qaisjp
New member
I think I have been attacked by some kind of malware, which is very clever.
1) Registry editing has been disabled by your admin
2) Task manager has been disabled by your admin
I am the real person who uses my computer, I am the admin and the only 'virtual user' I have is the hidden vmware user.
I have run Malwarebytes FULL scan twice and deleted 11 infected items, Task manager works! Yay, I restart, task manager is disabled, alongside regedit.
I use gpedit.msc and set the CTRL+ALT+DLT values to DISABLED.
In run I type gpupdate /force Taskmanager is enabled for 3 seconds, regedit stays disabled.
I just ran a quick scan now and got the following details that FULL SCAN didn't get:
I have just deleted it now...
regedit and taskmanager is still disabled upon reboot.
Help me please!
1) Registry editing has been disabled by your admin
2) Task manager has been disabled by your admin
I am the real person who uses my computer, I am the admin and the only 'virtual user' I have is the hidden vmware user.
I have run Malwarebytes FULL scan twice and deleted 11 infected items, Task manager works! Yay, I restart, task manager is disabled, alongside regedit.
I use gpedit.msc and set the CTRL+ALT+DLT values to DISABLED.
In run I type gpupdate /force Taskmanager is enabled for 3 seconds, regedit stays disabled.
I just ran a quick scan now and got the following details that FULL SCAN didn't get:
Code:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Database version: 5285
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
11/12/2010 7:09:19 pm
mbam-log-2010-12-11 (19-09-19).txt
Scan type: Quick scan
Objects scanned: 144707
Time elapsed: 7 minute(s), 33 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I have just deleted it now...
regedit and taskmanager is still disabled upon reboot.
Help me please!
My Computer
At a glance
Windows 7 Ultimate 32bitDuo T21301024MBATi Radeon Xpress 1100
- Computer Manufacturer/Model Number
- ASUS (X6 i think)
- OS
- Windows 7 Ultimate 32bit
- CPU
- Duo T2130
- Memory
- 1024MB
- Graphics Card(s)
- ATi Radeon Xpress 1100
- Monitor(s) Displays
- 1 - Generic PnP Monitor
- Hard Drives
- 160 GB inbuilt HD.
149 GB External HD (Transcend StoreJet)
74.5 GB External HD: 3 partitions - WBFS, ntfs and fat32
- Case
- An Orange One!