Please help! Taskmgr and regedit won't open! How can i fix this?

Status
Not open for further replies.
S

seventhson

I've just noticed this in the past few days. Neither of them will open and I'm pretty sure I've been infected with something. None of my scanning programs (Spy-Bot, AdAware, Spy-Sweeper, and Registry Mechanic) have solved the problem. I have downloaded HijackThis but have not yet run it. If anyone can help me out I would greatly sppreciate it. Thanks.
 
Copy your taskmanager (c:\windows\taskman.exe) to a different folder and rename it to e.g. tkm.exe.
A virus will not recognize such a name, and you can thus stop unwanted processes.

To run it, click Start/Run and browse to where you copied tkm.exe
 
I did this, but it still wouldn't open! I'm beginning to get frustrated here. I have included my HijackThis Log in this post, maybe the problem is in there.
 

Attachments

  • hijackthis.txt
    4.9 KB · Views: 6
Ok, i've got regedit to work fine, but Task Manager still won't respond. There isn't any message or anything when I try to run it, it just does nothing when I click on it. I've tried copying and renaming, and that didn't work either.
 
First, it is almost criminally negligent to NOT have any Service Packs installed!
Go get SP4 from MS (free download) and install it as soon as possible!
Then do the full Windows-update (about 40 by now)!

Second, it is almost criminally negligent to NOT use Firefox in this day and age.
Go to www.getfirefox.com and Install Firefox. From now on, ONLY use IE for Windows-updates, for everything else there is Firefox.
Your Avant is nothing but a pretty dress for IE, and just as dangerous! UNinstall Avant!

Do both of the above AFTER you are clean.

Boot in Safe Mode.
Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:
winupdates.exe
winupdate.exe

Next, UNinstall anything to do with:
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\winupdate\winupdate.exe

Next, run a HJT scan and place a tick-mark in the little square before (if still there):
...................................................................................................
C:\Program Files\winupdates\winupdates.exe
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
ONLY fix this O17 if those IPs are NOT from YOUR ISP.
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA6EF316-67E6-424F-95A0-D15B872AAD35}: NameServer = 209.153.128.4 169.207.1.3
...................................................................................................
Now click on the Fix Checked button in HJT.

When done, from between the dotted lines, delete the highlighted bold files.
When a \directory-name\ is bold, delete everything in it, including that directory itself.
Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
Repeat this for ALL [usernames].
Boot normal.
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
How I finally beat the scalpers and landed a PS5 (Update)
2
Replies
43
Views
9K
captaincranky
captaincranky
mongeese
  • Locked
How to stop everyone from spying on you (for free)
Replies
13
Views
3K
GomerPyle
G
DjKraid
Steam: How to spot scams and how to avoid them
Replies
0
Views
18K
DjKraid
DjKraid

Latest posts

Back