| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 63727 | 2005-11-21 00:35:00 | task manager error msg | polo (6383) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 405974 | 2005-11-21 00:35:00 | evry time i prees cntrl n del n alt togetther. I get a error msg "Task manager has been disabld by ur administrator". in this pc im the administrator and i hav only 1 acoount. how do i fix this problem. i dont hav any antivirus software installed. im runnin xp pro. plz help. | polo (6383) | ||
| 405975 | 2005-11-21 00:50:00 | You might have a virus / trojan or something . Does regedit work?? Start/run, type in regedit . Does it say the same error? And does msconfig work?? Start/run, type msconfig . If not, you have a BIG prob . I would post a Hijackthis ( . merijn . org/files/hijackthis . zip" target="_blank">www . merijn . org) log here . Remember to unzip this file into its own folder . Then run it / do a scan and copy and paste the log here . And I would DEFINITELY install some kind of virus scanner . You're heading for trouble, without one . |
Speedy Gonzales (78) | ||
| 405976 | 2005-11-22 19:41:00 | regedit does works | polo (6383) | ||
| 405977 | 2005-11-22 19:42:00 | everything else works | polo (6383) | ||
| 405978 | 2005-11-22 19:44:00 | Well post a HJT log here anyway. | Speedy Gonzales (78) | ||
| 405979 | 2005-11-22 19:49:00 | Logfile of HijackThis v1.99.1 Scan saved at 8:48:01 a.m., on 23/11/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Orcon Accelerator\PropelAC.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\50 Cent\My Documents\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=localhost:8080 F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\Orcon Accelerator\prpl_IePopupBlocker.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Propel Accelerator] "C:\Program Files\Orcon Accelerator\trayctl.exe" /STARTUPLAUNCH O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: Allow pop-ups from this site - C:\Program Files\Orcon Accelerator\pac-addwl.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\Orcon Accelerator\pac-page.html O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\Orcon Accelerator\pac-image.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Video Ads Blocker v1.0b Personal - {A566D401-65F3-4A08-B3CA-C2E76784B6F6} - C:\Program Files\Video Ads Blocker\addblocker.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{955306E3-3D68-45EF-A78E-9B574AC3A05E}: NameServer = 210.55.12.1 210.55.12.2 O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\fcgfqdbp.dll O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe |
polo (6383) | ||
| 405980 | 2005-11-22 20:07:00 | Tick these, tick fix checked . Turn system restore off, and boot into safe mode . Then reboot . Then see if task manager works . Then post another log here . R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32 . html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32 . html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32 . html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32 . html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32 . html F2 - REG:system . ini: Shell=explorer . exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001 . exe" This looks like a trojan . O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32 . dll This looks like it belongs to a trojan O21 - SSODL: SysTray . Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\fcgfqdbp . dll |
Speedy Gonzales (78) | ||
| 1 | |||||