Locked out of reg and sys restore

[nichodiaz]

Thanks you for your help in advance...

I have some kind of admin lock out problem on my computer...

When trying to make file extensions visible,

folders and search options are always grayed out.

when I type regedit,

"Registry editing has been disabled by your administrator"

when I try to run system restore from msconfig,

"system restore has been turned off by group policy. to turn on system restore, contact your domain administrator."

Suspicious file search with Mcafee Getsusp

C:\Users\nichodiaz\AppData\Local\Google\Chrome\Application\10.0.648.133\gcswf32.dll ... is Suspicious !!!

C:\Users\NICHOD~1\AppData\Local\Google\Chrome\APPLIC~1\100648~1.133\gcswf32.dll ... is Suspicious !!!

I ran Autoruns and hid microsoft and windows entries and checked verify code signatures.

These are the results from my registry,

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" "" "" ""

+ "explorer.exe" "" "(Not Verified) " "File not found: explorer.exe"

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""

+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "(Verified) Adobe Systems Incorporated" "c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"

+ "AdobeCS5ServiceManager" "Adobe CS5 Service Manager" "(Verified) Adobe Systems Incorporated" "c:\program files\common files\adobe\cs5servicemanager\cs5servicemanager.exe"

+ "iTunesHelper" "iTunesHelper" "(Verified) Apple Inc." "c:\p_files\ituneshelper.exe"

+ "M-Audio Taskbar Icon" "M-Audio Task Bar Icon Applet" "(Verified) M-Audio" "c:\windows\system32\m-audiotaskbaricon.exe"

+ "QuickTime Task" "QuickTime Task" "(Not Verified) Apple Inc." "c:\program files\quicktime\qttask.exe"

+ "SwitchBoard" "SwitchBoard Server (32 bit)" "(Not Verified) Adobe Systems Incorporated" "c:\program files\common files\adobe\switchboard\switchboard.exe"

"C:\Users\nichodiaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""

+ "eFax 4.4.lnk" "eFax Messenger - Tray" "(Not Verified) j2 Global Communications, Inc." "c:\program files\efax messenger 4.4\j2gtray.exe"

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""

X "civwdhkk" "" "(Not Verified) " "File not found: C:\Users\nichodiaz\AppData\Local\ygyqueqmd\yqjrkybtssd.exe"

+ "eFax 4.4" "eFax Messenger - DLL Command Utility" "(Not Verified) j2 Global Communications, Inc." "c:\program files\efax messenger 4.4\j2gdllcmd.exe"

+ "hsehf98u34i9tjioaugy987iuegdsg" "" "(Not Verified) " "c:\users\nichodiaz\appdata\local\temp\setup.exe"

+ "swg" "GoogleToolbarNotifier" "(Verified) Google Inc" "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"

"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""

+ "application/octet-stream" "" "(Not Verified) " "File not found: mscoree.dll"

+ "application/x-complus" "" "(Not Verified) " "File not found: mscoree.dll"

+ "application/x-msdownload" "" "(Not Verified) " "File not found: mscoree.dll"

"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""

+ "intu-help-qb2" "QuickBooks Assistance Library" "(Verified) Intuit, Inc." "c:\program files\intuit\quickbooks 2009\helpasyncpluggableprotocol.dll"

+ "ms-itss" "Microsoft

[daledoc1]

Hello and welcome, nichodiaz:

Sorry to hear that you are having computer issues.

It sounds like you could use some help from the experts.

Alas, we do not review scan logs, or work on general PC problems or malware removal in this particular sub-forum, which is for discussion of issues with the MBAM program itself.

However, help can be obtained at the other forums here. So, until someone more expert arrives, please do the following:

IF YOU THINK THIS MAY BE DUE TO MALWARE:

Instructions on how to proceed are posted in the 2nd Important Topic pinned at the top of this forum: "I'm Infected - What Do I Do Now?".

1. First, please go to THIS PAGE, print out, read and follow as many instructions as you can, skipping any you are unable to complete.

2. Then, please describe your computer's symptoms as best you can and post the requested logs by starting a new thread at the Malware Removal-HJT forum .

One of the authorized, trained experts will then assist you as soon as possible for one-on-one malware detection and removal.

When you post, please be sure to select Track This Topic & choose one of the email options, so that you will be notified when someone responds; allow 24-48 hours before bumping your thread.

Other Support Options:

Alternatively, as a paying customer using MBAM PRO, you may wish instead to start a support ticket by contacting support at: support@malwarebytes.org; or

Premium, fee-based support options are available here: http://www.malwarebytes.org/premium-support.php.

IF YOU THINK THIS A PROBLEM UNRELATED TO MALWARE:

Please post a new thread at the general PC Help forum here: http://forums.malwarebytes.org/index.php?showforum=6

Also, please use the "Add Reply" button when replying here & at the other boards, so that it will be easier for everyone to follow the thread.

I hope this gets you started on fixing up your system,

daledoc1