mga bai i can't access my task manager and regedit

**darkpilas666** · 03-18-2010, 01:52 PM

virus ni mga bro sa? i tried HJT and here's the result d pa kaau ko kasabot and i was hoping naay maka analyze ani, any advice would be helpful samot na ang naka experience ani. need help mga bai sa ako need buhaton ty ty. godbless mo tanan!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:00:07 PM, on 3/18/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\system32\RUNDLL32.EXE
F:\WINDOWS\system32\095A89\0CBA06.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
F:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\wscntfy.exe
F:\Program Files\TruDirect\TruDirectTray.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
F:\WINDOWS\system32\wuauclt.exe
F:\DOCUME~1\Louiee\LOCALS~1\Temp\aipt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - F:\WINDOWS\system32\dvmurl.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [0CBA06] F:\WINDOWS\system32\095A89\0CBA06.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [RRT-Auto] F:\Documents and Settings\Louiee\My Documents\Downloads\RRT.exe auto
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "F:\WINDOWS\system32\rundll32.exe" "F:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "F:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.e xe" -quiet
O4 - Startup: 0CBA06.lnk = F:\WINDOWS\system32\095A89\0CBA06.EXE
O4 - Global Startup: TruDirectTray.lnk = F:\Program Files\TruDirect\TruDirectTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - F:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4217 bytes

**Htennek** · 03-18-2010, 02:32 PM

try to check this thread basin naa mo work ani ila mga post.

https://www.istorya.net/forums/softwa...-disabled.html

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 <-- mao man guro ni naka disable sa imo regedit.

**rockford_fosgate09** · 03-18-2010, 02:47 PM

Why is my Task Manager disabled, and how do I fix it?
this is the common ans.

**jrconde** · 03-18-2010, 03:13 PM

nakat-on sad ko ani diri. thanks ninyu.

**MhAkDreamy** · 03-18-2010, 04:54 PM

virus man tingale na bro..kasulay ko sauna ana... hasol kaau

**moklo** · 03-18-2010, 05:16 PM

pls. install or update your antivirus. You need to repair your OS after installing AV.

**asobreh** · 03-19-2010, 01:07 AM

kasuway sad ko ana! spybot ang naka solve sakong prob.! try lang DL ug spybot bai..
Download Spybot Search & Destroy 1.6.2 - Download - FileHippo.com mao nai link..

**boyfren** · 03-19-2010, 01:39 AM

Definitely a virus. Scan with Malwarebytes then followup with Spybot.

**moy2** · 03-19-2010, 10:21 AM

worm na bae its a virus....klru nkaau na...ahahha.lolx.gud luck bro.lol

**moklo** · 03-19-2010, 10:38 AM

Try to reboot it to safemode kung maka sulod bah if dili virus nah. Just press F8 when windows start.

Thread: mga bai i can't access my task manager and regedit

Thread Tools

Search Thread