Lost Task Manager
in [Windows XP Basics]
|
Prev: Audio config
Next: Laptop won't boot
From: Ray on 14 Feb 2010 15:33 WindowsXP Pro SP3 IE8 There was a program called Internet Security 2010 which came from somewhere. It persisted and could not be eliminated or canceled. I use Vipre as my anti-virus program and it listed it as a high risk entry along with a Trojan. I cleaned them both and then found that my Task Manager is not available. In doing a Search for files or folders I do not find taskmgr.exe. Is there a way to recover it? I use it very often. -- Ray _________________________________________________
From: Jose on 14 Feb 2010 18:45 On Feb 14, 3:33 pm, "Ray" <rbar...(a)nwi.net> wrote: > WindowsXP Pro SP3 IE8 > > There was a program called Internet Security 2010 which came from somewhere. It > persisted and could not be eliminated or canceled. I use Vipre as my anti-virus program > and it listed it as a high risk entry along with a Trojan. I cleaned them both and then > found that my Task Manager is not available. In doing a Search for files or folders I do > not find taskmgr.exe. Is there a way to recover it? I use it very often. > > -- > Ray > _________________________________________________ What does "not available" mean - how are you trying to run TM? Do you have access to a genuine bootable XP installation CD if you need one? Look here for taskmgr.exe and report what you find. C:\WINDOWS\ServicePackFiles\i386 C:\WINDOWS\system32 C:\WINDOWS\system32\dllcache I would do this first, then work on fixing TM. Perform some scans for malicious software, then fix any remaining issues: Download, install, update and do a full scan with these free malware detection programs: Malwarebytes (MBAM): http://malwarebytes.org/ SUPERAntiSpyware: (SAS): http://www.superantispyware.com/ They can be uninstalled later if desired.
From: glee on 14 Feb 2010 18:49 "Ray" <rbarone(a)nwi.net> wrote in message news:%23dPgyTbrKHA.5940(a)TK2MSFTNGP02.phx.gbl... > WindowsXP Pro SP3 IE8 > > There was a program called Internet Security 2010 which came from > somewhere. It > persisted and could not be eliminated or canceled. I use Vipre as my > anti-virus program > and it listed it as a high risk entry along with a Trojan. I cleaned > them both and then > found that my Task Manager is not available. In doing a Search for > files or folders I do > not find taskmgr.exe. Is there a way to recover it? I use it very > often. > > -- > Ray > _________________________________________________ Ray, You may have more worries than just a disabled Task Manager. If the rogue/fake AV was on your system for any length of time (and by that I mean more than a couple of minutes), it may have downloaded some of its friends...trojan horse downloaders, key loggers, password stealers, and rootkits. First, follow ALL the instructions here, whether you think it is already removed or not: Remove Internet Security 2010 (Uninstall Guide) http://www.bleepingcomputer.com/virus-removal/remove-internet-security-2010 That process should also re-enable the Task Manager and anything else that the malware disabled (The malware usually also disables Security Center, Automatic Updates, and sometime the Registry Editor, and others). Make sure your anti-virus app is working and also updating again. Then, using Internet Explorer, go to the OneCare Live Protection Center and run the Protection Scan: http://onecare.live.com/site/en-us/center/howsafe.htm Do NOT run any other scans available at that site, just the Protection Scan. Click the button on that page and follow all instructions to run the scan. You may still have a hidden infection after that, if a rootkit had time to get on your system. I suggest running a virus scan from a boot CD, with Windows not running. That's the only way you will be sure to detect and remove a rootkit, unless you remove the hard drive and slave it to a known-clean computer, and run a virus scan on the drive while it is slaved. If a rootkit is removed that way, it often takes a key system file with it, and Windows will not start after its removal. In that case, you have to replace the removed file using the Recovery Console, or is you slave the drive in another computer, you can copy a replacement file to the drive before returning the drive to your computer. If a rootkit is found, there is no guarantee that your system is clean even after its removal, and the recommended procedure is to back up your data, wipe out Windows and do a clean install, or if it is an OEM system you can use the recovery discs or recovery partition to reinstall the image from when you first bought the computer. The bootable CD anti-virus I use is the Avira Rescue Disc: http://www.free-av.com/en/products/12/avira_antivir_rescue_system.html These instructions should be read carefully before beginning: Tutorial for Avira Rescue CD - http://forum.avira.com/wbb/index.php?page=Thread&threadID=82163 If doing all that is beyond what you feel comfortable doing, you should find a competent computer repair technician who will follow these procedures on your system. Anything less will not ensure your system is clean. -- Glen Ventura, MS MVP Oct. 2002 - Sept. 2009 A+ http://dts-l.net/
From: edfair on 14 Feb 2010 21:26 Can't remember exactly where the key is located, but the issue is that there was a change to policy that keeps TM, regedit, msconfig and some other stuff from running. Change the policy key and everything shows back up. may be HKLM , software, windows, current version, policies
|
Pages: 1 Prev: Audio config Next: Laptop won't boot |