[Uncurable]Task manager, virus related

By AcaNbg ยท 7 replies
Sep 24, 2010
  1. Ok, so i was watching a show that i downloaded earlier in win media player, and it started to freeze from time to time, then it froze up completely. When i tried to run the Task manager, it said that it had been disabled by a administrator. So i started up my nod32(it was of for 3 days) and it started to pop out these messages about some Sality.NET Virus, and it quarantined about 70 items, form ffd show somethings, to ggl chrome setup file... It was every were, in system files, in a game executable, in microsoft office... An when i ran a complete system check, it found 9 infections beside these. Some Trojan linked to jar_cache(bunch of numbers).tmp was found to. And then when i tried to start up my Task manager, it gives me this error message now: taskmgr.exe - Unable to locate component
    This application has failed to start because .dll was not found. Re-installing the application may fix the problem. It says just that, nothing else. I ran the virus check again, nothing, regedit works fine, but i can't use it to make my taskmgr work.
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Bad news! If you have the Sality virus family, it's going to mean a reformat/reinstall.This is the exploit of the shortcut .ink files.

    Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web.

    I'd like you to run the 2 following programs:

    Malwarebytes' Anti-Malware
    • Please download Malwarebytes' Anti-Malware from from HERE
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to
      [o] Update Malwarebytes' Anti-Malware
      [o] and Launch Malwarebytes' Anti-Malware
    • then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick scan, then click Scan.
      * When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. please attach this log with your reply
      [o] If you accidentally close it, the log file is saved here and will be named like this:
      [o] C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    If we see either 'Saility' or the Worm Win32/Stuxnet.A, it will be in your best interest-and safety- to reformat/reinstall. I'll know more after I see the logs.
  3. AcaNbg

    AcaNbg TS Rookie Topic Starter

    Malwarebytes' Anti-Malware 1.46

    Database version: 4052

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    01. 01. 03 0:49:18
    mbam-log-2003-01-01 (00-49-18).txt

    Scan type: Flash scan
    Objects scanned: 83306
    Time elapsed: 44 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    I'll run the nod32 online now. Malware found nothing.
  4. AcaNbg

    AcaNbg TS Rookie Topic Starter

    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=
    # OnlineScanner.ocx=
    # api_version=3.0.2
    # EOSSerial=9dd3632af3860b47b3e338e485f2e3d1
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2010-09-25 01:16:03
    # local_time=2010-09-25 03:16:03 (+0100, Central Europe Daylight Time)
    # country="Serbia and Montenegro"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 3
    # compatibility_mode=8199 39157157 100 100 11369 15921811 0 0
    # scanned=80424
    # found=0
    # cleaned=0
    # scan_time=4128
    # nod_component=V3 Build:0x30000000

    This is it, no virus, no nothing... And still, the task manager is not working
  5. AcaNbg

    AcaNbg TS Rookie Topic Starter

  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Sorry crunchie- we must have been posting at the same time.

    AcaNbg, you give the perfect reasons why you should reformat and reinstall:
    The Taskmanager has mostl likely been corrupted by Sailty We recently had a disscusion about Sailty and I am going to quote this source:
    Courtesy Blind Dragon: http://www.tech-101.com/system-security/1482-security-threats-evolving-breakneck-pace.html

    You will find excellent reformat/reinstall instructions here:
  7. AcaNbg

    AcaNbg TS Rookie Topic Starter

    Ok, thanks for the effort, I'll get down to reinstalling right away.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    You're welcome. Sorry it isn't better news.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...