Taskmgr regedit cmd ipconfig not working help please

By chaoticjunk
Mar 23, 2006
  1. just recently my computer started getting lots of random popups then later on my ctrl alt del stopped bringing up taskmgr.

    I have tried to run it with the run command and also trie using the alternative ctrl shift esc but it still doesn't work.
    The same goes for cmd, regedit and ipconfig... they won't show up.

    When I ran HijackThis here's what I got

    Can anyone help me solve this problem.. I think my computer is seriously infected. :(
  2. mark16_15

    mark16_15 TS Rookie

    You've got Spyware

    I had it and it was a killer.
    this line from your HJT dump shows it
    O4 - HKLM\..\Run: [rmalt] C:\Program Files\Update06\Setup.exe

    I removed mine manually using xsetup pro to enable regedit but I found this link on Sophos that might work for you.

    * Windows 2000/XP/2003
    1. Download an emergency copy of SAV32CLI . On an uninfected Windows computer, run this file to extract the contents into a SAV32CLI folder on a medium that can be write-protected. Add any relevant IDEs to this folder and write-protect the disk (on a CD/R or CD/RW close the session).
    2. Restart the computer in Safe Mode. Go to Start|Shut Down. Select 'Restart' from the dropdown list and click 'OK'. Windows will restart. Press F8 when you see the following text at the bottom of the screen "For troubleshooting and advanced startup options for Windows 2000, press F8". In the Windows 2000 Advanced Options Menu, select the third option 'Safe Mode with Command Prompt'.
    3. At the infected computer, place the CD in the CD drive (D: in this example).
    At the command prompt type

    to access the CD drive. Type:

    Then type:

    to remove the Trojan.
    4. Before leaving Safe Mode, edit any registry entries mentioned in the Trojan analysis recovery instructions.
    5. If problems persist, contact support.

    I didn't try this but Sophos is reliable so it should work.
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Go HERE and follow the instructions for running Ewido.

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Turn off system restore.(XP/ME only) See how here.>

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.>

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.>

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).


    Close control panel.

    Open your task manager(if you can), by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).


    Close task manager.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R3 - Default URLSearchHook is missing

    O4 - HKLM\..\Run: [rmalt] C:\Program Files\Update06\Setup.exe Unknown

    O16 - DPF: {1319E67B-06AD-4C4B-9D85-9FEF7EDF7098} (NateOnMMSAtx Class) -

    O16 - DPF: {5CA5E00D-80A8-475A-BF08-816FD56DBC38} (KTCtrl Class) -

    O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) -

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\Program Files\Update06

    Reboot into normal mode and turn system restore back on.

    Post a fresh HJT log as an attachment into this thread. See HERE for instructions.

    Regards Howard :wave: :wave:

    This thread is for the use of chaoticjunk only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.

Similar Topics

Create an account or login to comment

You need to be a member in order to leave a comment
TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.