Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Task Manager no longer works. 1

Status
Not open for further replies.
rklalli

rklalli

Technical User
Jan 22, 2004
54
GB
Hi,

I recently had a problem whereby everytime I pressed CTRL+ALT+DEL, task manager would appear for about 10 seconds and then disappear. I searched the internet for help and found that this may be due to a virus called Klez. I scanned my computer and found this virus and downloaded the necessary files and applications to remove it. I now have a clean computer but have found that upon pressing CTRL+ALT+DEL, nothing happens. Not even a twitch. I have looked for taskman.exe and have located it but it will not open. I have tried to right click on the taskbar and select it but nothing happens. Im not sure if this is linked to the virus but I am running out of ideas now.

Any help with this one will be highly appreciated.
 
Sort by date Sort by votes
Try running another online virus scan from housecall or someone like that?

***************************************
Looking for the best answers:
faq222-2244
Keeping your system clear of malware:
faq608-4650
***************************************
 
Upvote 0 Downvote
Try looking for TaskMGR.exe not taskman.exe, see if you have it in the System32 folder.

 
Upvote 0 Downvote
Many thanks for the replies. I have scanned my computer with Sophos and it picks up a virus called Troj/Mosuck-c attached to netconfig{5}. Im not sure whether this is the problem or whether it is some kind of spyware/adware software. I have looked for taskmgr.exe and cannot locate it anywhere.

Since this problem, i have noticed that Internet Explorer takes a good 10 seconds to appear when launched. Not sure if these are related....

Cheers guys
 
Upvote 0 Downvote
The amount of virus on your system would be the cause of most of these problems.
Download AVG or another scanner to stop yourself getting infected.
Download and update:
spybot
adaware
cwshredder
Run them all and clear any mal/spy ware.
After doing all this let us know whats wrong with the PC.

***************************************
Looking for the best answers:
faq222-2244
Keeping your system clear of malware:
faq608-4650
***************************************
 
Upvote 0 Downvote
Running the System File Checking program may reload Taskmgr.exe for you.

Run the System File Checker program from the Run Box by typing.....Sfc /Scannow in it and have your XP CD handy.

You can also use the MsConfig utility (if you still have it) to Expand Taskmgr as a single file from the XP CD.

Or you could just copy it from some other XP System and place it in your System32 folder.
 
Upvote 0 Downvote
Hers my Hijack report and there are already somethings that look dodgy:

Logfile of HijackThis v1.97.7
Scan saved at 21:13:01, on 26/01/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXE
C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\WINDOWS\netconfig{5}.xtr
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\NetDevSw\NetDevSW.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Toshiba\Toshiba Controls\TFncKy.exe
C:\Program Files\Apoint2K\EzCapt.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Windows Media Player\WMPLAYER.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Rinku Lalli\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = R3 - URLSearchHook: ViewSource Class - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - C:\Documents and Settings\Rinku Lalli\Application Data\winshow\winshow.dll
R3 - URLSearchHook: PerfectNavBHO Class - {A045DC85-FC44-45be-8A50-E4F9C62C9A84} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,netconfig{5}.xtr,
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: WinShow module - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - C:\Documents and Settings\Rinku Lalli\Application Data\winshow\winshow.dll
O2 - BHO: winlink module - {6CC1C91A-AE8B-4373-A5B4-28BA1851E39A} - C:\Documents and Settings\Rinku Lalli\Application Data\winlink\winlink.dll
O2 - BHO: NavErrRedir Class - {A045DC85-FC44-45be-8A50-E4F9C62C9A84} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [mediadriver{5}] netconfig{5}.xtr
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\RunServices: [CMD] cmd32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Network Device Switch.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: InterCheck Monitor.LNK = C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
O8 - Extra context menu item: Ebates - file://c:\Program Files\topMoxie\TEMP\ebates_script.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Researcher (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Ebates (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat - O16 - DPF: Yahoo! Pool 2 - O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - O16 - DPF: {4C2C81B4-91DA-494D-8DBF-A7846BA07073} - O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {A1DC3241-B122-195F-B21A-000000000000} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
 
Upvote 0 Downvote
You have a ton of bad guys running.

You really have to follow the instructions in this FAQ carefully through steps #1-#3 before anyone Hijack log can be of any use.

And, use Add/Remove Programs under control panel and remove Kazaa before posting again if you have an issue.

faq608-4650
 
Upvote 0 Downvote
Sorry for the delayed reply but I managed to regain Task Manager. I accidentally deleted a file and my colleague gave me a restoration tool. As I was using this I discovered a file called taskmgr.exe.new. I restored this file to C:\Windows\System32 and renamed it to taskmgr.exe. All works fine now!!!!!!!!!!!

Thanks to all for your help and advice.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

VicM
  • Locked
  • Question
Task Scheduler message persistence?
Replies
3
Views
817
VicM
VicM
Deniall
  • Locked
  • Question
AutoHotKey for a very simple task 1
Replies
5
Views
966
Deniall
Deniall
Andrzejek
  • Locked
  • Question
How to Disable Google Chrome Password Manager 2
Replies
3
Views
1K
combo
combo
hamburg18w
  • Locked
  • Question
Task Host is Stopping the Shutdown
Replies
1
Views
1K
Ign3us
Ign3us
dpellegrini
  • Locked
  • Question
Clear All Credentials in Credential Manager
Replies
0
Views
476
dpellegrini
dpellegrini

Part and Inventory Search

Sponsor

Back
Top