Douggy_dawg
2009-10-19, 05:11
Hey Guys,
OK recently i put a USB into my computer to put files onto my computer. I noticed that the USB file has a folder as an icon instead of a drive. So i reformated it and it went back to normal. All was good for a couple of days. I have recently downloaded MalwareBytes Anti-Malware, Lavasoft Ad-Aware, and have Norton Anti-Virus installed. All of these are up-to-date. I ran full system scans got errors which showed the names of the malware/virus as:
Hijack.TaskMgr and HiJack.RegistryTools. They blocked me from opening regedit.exe from run:/ and also my taskmanager. I downloaded Autorun eater to re-enable my taskmanger and regedit. It found a file called
:2009-10-14 21:02:52 : Suspicious autorun.inf file deleted from (e:).
I thought this got rid of it. But 15 seconds later i got the same problem. When i try open task manager i get the error :"Task Manager has been disabled by administration" But i am admin. i downloaded SpyBot S&D and updated it all. It ran a scan and found these:
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2000478354-1425521274-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Microsoft.WindowsSecurityCenter.RegistryTools: [SBI $D60CD1E3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2000478354-1425521274-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
These are the two files that keep appearing when i scan each time.
There seems to be nothing harming my computer since i removed the autorun.inf file except that it keeps disabling my regedit and task manager. Please help.
Also i can access them when i use auto run eater to fix the problem which then i have about 10 seconds to open them and then the problem comes back but i can still use them until i close them.
OK recently i put a USB into my computer to put files onto my computer. I noticed that the USB file has a folder as an icon instead of a drive. So i reformated it and it went back to normal. All was good for a couple of days. I have recently downloaded MalwareBytes Anti-Malware, Lavasoft Ad-Aware, and have Norton Anti-Virus installed. All of these are up-to-date. I ran full system scans got errors which showed the names of the malware/virus as:
Hijack.TaskMgr and HiJack.RegistryTools. They blocked me from opening regedit.exe from run:/ and also my taskmanager. I downloaded Autorun eater to re-enable my taskmanger and regedit. It found a file called
:2009-10-14 21:02:52 : Suspicious autorun.inf file deleted from (e:).
I thought this got rid of it. But 15 seconds later i got the same problem. When i try open task manager i get the error :"Task Manager has been disabled by administration" But i am admin. i downloaded SpyBot S&D and updated it all. It ran a scan and found these:
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2000478354-1425521274-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Microsoft.WindowsSecurityCenter.RegistryTools: [SBI $D60CD1E3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2000478354-1425521274-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
These are the two files that keep appearing when i scan each time.
There seems to be nothing harming my computer since i removed the autorun.inf file except that it keeps disabling my regedit and task manager. Please help.
Also i can access them when i use auto run eater to fix the problem which then i have about 10 seconds to open them and then the problem comes back but i can still use them until i close them.