Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

regedit & task manager has been diabled by the admin


  • Please log in to reply
3 replies to this topic

#1 prabhakar

prabhakar

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 27 September 2009 - 03:15 PM

i have used every tool to get my task manager n regedit back
but cant help it even i cant install any antivirus software
i think virus is still in my pc plz help me out
i use xp media center edition

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:39 PM

Posted 27 September 2009 - 04:26 PM

Hello and welcome.
his step involves making changes in the registry. Always back up your registry before making any changes.

Go to Start Run and type: regedit
Click OK.
On the left side, click to highlight My Computer at the top.
Go up to File Export
Make sure in that window there is a tick next to "All" under Export Branch.
Leave the "Save As Type" as "Registration Files".
Under "Filename" put RegBackup.
Choose to save it to C:\
Click save and then go to File Exit.

Or you can download and use ERUNTwhich is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.

Click on the link below:
http://www.kellys-korner-xp.com/xp_tweaks.htm
Scroll down to #275 and click "Lift Restrictions - TM, Regedit and CMD" in the left column. Go to File, choose "Save page as" All Files and save regtmcmdrestore.vbs to your desktop. Double-click on that file to allow the script to run and reboot when done. Since the script modifies certain registry settings your anti-virus package may warn you about it. Ignore the warning and allow it to run.



Next run MBAM (MalwareBytes):

NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.

Please download Malwarebytes Anti-Malware and save it to your desktop.

alternate download link

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 prabhakar

prabhakar
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 28 September 2009 - 02:25 AM

bro done every thing told by u but found 57 infected objects removed successfully
now task manager n regedit is still diabled when i run script it appears for 3 or 4 seconds n
again skips n disabled

#4 joseibarra

joseibarra

  • Members
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Downstairs
  • Local time:10:39 PM

Posted 28 September 2009 - 06:42 AM

Where is the requested MBAM log (last step)?

When you downloaded, renamed and ran the script from Kelly's page, did you see the "Finished!" message?

After the MBAM scans are you still getting a disabled/Administrator type message or does "nothing" happen? Maybe an hour glass for a second when trying to launch regedit? What exactly is the message?

I would have run MBAM and then the script, but boopme is better at this than me!

Browse to the c:\windows folder, locate regedit.exe, copy it to hakar.exe the see if hakar.exe will launch and open Registry Editor.

Browse to the c:\windows\system32\dllcache folder and locate the copy of regedit.exe there and see it it will launch. If not, make a similar copy in that folder and see if the copy of regedit.exe will launch.

The mediocre teacher tells. The good teacher explains. The superior teacher demonstrates.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users