TechSpot

Please help! Taskmgr and regedit won't open! How can i fix this?

By seventhson
Jun 22, 2005
Topic Status:
Not open for further replies.
  1. I've just noticed this in the past few days. Neither of them will open and I'm pretty sure I've been infected with something. None of my scanning programs (Spy-Bot, AdAware, Spy-Sweeper, and Registry Mechanic) have solved the problem. I have downloaded HijackThis but have not yet run it. If anyone can help me out I would greatly sppreciate it. Thanks.
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 8,165

    Copy your taskmanager (c:\windows\taskman.exe) to a different folder and rename it to e.g. tkm.exe.
    A virus will not recognize such a name, and you can thus stop unwanted processes.

    To run it, click Start/Run and browse to where you copied tkm.exe
  3. seventhson

    seventhson TS Rookie Topic Starter

    I did this, but it still wouldn't open! I'm beginning to get frustrated here. I have included my HijackThis Log in this post, maybe the problem is in there.

    Attached Files:

  4. seventhson

    seventhson TS Rookie Topic Starter

    Ok, i've got regedit to work fine, but Task Manager still won't respond. There isn't any message or anything when I try to run it, it just does nothing when I click on it. I've tried copying and renaming, and that didn't work either.
  5. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 8,165

    First, it is almost criminally negligent to NOT have any Service Packs installed!
    Go get SP4 from MS (free download) and install it as soon as possible!
    Then do the full Windows-update (about 40 by now)!

    Second, it is almost criminally negligent to NOT use Firefox in this day and age.
    Go to www.getfirefox.com and Install Firefox. From now on, ONLY use IE for Windows-updates, for everything else there is Firefox.
    Your Avant is nothing but a pretty dress for IE, and just as dangerous! UNinstall Avant!

    Do both of the above AFTER you are clean.

    Boot in Safe Mode.
    Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:

    winupdates.exe
    winupdate.exe

    Next, UNinstall anything to do with:
    C:\Program Files\winupdates\winupdates.exe
    C:\Program Files\winupdate\winupdate.exe

    Next, run a HJT scan and place a tick-mark in the little square before (if still there):
    ...................................................................................................
    C:\Program Files\winupdates\winupdates.exe
    O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
    O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
    ONLY fix this O17 if those IPs are NOT from YOUR ISP.
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AA6EF316-67E6-424F-95A0-D15B872AAD35}: NameServer = 209.153.128.4 169.207.1.3
    ...................................................................................................
    Now click on the Fix Checked button in HJT.

    When done, from between the dotted lines, delete the highlighted bold files.
    When a \directory-name\ is bold, delete everything in it, including that directory itself.
    Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
    Repeat this for ALL [usernames].
    Boot normal.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.