every day I am locked out of actions

[Guest]

Hello,

I was wondering if anyone had come across this problem I am currently
experiencing and what steps they took to resolve it.

Every morning I boot my PC and find my run and turnoff icons gone. I hot
ctr-alt-del to find my taskmanager disabled. And when I go (via command
prompt) to regedit, I find a bunch of 1's where there should be 0's in the
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" path.

Each day I simply delete all keys in this path, and after rebooting my
registry all is well...until the next day.

I have ran the "so-called" best programs on the market and they find
nothing. I have ESET NOD32 and Windows Defender running actively and they
alert me to nothing each day.

But something is re-writing those values every day, and it is becoming areal
pain.

I know I could take a copy of the path in question and make it all 0's, save
that externally and write a batch file to merge the 2 on windows startup, but
I should not have to if I have programs that are "supposed to" protect me.

So, does anyone know a proper solution, or does anyone know how I can detect
what is writing to the registry on system start?

Thanks for your time

 

[Guest]

After making your corrections, turn off System Restore and reboot. It should
behave itself. If so, turn System Restore back on.

 

[Guest]

Thanks for the reply Scott.

Unfortunately I don't have System Restore on, so I know it is not an
archived virus/trojan. I turned System Restore off to stop the little bugger
from hiding.

This issue is really puzzling as nothing seems to find it.

It all started when I found mswservice.exe on my system, identified as a
variant of Win32/TrojanDropper.Delf.NBA trojan.

I cleaned this, but then started to encounter these problems. I have friend
who has the exact same issue and he has yet to solve it also.

It is not causing any noticable damage to my system but is just annoying
when I forget about it, then at 1am go to shutdown my PC and realize I have
to go through the rigmarole of fixing my registry before I can shut down my
system.
Any other ideas? Or anyone else have an idea?

Thanks again.

 

[Dave M]

Have you thought of running the 30 day trial of Ewido 4.0? It's
specifically designed as an Anti-Trojan, and when I burned up my 30+ days
with full real time protection running it never had any conflicts with WD.
Still works as an on demand scanner with manual only updates. You might
have to run it in SAFE mode, which I assume you already tried with
Defender, for removal.

http://www.ewido.net/en/

 

[Guest]

i searched on google for a while and your problem is rare, however it could
be a registry error. This page
http://www.tutorialsall.com/DEPLOYMENT/Loss-Task/ has a fix that might work.
Good luck