[Resolved] regedit and task manager disabled by admin

Welcome! Register for a free account (or login) > How does it work?

Quickly register. It will only take 60 seconds.
Start a new topic. Ask your question. Wait for an email reply.
Is your system infected? Begin reading the malware removal guide.

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

[Resolved] regedit and task manager disabled by admin

Options

usmain View Member Profile	May 29 2009, 11:58 AM Post #1
New Member Group: Authentic Member Posts: 8 Joined: 29-May 09 Member No.: 86,035 Operating System: windows XP home	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:53:51 AM, on 5/30/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\Program Files\NavNT\vptray.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\NavNT\defwatch.exe C:\Program Files\NavNT\rtvscan.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\MsgSys.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\JG99\Desktop\drweb-cureit.exe C:\DOCUME~1\JG99\LOCALS~1\Temp\RarSFX0\gurh58.exe C:\DOCUME~1\JG99\LOCALS~1\Temp\RarSFX0\vmxeh.exe C:\Program Files\HijackThis\HijackThis.exe C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\RunOnce: [Uninstall getPlus® for Adobe] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1noarp O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218812918015 O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F9868A64-81D5-45CD-A133-5E0006E0971D}: NameServer = 202.138.128.50,202.138.128.54 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -- End of file - 4543 bytes Result from DrWeb sscviihost.exe;c:\windows\system32;Win32.HLLW.Autoruner.1075;Incurable.Moved.;

Posts in this topic

usmain [Resolved] regedit and task manager disabled by admin May 29 2009, 11:58 AM

Noviciate Due, in part, to the large numbers of HJT logs bei... May 29 2009, 04:06 PM

usmain working on your instructions....... tnx so much May 30 2009, 09:10 AM

usmain Came across a tool called "restriction remova... May 30 2009, 10:20 AM

Noviciate QUOTE Do you think the virus that caused my task m... May 30 2009, 12:41 PM

usmain ohhhh.... dont worry i will re-try your instructio... Jun 1 2009, 12:01 AM

usmain KASPERSKY ONLINE SCANNER 7 REPORT Monday, June 1,... Jun 1 2009, 08:10 AM

usmain Sec-Info.txt has no contents in it.... from unins... Jun 1 2009, 08:18 AM

Noviciate Can you tell me what anti-virus program you are cu... Jun 1 2009, 01:41 PM

usmain i used AVG free edition before but has since remov... Jun 2 2009, 06:37 AM

Noviciate Both the following are free - only install one tho... Jun 2 2009, 12:44 PM

usmain i removed it in the early part of this year, if my... Jun 3 2009, 02:15 AM

Noviciate QUOTE (usmain @ Jun 3 2009, 09:15 AM) i r... Jun 3 2009, 12:55 PM

Noviciate Since this issue appears to be resolved ... this T... Jun 9 2009, 01:04 PM

« Next Oldest · Infections Removal · Next Newest »

Topic Title	Replies	Topic Starter	Views	Last Action
Infections Removal [Resolved] Win32/kryptik.DBX trojan/ SPYWAREPROTECT 2009	6	ROOFIE(MTL)	92	Today, 06:42 AM Last post by: CatByte
Infections Removal [Resolved] Internet Slow and/or unresponsive	15	Amebeo	236	Today, 06:38 AM Last post by: CatByte
Infections Removal [Resolved] Google Redirect in IE and Firefox	12	ChadA	210	Today, 06:36 AM Last post by: CatByte
Infections Removal [Resolved] 32788R22FWJFW infection	21	billed	336	Today, 06:15 AM Last post by: schrauber