This seemed like the place to post this.

A computer at my office has been taken over, apparently by spyware or a trojan.

I spent yesterday afternoon on the phone with Symantec, but they couldn't find anything.
I tried HijackThis, but it would not let me edit the registry - I get the message "disabled by your system administrator". (I AM the administrator)

Here are more symptoms:

1. The Search and Run buttons are gone from the Start menu.
2. The command prompt will not stay up, except in Safe Mode
3. I cannot edit the registry at all - not even in Safe Mode
4. Adaware SE tries to start, but can't. I did get it to do a scan in Safe Mode, but found nothing.
5. Right-click has been disabled.
6. The task manager has been disabled. (I get a similar "disabled by your system administrator" message.)
7. Internet Options has been disabled. (I get "This operation has been cancelled due to restrictions in effect on this computer. Please contact your System Administrator.")
8. You guessed it... the home page has been hijacked. The website is http://www.whatsfind.com/route.html (I wouldn't click on that if I were you. Who are these people, and where can I find them?)

Any ideas? Has anyone seen this before?

Hi risdo,

Firstly, I would assume that you have disconnected the infected system from any network.

In order for the expert log-readers (I personally do not read logs) to analyse your predicament,
please post a fresh Ad-Aware (Safe Mode, if need be) log, together with a HijackThis log.

Should you require them, log posting instructions are included in this Topic: Infected ??, found this

Once the logs are posted, please do not "bump" your Topic as logs are answered from oldest to newest - we will endeavour to respond as soon as possible.

Regards,

Spike

Yes, seen it before.
Try renaming HijackThis.exe to something like HJT.exe or ABC.exe.
It can sometimes fool the virus or worm, trojan, et. cetera.