The problem started when I caught a virus(Ravmonlog) which my mcAfee antivirus took care of. Then I noticed that 'RUN' command has disappeared and I don't have access to the registry and the task manager (all task manager command available has been disable). Somehow I get a message that it has been disabled by the administrator and that I should contact him. I logged in as administrator. The operating system is Windows Server 2003
Pls guys, rush help to me.

Parosky.
From my experience on Malware(Virus), u may have been infected by a trojan.U need to uninstall ur Mcafee antivirus and install something much better like Avast,Bitdefender or Nod 32.Once they are able to detect and remove the virus,patch ur system by reinstalling ur OS(updating).If these steps do no solve the problem,u will need to install a fresh OS(format).After doing this, install any of the mentioned antiviruses and a Spyware detector either Spyware Terminator or Windows defender.I hope this helps.

Double N has said it all. All these steps will be easier if you have an original copy of Windows XP.

Man, run the antivirus in safe mode and see if it removes the virus.
If it does or doesnt, u still have to reinstall ur OS. Use an original cd/dvd.

@Parosky
I've seen some infected systems and laptops. The virus is called Downloader, but I don't think that installing an antivirus again will remove the effect it has caused your system 'cos you'll definately need to format it and re-install the Windows. After this make sure you install a better and powerful antivirus like Norton or Symantec and MAKE SURE YOU GET IT UPDATED.

i think i've had this virus before

this is a revised reply i posted to a previous request to mukadas on this issue

u have the worm sohnahad virus.if u attempt to browse, u will find that your browser has been hijacked.

it does more than that, it's also disabled your folder options.unless you're

somewhere on your system, hopefully the desk top,you will probably see a file 'new folder'.it's not a folder, it's an application.its 105 kb. select its properties or view it in details and you'll see.

attached below are the instructions from trend Micro for removal of the virus. i was unable to reset my folder options though, no matter how i tried.

u need process explorer, which is a fantastic third party task manager.which you can use to access and kill the following processes, newfolder and lsass.exe.

assuming you are running mcafee(latest defs) it should tell you that lssass is infected.it will not be able to clean the virus until the lssass process has been killed(which is why it disables task manager)

u also need regtoy.its a tiny registry tweaker. i used regtoy to renable run.if u install regtoy and go to you need to do that cause you have to run regedit.
u also ned the .net framework 2.0 to install and run regtoy.after installing regtoy, goto the user menu, then select the taskbar and start menu.you will see that run is ticked.untick it.

goto the securitymenu,
go to menu 1, you'll see that disable task manager is ticked .untick it.

anyway, once you've renabled run, enter regedit, and follow the instructions in the trend micropcillin link.

the main problem you'll face(in my opinion) is getting the required tools(if u don't have an internet connection) .the virus wil infect your flash. if u aint careful, your flash will become a vector.thats how i got it, from someones flash!

what i did (or some one else was burn process explorer(the 32 bit version for XP), regtoy, the latest superdat definitions, the trend MP instructions, and .net framework 2.0 .this provided a safe way of running the files on the infected system without spreading them.

i wish i knew how to restore my folder options, the methods i've tried won't work, Good luck!!!

you can get process explorer from sysinternals.com
you can google regtoy

go to this link
http://de.trendmicro-europe.com/consumer/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=1&VName=WORM_SOHANAD.AC

it will give u all d info about the virus and how u can remove it.i didn't quite follow their instructions, though.cheers