Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Broken Task Manager After Malware


  • Please log in to reply
1 reply to this topic

#1 tylan

tylan

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 19 September 2009 - 05:56 PM

Working on a PC that was infected with Antivirus System Pro. I uses Process Explorer to kill the fake AV. I then scanned (quick) with MBAM. That knocked out the infection. I noticed that task manager did not open. No error messages. Nothing happens when you run taskmgr.exe. Brought taskmgr.exe from a good computer, placed on desktop, still won't run. If you rename taskmgr.exe to anything else... like task111111mgr.exe it runs fine. I looked through the registry for disallowed EXEs and for the policy setting that stops disables task manager... none found. I followed by running Super Anti Spyware (quick) and it found nothing. I also did a deep scan with Vipre Rescue (live.sunbeltsoftware.com) and it found nothing. The system seems fine except that I still cannot open task manager.

What should I look for?

Tylan

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:42 AM

Posted 19 September 2009 - 09:19 PM

hello tylan,let's try this.
This step involves making changes in the registry. Always back up your registry before making any changes.

Go to Start Run and type: regedit
Click OK.
On the left side, click to highlight My Computer at the top.
Go up to File Export
Make sure in that window there is a tick next to "All" under Export Branch.
Leave the "Save As Type" as "Registration Files".
Under "Filename" put RegBackup.
Choose to save it to C:\
Click save and then go to File Exit.

Or you can download and use ERUNTwhich is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.

Click on the link below:
http://www.kellys-korner-xp.com/xp_tweaks.htm
Scroll down to #275 and click "Lift Restrictions - TM, Regedit and CMD" in the left column. Go to File, choose "Save page as" All Files and save regtmcmdrestore.vbs to your desktop. Double-click on that file to allow the script to run and reboot when done. Since the script modifies certain registry settings your anti-virus package may warn you about it. Ignore the warning and allow it to run.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users