anyone can help me here pls… :-[ or should i reformat my pc…?

Hi Obeshi,

Did you do the cleansing of your computer in SafeMode and with System Restore disabled, try that,
then anew enable when your System is cleansed. Probably the System Restore likes to restore the malware,

pol

run the anti malware it detects the problem and when i delete it.. it will prompt that the computer needs to be restarted.. and when the windows loads.. and i try to ctrl atl del.. or type in run regedit... its disable again..

Could you let me know the programme name and what it is detecting

its the malwarebytes anti-malware

i post the log…

yes i did sir

Why didn’t you let MBAM delete what it found?

That is only a cleanup that needs to be done.

Why are you still using SP2 when SP3 has been available for 6 months?

From your log you didn’t select the option to Remove Selected, run MBAM again and do that, see image.

Yep nothing bad just two errent registry entries - fix them and you are done

i press the remove selected. and it will prompt that the computer needs to be restarted… then when its all done i run the task manager and its disable again.

Have you run MBAM again, is the NoFolderOptions entry also there ?

Did you run MBAM from safe mode (it is more effective from there) ?

Try this, find your copy of Taskmgr.exe and copy it to a temporary folder (or C:) rename it to Taskmgr1.exe and double click on that file, does Task Manager come up ?

where can i find the folder of task manager?

Use the windows search for the file, but it should be in the c:\windows\system32 folder.

i found 4 files and i don’t know what should i edit…

http://i260.photobucket.com/albums/ii1/obe_bucket/taskmngr.jpg

First you aren’t editing any file, you will be renaming a copy of the file.

The file you want is the one in the system32 folder, the prefetch folder just contains information on the hard disk location of taskmgr.exe so it loads quicker. The others are backup/old versions, etc.

So right click on the taskmgr.exe file in the system32 folder.
Select Copy.
Navigate to the C:\ folder.
Right click on it and select Paste.
A copy of the file should now be in the C:\ folder.
Right click on it and select rename.
Change the name to taskmgr1.exe and click the Enter/Return key.

You now have a copy of the original taskmgr.exe called taskmgr1.exe in the c:\ folder, double click on that and it should open the task manager.

i cannot find the taskmgr.exe i only found the 4 files that i listed below…

That is because your setup isn’t displaying the file type (the .exe) in the folders view, a taskmgr file in the system32 folder will be what you are looking for. It is better to display all extensions/file types, hidden files and folders, etc. see image.

• Ensure that you have hidden files and folders enabled and disable hide system files in Windows Explorer, Tools, Folder Options, Hidden files and folders and display all file types.

still cannot find it…

So wou set every option in my image to the right of the Red line to the same as the image ?

If you right click on the file taskmgr in c:\windows\system32 and select properties it should show the full file name.

You can see it in your search window, it isn’t displaying the .exe part (what windows calls a know file type, known to them but not your average user), you could even do the search again and right click on the taskmgr file in the system32 folder and choose Copy.
Now navigate to the C:\ in explorer and right click on that and choose Paste.
Now you should be able to rename it.

is this the file…?

http://i260.photobucket.com/albums/ii1/obe_bucket/taskmngr-1.jpg

Ok let me ask this since I am completely stupid about fixing this. My computer has not had a reformat in 3 years and most likely is in need of one anyway. If I redo windows, will this fix the worm? Thanks in advance.