Task manager no longer available
- Thread starter daftdog
- Start date
- Status
We need to know the brand, model, and configuration of your computer. Looks like a Sony VAIO.
To begin with, we would install Internet Explorer 7.1
Your comment, "task manager has been disabled and my turn off button in my start button so i only have log off" doesn't make it clear to me exactly what the problem might be.
You will likely benefit from a www.Microsoft.com search for Task Manager etc. as there is a lot of info in their knowledgebase.
To begin with, we would install Internet Explorer 7.1
Your comment, "task manager has been disabled and my turn off button in my start button so i only have log off" doesn't make it clear to me exactly what the problem might be.
You will likely benefit from a www.Microsoft.com search for Task Manager etc. as there is a lot of info in their knowledgebase.
hi have downloaded internet explorer 7 and yes its a sony vaio all in one pc tryed doing a full system re-store but for some apparent reason it wont let me do it,i ran removalIT pro which revealed i had 7 viruses which it told me to delete manually as it couldnt remove them, but i cant get in to run to search the files to delete them the other day it said i had winpro 2006 or something like that!when i go in to my start menu run has dissapeared any help or anything i can download to help would be much appreciated thanks
howard_hopkinso
Posts: 21,238 +17
hello and welcome to Techspot.
Your system looks to be infected with the vundo trojan.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.
Also, let me know the results of the AVG Antirootkit scan.
Regards Howard :wave: :wave:
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system looks to be infected with the vundo trojan.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.
Also, let me know the results of the AVG Antirootkit scan.
Regards Howard :wave: :wave:
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
you need adminstrative rights to do this.
-=-to enable task manager-=-
run gpedit.msc
under "User Configuration"
go to "Administrative Templates"
go to "System"
go to "Ctrl+Alt+Del Options"
double-click "Remove Task Manager" and select "Not Configured" or "Disabled"
.
-=-to enable shutdown option-=-
run gpedit.msc
under "User Configuration"
go to "Administrative Templates"
go to "Start Menu and Taskbar"
double-click on "Remove and prevent access to the shutdown command" and select "Not Configured" or "Disabled".
.
if nothing shows up when you double-click those options or still nothing happens, then you got yourself a good virus infection.
btw... from your HJTlog running processes:
C:\WINDOWS\AGRSMMSG.exe seems like a suspicious running process.
it's also set to run on system startup as seen here:
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
disable these entries if you're sure they arent authorized entries.
-=-to enable task manager-=-
run gpedit.msc
under "User Configuration"
go to "Administrative Templates"
go to "System"
go to "Ctrl+Alt+Del Options"
double-click "Remove Task Manager" and select "Not Configured" or "Disabled"
.
-=-to enable shutdown option-=-
run gpedit.msc
under "User Configuration"
go to "Administrative Templates"
go to "Start Menu and Taskbar"
double-click on "Remove and prevent access to the shutdown command" and select "Not Configured" or "Disabled".
.
if nothing shows up when you double-click those options or still nothing happens, then you got yourself a good virus infection.
btw... from your HJTlog running processes:
C:\WINDOWS\AGRSMMSG.exe seems like a suspicious running process.
it's also set to run on system startup as seen here:
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
disable these entries if you're sure they arent authorized entries.
Bobbye
Posts: 16,313 +36
You're using a programs that states "Locate & remove many new dangerous files including viruses, worms, trojan horses, adwares & spywares that other popular AV programs cannot find" but it tells you that you have 7 viruses it can't remove?!
WinPro Antivirus 2006 is often caused by the Virtumonde (Vundo) trojan. It can be removed using:
http://www.atribune.org/content/view/24/2/
This may be one of the programs that Howard takes you through, I'm not sure. But I think you may want to consider another anti-virus program after you're clean. You should also scan with at least two spyware/adware programs regularly.
And if you do have 7 viruses, chances are you have other malware also so follow through with the HijackThis instruction.
WinPro Antivirus 2006 is often caused by the Virtumonde (Vundo) trojan. It can be removed using:
http://www.atribune.org/content/view/24/2/
This may be one of the programs that Howard takes you through, I'm not sure. But I think you may want to consider another anti-virus program after you're clean. You should also scan with at least two spyware/adware programs regularly.
And if you do have 7 viruses, chances are you have other malware also so follow through with the HijackThis instruction.
kitty500cat
Posts: 1,391 +6
The gpedit.msc instructions won't work unless you have Windows XP Professional.
Please follow Howard's advice and post the requested logfiles. Howard's instructions do include using the Vundo remover available at atribune.org.
Regards
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Please follow Howard's advice and post the requested logfiles. Howard's instructions do include using the Vundo remover available at atribune.org.
Regards
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Unless you follow the instructions and post the requested log files, we can`t say whether your system is clean or not.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Your HJT log is still showing infection. Also, you have not renamed HijackThis.exe as per the instructions.
Unless you follow the instructions exactly, I can`t help you.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Unless you follow the instructions exactly, I can`t help you.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
At no point in my instructions did I ask for a VBG log.
I require a HJT, Combofix and AVG Antispyware log posted after following all the instructions HERE.
Now please do the following.
Download Vundofix from HERE.
Double click the Vundofix.exe to run it.
Right click in the vundofix window and click add files.
Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do it`s stuff.
This is the filepath you need to enter into Vundofix.
C:\windows\system32\fccyyyw.dll
Then, post fresh HJT, Combofix and AVG Antispyware logs.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I require a HJT, Combofix and AVG Antispyware log posted after following all the instructions HERE.
Now please do the following.
Download Vundofix from HERE.
Double click the Vundofix.exe to run it.
Right click in the vundofix window and click add files.
Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do it`s stuff.
This is the filepath you need to enter into Vundofix.
C:\windows\system32\fccyyyw.dll
Then, post fresh HJT, Combofix and AVG Antispyware logs.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.
2. Download the attached avengerscript.txt and save it to your desktop
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
3. Now, start The Avenger program by double clicking on its icon on your desktop.
Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT and Combofix log.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
2. Download the attached avengerscript.txt and save it to your desktop
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
3. Now, start The Avenger program by double clicking on its icon on your desktop.
Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT and Combofix log.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Well done, your log files are clean.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of daftdog only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Same problem
Hi,
I'm not sure if I should start a new thread or reply in this one, but as my problem is similar to this one, I though I should just ask for help in this thread.
Here is the thing:
I did format my computer because of some problems and then, they just reappears.
I no longer have the "Folder Option", cannot access to registry editor, neither to task manager.
As Howard said the sequence of actions presented in this thread are just for this user, I though maybe I could ask for the same kind of help.
If this is not the correct way to ask for help, just tell me the way to do it.
Many thanks,
BumbleB
Hi,
I'm not sure if I should start a new thread or reply in this one, but as my problem is similar to this one, I though I should just ask for help in this thread.
Here is the thing:
I did format my computer because of some problems and then, they just reappears.
I no longer have the "Folder Option", cannot access to registry editor, neither to task manager.
As Howard said the sequence of actions presented in this thread are just for this user, I though maybe I could ask for the same kind of help.
If this is not the correct way to ask for help, just tell me the way to do it.
Many thanks,
BumbleB
Hello,
Thanks for replying, Rayday.
To restate my problem:
1. Whenever I click on a folder to open it, instead of being able to navigate within the same window, a completely new window opens. When I tried to verify the settings in the "Folder Option" of the Tool menu in any window, the "Folder Option" has disappeared and there is only "Map Network Drive...", "Disconnect Network Drive...", "Synchronize" left.
2. When I try to open "Task manager" from the Task Bar menu, I cannot access it (greyed out).
When these problems started, I decided to format my Windows partition. I have two hard drives: one with two partitions (windows and my files) and the other one contains three partitions (my files once again). However, the same problem happens again within the hour after formatting my computer. I formated numerous times to the same results.
I am assuming that it is a virus that is within one of my partitions, but am not sure how to proceed.
I followed the advice I found online related to a similar problem whereas I should check the registry. Yet, when I try to run regedit from Start menu/Run, it states that I need to be the administrator to access the registry. I am the administrator and it still does not let me access it.
Any help/advice would be appreciated.
Thanks,
BumbleB
Thanks for replying, Rayday.
To restate my problem:
1. Whenever I click on a folder to open it, instead of being able to navigate within the same window, a completely new window opens. When I tried to verify the settings in the "Folder Option" of the Tool menu in any window, the "Folder Option" has disappeared and there is only "Map Network Drive...", "Disconnect Network Drive...", "Synchronize" left.
2. When I try to open "Task manager" from the Task Bar menu, I cannot access it (greyed out).
When these problems started, I decided to format my Windows partition. I have two hard drives: one with two partitions (windows and my files) and the other one contains three partitions (my files once again). However, the same problem happens again within the hour after formatting my computer. I formated numerous times to the same results.
I am assuming that it is a virus that is within one of my partitions, but am not sure how to proceed.
I followed the advice I found online related to a similar problem whereas I should check the registry. Yet, when I try to run regedit from Start menu/Run, it states that I need to be the administrator to access the registry. I am the administrator and it still does not let me access it.
Any help/advice would be appreciated.
Thanks,
BumbleB
- Status
