1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Another Task Manager not working thread....possible worm, HJT attatched

By Matt_M_123 ยท 4 replies
Nov 16, 2005
  1. Ok, I have been reading around here for the last few days taking all this in. I have done a lot of stuff by following several of the stickys and still havent fixed it. Task manager will not come up with C.A.D. or right clicking the task bar and selecting it. So far I have done this......I followed most of the instructions on the coolwebsearch sticky. I ran all those programs (Adaware, SB S&D ect.) and came up with a bunch of stuff but one thing stood out. When I did a scan in Ad Aware, it came up with several critical objects labelled "worm". Below is a copy of the data from one of the files that I figure is in question. There were several other files in the list, all under this category and vendor: bszip.dll, cmd.com, netstat.com, ping.com, regedit.com, taskkill.com, and tracert.com.

    "Object Type:File
    "Size:2 Bytes
    "Last Activity:11-17-2005 2:49:07 AM
    "Risk Level:Low
    "TAC index:8
    "Description:p2P worm

    I selected remove and it said it removed them, and on a restart and rescan, they were back again. This may or may not have anything to do with the problem I am having but seeing that it was a reoccuring problem and wouldn't go away it made me think a little. I then went through the tutorial some more and booted in safe mode and went through and "fixed" a few items and deleted everything it told me to. I also noticed Task Manager works fine in safe mode. Anyway, I went back and booted normally and still have no task manager. I have attatched my HJT file for further diagnosis. Any help is GREATLY appreciated! Thanks a lot for helping!
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    You don't run any Antivirus or Firewall (except perhaps that lousy XP-one).
    That's absolutely stupid in this day and age.
    And you did not follow the instructions EXACTLY either, you missed 2.
    Come back when you have an AV.
  3. Matt_M_123

    Matt_M_123 TS Rookie Topic Starter

    I'll get on that today.......but which 2 did I miss?

    The coolwebsearch sticky mentioned windows update(s) with a space in bewteen it and I had the line
    O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto

    I figured this one was not the same since it wasn't exctly the same and was afraid to delete it! ;)
    The other I'm guessing is the line
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

    But again, in that walkthrough I didn't see anything pointing to a line 18 and was also afraid to delete it. If these are the 2 lines let me know and I'll get rid of em and go get me some anti-virus software. Are there any that you recommend highly??
  4. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

  5. Matt_M_123

    Matt_M_123 TS Rookie Topic Starter

    Problem Fixed!!!!!!! :grinthumb

    Ok, first thing I did was download the antivirus program and run a full scan. It found the WINUPDATES folder in program files and 3 files that were linked to that worm (called Worm/VB.CC). If you go into program files and try to get to this folder even with "show hidden files/folders" enabled, it doesn't show up, you have to manually enter it in the address box to get to it. Anyway, it deleted these and also the "winsupdate" line in hijack this and upon restart task manager works! Thanks for the link to that virus scanner and the usefull info on this site!
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...