT+DEL is not working,

I already tried some simple advices on how to enable the task manager, then it works,

but after few mins. the task manager and also the regedit (from run) doesnt appear when hit

CTRL+ALT+DEL

This is my log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:11:39 PM, on 7/17/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RVHOST.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\RVHOST.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\W... Read more

A:task manager + regedit has been disabled

Read other 16 answers
RELEVANCY SCORE 119.6

Hi, Im SuperSonic. I couldnt find much time to type everything in again, so I pasted what I typed in Yahoo Answers some time ago. Heres the story from the beginning:-

Yesterday, I took a pen drive from my friend and inserted it in the comp. When I tried to open the pen drive folder, a message came up "Windows cant find the file Axxx.vbs"(xxx was a number) At the same time Symantec AntiVirus popped up, saying it had quarantined 4 files(3 Axxx.vbs and 1 AQxxx.vbs and some registry entries). Then I took the pen drive out and started minding my other work. Then I realized that Task Manager and Regedit were disabled. Then I found that Symantec Antivirus was no longer running. I tried to run it but it won't start(or maybe closing instantly).

Then I installed Spybot S&D, but it started for a few seconds, was normal, then quit instantly. Same happened to ESET. Then I tried to boot into Safe Mode, but it kept rebooting while displaying a list of .sys files that were being run.

In the process I lost a lot of important files. When restarting, the computer said my user profile was corrupted and created a temp profile. I thought it was a permanent profile, so I Cut-Pasted everything from my original profile to the new profile. Today when I started up, the temp profile was gone, and with it, all the things I'd copied.

So, the main problem now is that Firewall,Regedit and Task Manager keep getting disabled, and antivirus stuff refuse to run. Any help would be ap... Read more

A:Regedit/task manager disabled (+HJT log)

Read other 13 answers
RELEVANCY SCORE 119.6

I can't get regedit or task manager to work, when I try
I get message they are disabled by administrator. I didn't disable them. Also I have Trend Micro antivirus
and it want update or scan. I can't go to trendmicro.com
My computer is using Windows XP Pro.
 

A:Regedit and task manager disabled by adm.

I solved the problem by uninstalling TrenMicro Anti Virus and reinstalling. The trick was not to activated
it until after it completed installation. Then I updated,
activated and scanned. That got rid of the virus. Then
I fixed regedit with a fix I found on the web , the I
fixed task manager with another fix from the web.
 

Read other 1 answers
RELEVANCY SCORE 119.6

Well, I know this is caused by malware, unfortunately. I've gotten rid of the malware itself, but I have no idea how to re enable the Task Manager or regedit. Each says "Disabled by administrator", but I'm the only account on the computer, and it's an admin account.

What should I do?

I'm on Win7 Pro x64

Thanks

A:Task Manager and Regedit Disabled

I'd stab at a guess and say you haven't got rid of all the malware.

Did you carry out a scan in Safe Mode? If not, it would be advisable to do so.

Malwarebytes is a great tool to use in these cases.

You might want to check these tutorials:

Regedit - Enable or Disable - Vista Forums

Task Manager - Enable or Disable - Vista Forums

Read other 9 answers
RELEVANCY SCORE 119.6

I tried to use Task Manager only to be greeted by the message "Task Manager has been disabled by your administrator", and the pc then shuts down and reboots, which is strange as I am the administrator. Googled some solutions, one of which was to change a value in the registry. Start > run > regedit produces the same result, only the message is "Regedit has been ............" followed by the shut down and reboot.

Tried to perform a system restore, and as soon as you click on "Restore to an earlier date" the pc shut down and rebooted.

Hopefully someone can give me some guidance on this as I don't know if this is a result of malware/virus or what.

Thanks in advance

A:Task Manager & Regedit Disabled

Possibly solved the problem.

It is/was Newfolder.exe apparently, and had also got onto my usb sticks.

I think I have managed to get rid of it.

Read other 1 answers
RELEVANCY SCORE 119.6

i believe it was a virus that is doing all this because my PC were all find back then till i downloaded a patch for an online game

IMPORTANT INFO:1.Window XP Service Pack 2
2.Task Manager and Regedit disabled
3.I cant access to any official antivirus website
(except for websites like download.com)
4.Task manager and Regedit are not manually disabled


ok this is what happened...

I start to realised that my pc was infected when i tried to end a task using task manager and i got this error stating that "task manager has been disabled by your administrator" . first i thought it was just a technical error so i start to go through some guide to enable my task manager as it was . Then i found this guide that by running Regedit i could enable my task manager back as it was , but then i also realised that my Regedit was also disabled . Since this computer belong to me and no one is touching it because i'm a single guy who live alone , so i guess it should be a virus .

A:Task Manager and Regedit disabled

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 119.6

I have the following issue with my Dell Computer that is running Windows XP Pro. I'd appreciate it if anyone can help resolve it.

The Task Manager is disabled and the Regedit (registry editor) is also disabled (if I run "regedit" it displays a message "Registry Editing has been disabled by your System Administrator". After searching the web for related issues, I found that this was due to the DisableTaskMgr and DisableRegistryTools registry key entries [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]. Using some tools, I was able to delete these registry entires and it resolved the issue. However, within a few seconds these registry entries re-appear and the issue persists.

I have searched several web sites for similar issues and have tried a lot of different things but am unable to resolve the issue. I have re-installed the OS from scratch with latest Service Packs, checked to make sure there are no viruses or spyware, checked the security policy settings (gpedit.msc), etc. None of this helps. The registry entires keep re-appearing each time I delete them. I am using Administrator account to log on.

 

A:Task Manager and Regedit disabled

Hi,

Your issue will be best helped by having you post in our Malware Removal forum

I would say you are being reinfected, there is some malware that causes the exact issues you are having so let's have you do this:'

http://forums.techguy.org/54-malware-removal-hijackthis-logs/

To download Hijackthis:

go to HERE and download 'Hijack This!' self installer. Save it to the desktop or other suitable place. DO NOT just press run from the website Double click on the file and it will install to C:\program files\hijackthis and create an entry in the start menu.
Click on the entry in start menu to run HijackThis
Click the "Scan" button, when the scan is finished the scan button will become "Save Log" click that and save the log.
Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

This thread will no longer be needed so I am Closing it, please do as advised, it is for your benefit.
 

Read other 1 answers
RELEVANCY SCORE 119.6

i m not able to run my antivirus and a lot of programs.... and even my task manager and regedit is disabled can anyone plz help i'll attach my hjt log
 

A:task manager, regedit disabled......etc plz help

someone plz help me
 

Read other 1 answers
RELEVANCY SCORE 118.4

A few months ago my task manager and regedit both mysteriously got disabled. No matter what I did, I could never get either of them to permanently work. Through some methods I could enable them for about a second or two, but then they'll become disabled again.So I reformatted to try and fix this (amongst many other problems), but they're STILL disabled.What should I do?

A:Reformatted, task manager and regedit still disabled.

Hello and welcome i think we can fix this..This step involves making changes in the registry. Always back up your registry before making any changes.Go to Start ? Run and type: regeditClick OK.On the left side, click to highlight My Computer at the top.Go up to File ? Export Make sure in that window there is a tick next to "All" under Export Branch.Leave the "Save As Type" as "Registration Files".Under "Filename" put RegBackup.Choose to save it to C:\Click save and then go to File ? Exit.Or you can download and use ERUNTwhich is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.Click on the link below:http://www.kellys-korner-xp.com/xp_tweaks.htmScroll down to #275 and click "Lift Restrictions - TM, Regedit and CMD" in the left column. Go to File, choose "Save page as" All Files and save regtmcmdrestore.vbs to your desktop. Double-click on that file to allow the script to run and reboot when done. Since the script modifies certain registry settings your anti-virus package may warn you about it. Ignore the warning and allow it to run. There are 4 methods to fix the Registry editing issue [email protected]@K

Read other 9 answers
RELEVANCY SCORE 118.4

Hi all,

We are having this problem in severals of our servers (mostly win2000 and win2003). i've did the hijackthis and below is the logfile:

Logfile of HijackThis v1.99.1
Scan saved at 2:30:37 PM, on 12/10/2007
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\Program Files\Quest Software\Big Brother\BBNT\3.01\bin\bbnt.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MagiNet\MLCBB\Remoting\EWSLibraryHost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
C:\Program Files\OCS Inventory Agent\ocsservice.exe
C:\Program Files\WildPackets\OmniEngine\omniengine.exe
C:\Program Files\WildPackets\Remote Update Service\updatesvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MagiNet\MLCBB\Thread\MLCB... Read more

Read other answers
RELEVANCY SCORE 118.4

Posted to move question to

Malware Removal & HijackThis Logs

Edit:

Duplicate....
 

Read other answers
RELEVANCY SCORE 118.4

my pc task manager has been disabled and when i try to open regedit, an error message come out saying that the registry edit has been disabled by your administrator. where i'm the only person that is using this computer. the folder options also been disabled... can any one tell me how to fix this problem... i don want to reformat my computer.... i got a lot of important stuff in my pc....help please...thanx

A:Can't Open Regedit, Task Manager Been Disabled

Visit the sites for more info on how to enable your regedithttp://www.ozzu.com/ftopic58942.html http://www.psxforum.com/forums/viewtopic.php?p=73597Another way to open it is (try this first)Start>Run>type "regedit" (without quotes)The probability if you're the only one using your computer isthat it could be caused by a virus posting a HJT log in the HijackThis Logs & Analysis will help more justto make sure theres no virus (base on the sites)Hope this works -Commander Gman

Read other 20 answers
RELEVANCY SCORE 118.4

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 6:59:47 PM, on 10/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\SCVHOST.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\SCVHOST.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe... Read more

A:HJT log - regedit and task manager disappearing/disabled

*bump*
really desperate here..
 

Read other 2 answers
RELEVANCY SCORE 118.4

This is driving me nuts! I've been at this for over 7 hours and can't figure it out.

If I try to go to regedit or cntrol/alt/delete, I get "Disabled by your administrator" error. Customer is also running very slow. This all started today. This is my pc and I am the administrator. Please help!!!

A:Regedit And Task Manager Disabled. Going Insane!

Try this utility:RRT (Remove Restrictions Tool)

Read other 5 answers
RELEVANCY SCORE 118.4

Dear Sir,
From Last three days I am trying to resolve issue with my operating system the problem is explained below
My TaskManager is Disabled I tried to access regedit but it says regedit is disabled by your administrator I tried to change settings in Gpedit for making me enable to access regedit but its of no use I tried to bring computer in safe mode but it is not accessing safe mode.
I tried to third party s/w reg manager to access my registry files but if i change key values it is working for a moment only and again some thing is changing the registery I dont know what is running behind.
please help me to resolve this issue during the period of last three day my system is facing problems with other s/w such as ms office etc are giving errors
I found when I use PC for three-Four hours the screen are displayed with data missing on it some times when i click start program it shows empty.
I found you site is expert and experienced in resolving such issues waiting for your reply.
regards
Sajid

A:Task Manager,Regedit and safemode disabled

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 118.4

Hi there:

recently i've noticed tht when i press Ctrl+alt+del, I receive the message tht
"Task Manager has been disabled by your administrator"

I wanted to try to enable it through registry but when i try to run 'regedit' form Start>Run....some garbage is opened in notepad!!! same thing happens when i try to run msconfig

any help abt it?

best
~dutchie~
 

A:Task Manager, Regedit, msconfig all disabled

I'm running XP 2002 service pack 2 on my machine
~dutchie~
 

Read other 2 answers
RELEVANCY SCORE 118.4

As topic states, my computer had been infected earlier today with trojans after my cousins inserted their flash drives to it. I was confident SuperAntiSpyware could take care of it when something pops up.

But after a few hours, all this things happened:

* I cannot access Task Manager anymore.
* I cannot access Regedit also.
* Done a full scan with SuperAntiSpyware, and it found the following:
- Trojan.Agent/Gen-Virut
C:\DOCUMENTS AND SETTINGS\JAVEE\LOCAL SETTINGS\TEMP\HUFJV.EXE
C:\DOCUMENTS AND SETTINGS\JAVEE\LOCAL SETTINGS\TEMP\KFAYMR.EXE
- Trojan.Agent/Gen-WinX
C:\DOCUMENTS AND SETTINGS\JAVEE\LOCAL SETTINGS\TEMP\DEAA.EXE
- Trojan.Maildrop/Gen
C:\DOCUMENTS AND SETTINGS\JAVEE\LOCAL SETTINGS\TEMP\WINHAJE.EXE
C:\DOCUMENTS AND SETTINGS\JAVEE\LOCAL SETTINGS\TEMP\WINVBWOED.EXE
C:\DOCUMENTS AND SETTINGS\JAVEE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LVGRCAMT.DEFAULT\WINHAJE.EXE

Reccently, I also noticed that accessing antivirus websites are also blocked. One of my application (Dragonica) also failed to run properly.

I hope giving this information, you can help me fix my problem. Thank you very much.

Here's my DDS

DDS (Ver_09-10-13.01) - NTFSx86
Run by javee at 0:40:28.28 on Sat 10/24/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1584 [GMT 8:00]

AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166... Read more

A:Trojan Help - Task Manager and Regedit Disabled

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please keep this computer offline except when downloading tools and posting in the forum until we get an antivirus installed. Let me know your intentions for an antivirus program.

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Please post the C:\ComboFix.txt in your next reply for further review.

Please re-enable your antivirus before posting... Read more

Read other 2 answers
RELEVANCY SCORE 117.2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:52:08 AM, on 9/7/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\Msmsgs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
D:\ohmie\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB... Read more

Read other answers
RELEVANCY SCORE 117.2

Hello, if anyone could please help me I'd be much obliged. My computer is full of malware and I cant seem to get rid of it. it has also disabled the task manager. if i edit the registry to enable it again it just reverts the change. Im so flustered

Logfile of HijackThis v1.99.1
Scan saved at 16:48:35, on 23/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Security Adviser\mssadv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\RDS\PLDlnk.exe
C:\Program Files\Elcometer Instruments Limited\EDTS Plus\edtsplus.exe
C:\Program Files\RDS\PLTBar.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\regedit.exe
G:\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Int... Read more

A:Task manager disabled. vicious malware. Regedit log

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------
Download combofix.exe to your desktop. We'll use this later.

Please download FixWareout from one of these sites:

http://download.bleepingcomputer.com...Fixwareout.exe

http://downloads.subratam.org/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

Once the desktop loads a text file will open (report.txt), you can close it - the file has already been saved.

Finally, please post the contents of the text file that open... Read more

Read other 1 answers
RELEVANCY SCORE 117.2

Dear TSF,

When browsing, I found that task manger option was greyed.When pressed Ctrl+Alt+Delete, got error that "Task Manager has been disabled by your administrator." Tried many things but unable to solve. When tried to access Regedit, there also came the same error "regedit has been disabled by your administrator."

I am the only user and administrator of my PC.

Please help.


Thanks,
Mark

A:[SOLVED] Task Manager &amp; regedit disabled by administrator

Are you logged in as an Admin user? Go to Start/Control Panel/User Accounts see if you are an Admin or not.

Read other 4 answers
RELEVANCY SCORE 117.2

Hi, I need help cleaning my computers. I have 4 computers on my LAN and all are infected with the same symptoms. Can't access task manager, msconfig, regedit, or cmd. Whenever I try my computer reboots. There are some other symptoms too like I can't enable hidden files in win explorer. Avast, AVG or Kaspersky can't find any viruses. Spybot do, but can't remove them successfully. Here are hijackthis log from my laptop:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:14:22, on 1.1.2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\Microsoft\Msmsgs.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\a-squared Free\a2service.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exeC:\Program Files\Kerio\Personal Firewall\persfw.exeC:\W... Read more

A:Infected. Task Manager, Msconfig, Regedit, Cmd Disabled

I decided to reinstall Windows XP on all computers. Some of them need to be cleaned up anyway. If I get the same problem again I will make a new topic.

Read other 1 answers
RELEVANCY SCORE 117.2

My computer restarts everytime I run regedit, task manager. CMD is not working also.

Hello. I tried downloading RRT (remove restrictions tool) and I was only able to enable the folder options using that. I already tried scanning with AVG also.

Please help. Please find below my HJT log. I also already downloaded process killer tools but I don't know which of the processes I have to kill.

Thanks!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:32 AM, on 10/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ARL\CryptoKit\utils\ARCLTSRV.EXE
C:\Program Files\ARL\CryptoKit\utils\arcltsrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\C... Read more

Read other answers
RELEVANCY SCORE 117.2

hello everybodyMy pc is infected with hijack.reedit, and the task manager is disable, how matter hard i try to enable it again but it's disable few seconds later, i cant access to online scan web sites, my antivirus doesn't start, i click on the icon but nothing happens, even malwarebyte's which detects those malwares can't delete them because each time i run the scan again,it detects them again, some programs i tried to install failed because writing in the register is not allowed,finally i tried to start windows in safe mode but i failed, and a message says that some software's been installed incorrectly.and here is the report of DDS : DDS (Ver_10-03-17.01) - NTFSx86 Run by Ares at 18:29:26,70 on 14/06/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.33.1036.18.1022.205 [GMT 1:00]AV: Bitdefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}FW: Bitdefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel ... Read more

A:infected with hijack.regedit and disabled task manager

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 117.2

My basic problem is that my task manager is disabled, and that's pretty damn annoying. I searched Google for lots of fixes, and none of them have worked so far. I've tried HijackThis and found a single entry that's disabling my Regedit, but even if I delete it, it reappears a few seconds later. Even turning off system restore doesn't help.

Here's my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:20:36 PM, on 3/24/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0XIC1.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Pr... Read more

Read other answers
RELEVANCY SCORE 117.2

Not sure if I uploaded my logfile....
theres alot of stuff going on with my computer,
not sure what not to delete.
 

Read other answers
RELEVANCY SCORE 117.2

Hi! I've been here before, and now I'm embarrassed to say I'm back with the same problem...

My task manager, regedit and folder options have been disabled and my taskbar goes a sickly blue color once in a while (but it goes back to the classic look when I restart a couple of times). The usual slowing down of the PC associated with the problem hasn't happened yet so I'm okay on that front. I've scanned my laptop completely using an updated AVG 7.5 but it found nothing. So here's my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:42 PM, on 12/14/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\tp4serv.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program... Read more

A:disabled task manager, regedit, folder options

bump for great justice. :(

Read other 14 answers
RELEVANCY SCORE 117.2

I am running windows XP and my computer seems to be possessed; I can't even see my control panel and every time I try ctrl+alt+dlt it says my task manager has been disabled by my administrator. This is a home computer. I continue to get the following pop-ups/error msgs: Your computer is infected! It is recommended to start spyware cleaner tool.NOTICE: Your computer has tracks of all adult sites you had visited...would you like to install DriveCleaner to check your computer for free? (Recommended)Access violation at address 0000000:00F754D2Your computer is infected! Install Windows Anti Virus as soon as possible. The system can be damaged.Your current security settings prohibit running ActiveX controls on this page. As a result, the page my not display.My wallpaper/background arbitrarily changed to some interactive web page background and when I try to disable it I get a msg saying that is locked by the administrator.I have run the following programs to no avail:xoftspySERegCureNorton360adawarespybotmcafee avert stingerratscheddaratf-cleanersmitfraudfx.exe (wouldn't run because the administrator won't allow registry access)rr-free.exeWhen I go into Safe Mode the screen is black (no desktop icons).Here is my hijackthis file:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:48:07 AM, on 9/21/2007Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss... Read more

A:Disabled Task Manager/control Panel/regedit Etc.

Hi kacee, I will be handling your log and helping you to get cleaned up.Please take note of the following:1. Please do not make any system changes yet. as any changes you make may well alter your log.2. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.3. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.4. Please reply to this thread. Do not start a new topic.Please give me some time to look over your log and I will get back to you as soon as possible.Starbuck

Read other 23 answers
RELEVANCY SCORE 117.2

I seem to have a problem that cannot be solved by the anti spyware available.
I did not have any anti virus protection before the problem started. I have downloaded free trial versions of Mcafee total protection, AVG anti spyware, super anti spyware and now Hijackthis.

Once the problem is solved I will invest in an AV/ Spyware package , and would need help to choose the one most suitable for me.

Symptoms
Since 13.11.07 if I press ctrl+alt+del I get a message saying task manager has been disabled by administrator.

If I try to open Regedit from control panel I get Disabled by administrator.

My internet explorer title bar has a line on it "Hacked by 1BYTE{NO VIRUS NO WORK NO MONEY'}

I have scanned my computer with McAfee virus scan 12.0, in safe command prompt mode with McAfee sdat file 5165, AVG anti virus 7.5.1.43, Super anti spyware

Mcafee forums directed me to this forum

My Hijack this log says Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:28 AM, on 11/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Un... Read more

A:Windows Task manager and Regedit disabled by administator

Read other 13 answers
RELEVANCY SCORE 117.2

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:30:25 PM, on 3/21/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\WINDOWS\FixCamera.exeC:\WINDOWS\tsnp2uvc.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Nero\Nero 7\InCD\NBHGui.exeC:\Program Files\Nero\Nero 7\InCD\InCD.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Updates from HP\9972322\Program\Updates from HP.exeC:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exeC:\WINDOWS\arservice.exeC:\WINDOWS\system32\drivers\CDAC11BA.EXEC:\Program Files ... Read more

A:Infected with Task manager, regedit disabled problem

Hello, and to the Malware Removal forum! My online alias is Blade Zephon, or Blade for short, and I will be assisting you with your malware issues!If you have since resolved the original problem you were having, we would appreciate you letting us know.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Before we begin cleaning your machine, I'd like to lay out some guidelines for us to follow while we are working together.I will be assisting you with your malware issues. This may or may not resolve other problems you are having with your computer. If you are still having problems after your machine has been determined clean, I will be glad to direct you to the proper forum for assistance.Even if things appear better, that does not mean we are finished. Please continue to follow my instructions until I give you the all clean. Absence of symptoms does not mean that all the malware has been removed. If a piece of the infection is left, it can regenerate and reinfect your machine. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your ... Read more

Read other 2 answers