Task Manager and regedit not working

By Thatone ยท 58 replies
Aug 10, 2008
  1. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Yes, he must have had a previous Haxdoor infection, clean it, then used an infected System restore point and reinfected the system!
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    possibly - it could also be a legit file

    I also would like you to navigate to the file C:\WINDOWS\system32\cssdll32.dll -> right click it -> select properties and see who the company is - let us know who the company that signed it is if any
  3. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    OTMoveIt2 log attached
  4. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    attached Haxfix log

    Attached Files:

  5. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    C:\WINDOWS\system32\cssdll32.dll - not found on system
  6. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    cssdll32.dll is Win32.X trojan
  7. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    have done a new hijack log aswell

    Attached Files:

  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Please see:
  9. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    But does he have comodo if not then it can be related to malware I have not look at his log just because this is not my battle.
  10. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

  11. kimsland

    kimsland Ex-TechSpotter Posts: 14,523

    c:\windows\system32\cssdll32.dll moved successfully

    I believe it is now gone


    Hold that thought!

    The latest HJT log shows C:\WINDOWS\system32\cssdll32.dll
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Daniel, see my post #23. It will show you how this process played out. I "assumed" that because he did a System Restore, that he had reinfected the system> However, since the Haxdor program is clean and since Comodo is now on the system, it appears it my be from Comodo,

    Is that exactly how it is written, because that is new.

    The FULL HijackLog entry is:
  13. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    the thing is the very first log show comodo installed and does not have that so to me it looks like it is bad but I would say do what BD said check the properties for the company that made the file
  14. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    yes i have comodo installed

    when searching for that file it is not there.

    i have connected pc to the internet now :( only site come to is this one)

    run a virus scan (avg8)there is win32/tanatos.m virus popping up on my c and d drive. 270 events
    also alot of tracking cookies
  15. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    please download the program below and attach the main and extra

    Please download Deckard's System Scanner (DSS) and save it to your Desktop.
    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • When it has finished, dss will open two Notepads main.txt and extra.txt -- please attach both in your next reply
  16. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    that link does not go anywhere
  17. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    have got a copy and have attached the txt files
  18. kimsland

    kimsland Ex-TechSpotter Posts: 14,523

  19. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    yes but he does not have a rootkit and if so since we already ran dss please remove it.

    Thanks Kim
  20. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

  21. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    ran bit defender, could not access other two

    c:\program files\online services\btyahoo\hppre05.msi=>[embeded... detected with
    c:\program files\online services\btyahoo\hppre05.msi=>[embeded... disenfectection failed
    c:\program files\online services\btyahoo\hppre05.msi=>[embeded... deleted
    c:\program files\online services\btyahoo\hppre05.msi=>[embeded... update failed

    thats all i could see the log file just came up blank
  22. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    Update your AV and run a full scan post the result here also the location of the threats
  23. Thatone

    Thatone TS Rookie Topic Starter Posts: 19

    avg reported nothing all clear :)
  24. xxdanielxx

    xxdanielxx TS Booster Posts: 1,069

    Ok let start the cleaning process it can be something in the system restore that is being detected. What version of AVG do you have

    OTCleanit! by Oldtimer

    • Download OTCleanIt
    • Click the CleanUp! button.
      (It will go thorugh the list & remove all of the tools it finds and then delete itself) Requiring a reboot


    Now we need to create a new System Restore point.

    Click Start Menu > Run > type (or copy and paste)


    Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

    Next goto Start Menu > Run > type


    Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

    To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.


    The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
    1. Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
    2. AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
    3. SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
    4. SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
    5. IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
    6. ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
    7. Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
    8. Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
    9. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

    Once all this is done try running that online scan again to see if anything comes up
  25. egydarceyes

    egydarceyes TS Rookie

    Hello guys,

    I have read this thread and the problem the thread maker has is pretty similar to the problem I'm facing, hence why I wanted to post in here.

    I own an HP DV6626us that came with Vista Home Premium installed, I've had some issues, some ups and downs. About a week ago, I decided that it's time for me to downgrade, one of my friends told me that it's quite easy and it's less headache.

    I have downgraded to XP professional SP2, I had to do some tweaks to install it and get it past Vista SATA driver.

    Now I'm just realizing that none of my essentials things are working.
    Command prompt, msconfig, regedit... all aren't working.

    It's been really bugging me lately and I need to find a solution which is how I got led to this forum. I do not have any Anti Virus, so I installed AVG this morning and I got a couple of screenshots I'll be including for you guys to see if it's similar to what the thread creator has.

    I have been keeping up with the Windows Update.. and actually it's asking me to upgrade to SP3 which is what I'm in the process of doing right now.

    Here are the couple of shots that I have taken after running a complete computer scan.

    This last pic popped up right after I had to restart when the scan was over.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...