Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

the problem just wont go away...


  • Please log in to reply
11 replies to this topic

#1 raindrops

raindrops

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 12 December 2008 - 10:48 PM

ok so my taskbar manager keeps on saying that the administrator has disabled the task manager. i have the taskmanagerfix and when i use it it will work then i can access the ctrl alt del but after a few times of accessing the taskbar manager it will disable again.... this goes the same with the regedit...

can anyone help me?

i have an avast home edition anti-virus and Malwarebytes' Anti-Malware.

this is happening to my laptop and with my friends

Edited by raindrops, 12 December 2008 - 10:48 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:11 AM

Posted 13 December 2008 - 05:48 AM

If both of the programs you mentioned have been updated and you have run scans with them, what did they find if anything?

Try an online scan with Kaspersky online scanner and post the log from it if your other programs have not found anything.
If your programs are finding malware other than cookies, post their logs for review here.

http://www.kaspersky.com/virusscanner

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 raindrops

raindrops
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 13 December 2008 - 07:35 AM

Malwarebytes' Anti-Malware 1.30
Database version: 1405
Windows 5.1.2600 Service Pack 2

12/13/2008 8:29:47 PM
mbam-log-2008-12-13 (20-29-44).txt

Scan type: Quick Scan
Objects scanned: 45774
Time elapsed: 2 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


i always get that there is an error there and it always get deleted but it will just come back when the next time i have it scanned

#4 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:11 AM

Posted 13 December 2008 - 07:43 AM

Your MBAM is way out of date. You must update it to the latest.
Your log also shows that you did not delete what little it found.

Update MBAM , rescan, and post its log here.

You must reboot your computer after running the MBAM scan to remove all the malware it finds.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 raindrops

raindrops
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 13 December 2008 - 11:55 AM

Malwarebytes' Anti-Malware 1.31
Database version: 1497
Windows 5.1.2600 Service Pack 2

12/14/2008 12:54:46 AM
mbam-log-2008-12-14 (00-54-46).txt

Scan type: Quick Scan
Objects scanned: 17404
Time elapsed: 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detecte)

heres the latest log... it didnt detect anything but the task manager still doesnt work

#6 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:11 AM

Posted 13 December 2008 - 12:53 PM

Try another scan using Super Antispyware. The instructions are in the link below.

Note: Update SAS before rebooting into safe mode. Run the scan in safe mode.
http://www.bleepingcomputer.com/forums/ind...t&p=1040160

If SAS does not find the culprit, do the Kaspersky online scan I mentioned in my first post.

Edited by buddy215, 13 December 2008 - 12:54 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 raindrops

raindrops
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 14 December 2008 - 08:39 AM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/14/2008 at 08:39 PM

Application Version : 4.23.1006

Core Rules Database Version : 3674
Trace Rules Database Version: 1653

Scan type : Complete Scan
Total Scan Time : 01:18:52

Memory items scanned : 153
Memory threats detected : 0
Registry items scanned : 4081
Registry threats detected : 0
File items scanned : 54252
File threats detected : 9

Adware.Tracking Cookie
C:\Documents and Settings\Linds\Cookies\linds@doubleclick[1].txt
C:\Documents and Settings\Linds\Cookies\linds@ad.yieldmanager[2].txt
C:\Documents and Settings\Linds\Cookies\linds@apmebf[1].txt
C:\Documents and Settings\Linds\Cookies\linds@serving-sys[2].txt
C:\Documents and Settings\Linds\Cookies\linds@fastclick[1].txt
C:\Documents and Settings\Linds\Cookies\linds@atdmt[2].txt
C:\Documents and Settings\Linds\Cookies\linds@bs.serving-sys[1].txt
C:\Documents and Settings\Linds\Cookies\linds@adinterax[2].txt
C:\Documents and Settings\Linds\Cookies\linds@ads.admaxasia[2].txt


the task mnager still doesnt work

#8 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:11 AM

Posted 14 December 2008 - 09:58 AM

Super Antispyware has a tool for repairing the task manager.
Open SAS and click on the repairs tab.
highlight the "enable task manager"by clicking on it and then click on the "perform repair" button

NOTE: SAS says some of the repair features are not enabled in the free version of SAS and I don't know if this is one of them.

You should do the Kaspersky online scan.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 raindrops

raindrops
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 15 December 2008 - 01:44 PM

is there any other way???
i tried the kaspersky scan but it wont finish updating i always get this message

Update has failed. Program has failed to start. Close the Kaspersky Online Scanner 7.0 window and open it again to install the program.

You must be online to update the Kaspersky Online Scanner 7 database. With the latest database updates, you can find new viruses and other threats. Please go online to use Kaspersky Online Scanner 7. [ERROR: Updater logic error related to download process]


i am online when i try to update


adn the enable task manager thing still wont work even if i use the SAS

#10 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:11 AM

Posted 15 December 2008 - 02:49 PM

See if you can do this scan. Dr. Web CureIt.
Instructions in link below.
http://www.bleepingcomputer.com/forums/ind...t&p=1042539

If you are unable to run that scan, post a HiJack This Log in the HJT Forum. DO NOT POST THE LOGS HERE.
Instructions for posting the HJT log are the link below.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#11 raindrops

raindrops
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 23 December 2008 - 03:21 AM

i finally completed the kaspersky online scan and i got this result

Posted Image just click the image to redirect to a bigger image thanks!

what will i do now?


i already tried to delete the first one then avast detected a dropper and i moved it to chest

Edited by raindrops, 23 December 2008 - 03:33 AM.


#12 raindrops

raindrops
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:11 PM

Posted 23 December 2008 - 08:35 AM

this is the result of the Dr. Web CureIt scan


auto.vbs;c:\windows;Probably SCRIPT.Virus;Incurable.Moved.;
A0018056.exe;C:\System Volume Information\_restore{3AE3F9F4-A240-456B-B914-3A1ABBC84779}\RP57;Trojan.MulDrop.23338;Deleted.;
cmdow.exe;C:\WINDOWS\system32;Tool.HideWindows - read error;Invalid path to file ;




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users