I've had a problem for a couple of days with my regedit being disabled by the administrator, which is me. I know it's a virus but I can't get rid of it. Here is the log from the latest Malwarebyte's scan. It says Malware will reable regedit but it doesn't work. Malwarebytes' Anti-Malware 1.38 Database version: 2340 Windows 5.1.2600 Service Pack 3 6/27/2009 10:27:47 PM mbam-log-2009-06-27 (22-27-47).txt Scan type: Quick Scan Objects scanned: 103398 Time elapsed: 5 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 5 Registry Data Items Infected: 2 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{d76ab2a1-00f3-42bd-f434-00bbc39c8953} (Trojan.Zlob.H) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{d76ab2a1-00f3-42bd-f434-00bbc39c8953} (Trojan.Zlob.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf7husjnfg98gi498aejhiugjkdg4 (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows System Recover! (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\dfe3fuh.dll (Trojan.Zlob.H) -> Delete on reboot. C:\Documents and Settings\HP_Administrator\Local Settings\Temp\v7d0br6x.exe (Trojan.Downloader) -> Delete on reboot. c:\documents and settings\HP_Administrator\Local Settings\Temp\lsass.exe (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\p2hhr.bat (Malware.Trace) -> Quarantined and deleted successfully. c:\documents and settings\HP_Administrator\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\HP_Administrator\Local Settings\Temp\system.exe (Trojan.Downloader) -> Delete on reboot.
