Recently on a siblings computer a virus was caught through the use of p2p programs. I promptly removed every one on the computer, and anything downloaded by them. I managed to get rid of the virus, for the most part. The major problem was Task Manager no longer works. I can't open it any way, and I tried an emergency version that was no success either. I ran AVG, Spybot, Ad Aware, CCleaner, and a few others in the How To sticky. I can't seem to figure out how to fix the Task Manager problem, other then that everything is perfect. I attached the HJT txt, so any insight would be greatly appreciated. Thanks.
Recent virus caused Task manager to stop working.
- Thread starter destruck
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Boot into safe mode. See how HERE.
Turn off system restore.(XP/ME only) See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Go to add remove programmes in your control panel, and uninstall anything to do with(if there).
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
Close control panel.
Open your task manager, by pressing the ctrl/alt/delete keys together.
Click on the processes tab, and end process for(if there).
Weather.exe
Close task manager.
Run HJT with no other programmes open, and have HJT fix the following, by placing a tick in the little box next to(if there).
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120199556437
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128021405007
Now click on the fix checked button.
Close HJT.
Locate and delete the following bold files(if there).
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
Reboot into normal mode, and turn system restore back on.
Regards Howard :wave: :wave:
Boot into safe mode. See how HERE.
Turn off system restore.(XP/ME only) See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Go to add remove programmes in your control panel, and uninstall anything to do with(if there).
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
Close control panel.
Open your task manager, by pressing the ctrl/alt/delete keys together.
Click on the processes tab, and end process for(if there).
Weather.exe
Close task manager.
Run HJT with no other programmes open, and have HJT fix the following, by placing a tick in the little box next to(if there).
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120199556437
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128021405007
Now click on the fix checked button.
Close HJT.
Locate and delete the following bold files(if there).
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
Reboot into normal mode, and turn system restore back on.
Regards Howard :wave: :wave:
Thank you for the prompt reply Howard.
I followed the list you posted, and removed Weather.exe and all its compnents without a problem. I still have no access to Task Manager through CTRL+ALT+DEL or by right clicking on the start bar and clicking the Task Manager option. I'm still at a loss as what is the problem. Here is a new HJT log. Thanks again.
I followed the list you posted, and removed Weather.exe and all its compnents without a problem. I still have no access to Task Manager through CTRL+ALT+DEL or by right clicking on the start bar and clicking the Task Manager option. I'm still at a loss as what is the problem. Here is a new HJT log. Thanks again.
howard_hopkinso
Posts: 21,238 +17
Let HJT fix this entry.
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
I can`t see anything in your HJT log that would cause your task manager to not open.
It is possible that the task manager programme has been damaged.
Try doing a Windows repair, as per this thread HERE
See if that solves the problem.
Regards Howard
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
I can`t see anything in your HJT log that would cause your task manager to not open.
It is possible that the task manager programme has been damaged.
Try doing a Windows repair, as per this thread HERE
See if that solves the problem.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
I`m sorry to hear that.
Obviously something`s not right.
Either the virus that caused the task manager not to open is still there, or the problem is related to something else.
Have you looked in msconfig, to see if there`s anything there that could possibly be responsible?
Try doing various online virus scans, to make sure your system isn`t still infected.
Regards Howard
Obviously something`s not right.
Either the virus that caused the task manager not to open is still there, or the problem is related to something else.
Have you looked in msconfig, to see if there`s anything there that could possibly be responsible?
Try doing various online virus scans, to make sure your system isn`t still infected.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Excellent news.
When you find out what`s responsible. Please let us know.
Regards Howard
When you find out what`s responsible. Please let us know.
Regards Howard
Well, found out that the computer was indeed infected by hidden files. They were trying to send themselves out and it had created a whole hidden folder with 6000+ files. Ewido took care of it all though :knock:
Thanks for all the help, now just need to find out how keep my siblings away from it.
Thanks for all the help, now just need to find out how keep my siblings away from it.
howard_hopkinso
Posts: 21,238 +17
Glad your problem is solved, and thanks for letting us know.
Regards Howard
Regards Howard
- Status
Similar threads
