well....here is my hijack this log now!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:19:17 PM, on 6/5/2009 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS2\System32\smss.exe C:\WINDOWS2\system32\winlogon.exe C:\WINDOWS2\system32\services.exe C:\WINDOWS2\system32\lsass.exe C:\WINDOWS2\system32\svchost.exe C:\WINDOWS2\system32\svchost.exe C:\WINDOWS2\System32\svchost.exe C:\WINDOWS2\system32\spoolsv.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS2\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\yupdater.exe C:\WINDOWS2\System32\svchost.exe C:\DOCUME~1\Trishul\LOCALS~1\Temp\cdxuy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{1E3C618B-E64B-4F97-8235-8944EEF950E3}: NameServer = 218.248.240.208 218.248.240.135 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: NetVeda Safety.Net (ipcSvc) - NetVeda LLC - C:\Program Files\NetVeda\Safety.Net\ipcsvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) -- End of file - 3483 bytes now can u help me from start? still my taskmanager and regedit are disabled!