Back To Microsoft Windows Forum

No access to Task Manager and MSCONFIG

  • praXP
  • Born
  • Born
  • No Avatar
  • Joined: Dec 07, 2007
  • Posts: 3
  • Status: Offline

Post December 7th, 2007, 3:53 am

I am the only user of my laptop and have the user role defined as computer administrator. But, I am not able to access Task Manager and MSCONFIG. I am using Windows XP SP2. I am attaching my HijackThis log. Please look into it and advise my how to resolve this issue. Thanks in advance for helping me.

Please refer the latest log file in the next post below.
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post December 7th, 2007, 3:53 am

  • grinch2171
  • Moderator
  • Genius
  • User avatar
  • Joined: Feb 11, 2004
  • Posts: 6744
  • Loc: Martinsburg, WV
  • Status: Online

Post December 7th, 2007, 6:07 am

Reboot into safe mode by pressing F8 during boot. Rerun Hijack This and select the following and fix
Quote:
C:\WINDOWS\system32\SSVICHOSST.exe

C:\heap41a\svchost.exe

C:\heap41a\svchost.exe

F2 - REG:system.ini: Shell=Explorer.exe SSVICHOSST.exe

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)

O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\SSVICHOSST.exe

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
‎"Be polite, be professional, but have a plan to kill everybody you meet." Maj. Gen. James Mattis
  • praXP
  • Born
  • Born
  • No Avatar
  • Joined: Dec 07, 2007
  • Posts: 3
  • Status: Offline

Post January 7th, 2008, 9:18 am

Thanks for your quick response. I fixed them. I could get the msconfig. But, I am still not able to get task manager. Could you please have a look at the following latest log file and suggest me what could be done.

Logfile of HijackThis v1.99.1
Scan saved at 2:22:03 PM, on 1/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\LogWatNT.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\hijack\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BHOManager Class - {474264BC-9571-47C1-85B9-780F756DC9CE} - C:\WINDOWS\system32\BHOManager.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2804396855
O17 - HKLM\System\CCS\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C617}: NameServer = 202.88.156.8,202.88.156.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C617}: NameServer = 202.88.156.8,202.88.156.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C617}: NameServer = 202.88.156.8,202.88.156.6
O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - ielpview.dll (file missing)
O18 - Protocol: vfsp - {E4CB5121-E242-11D4-8ED6-00010219EB22} - VFSProtocol.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\WINDOWS\LogWatNT.exe
  • deathblade
  • Proficient
  • Proficient
  • User avatar
  • Joined: Mar 08, 2007
  • Posts: 419
  • Loc: u.k
  • Status: Offline

Post January 7th, 2008, 4:33 pm

do you know these ips?

Code: [ Select ]
O17 - HKLM\System\CCS\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C61 7}: NameServer = 202.88.156.8,202.88.156.6

O17 - HKLM\System\CS1\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C61 7}: NameServer = 202.88.156.8,202.88.156.6

O17 - HKLM\System\CS2\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C61 7}: NameServer = 202.88.156.8,202.88.156.6
  1. O17 - HKLM\System\CCS\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C61 7}: NameServer = 202.88.156.8,202.88.156.6
  3. O17 - HKLM\System\CS1\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C61 7}: NameServer = 202.88.156.8,202.88.156.6
  5. O17 - HKLM\System\CS2\Services\Tcpip\..\{0ACDE06A-5AFE-4752-9B16-9DAE7190C61 7}: NameServer = 202.88.156.8,202.88.156.6
This is a block of text that can be added to posts you make. There is a 500 character limit.
  • praXP
  • Born
  • Born
  • No Avatar
  • Joined: Dec 07, 2007
  • Posts: 3
  • Status: Offline

Post January 8th, 2008, 10:17 am

Yes. They are the ipaddress of DNS server provided by my internet service provider.
  • deathblade
  • Proficient
  • Proficient
  • User avatar
  • Joined: Mar 08, 2007
  • Posts: 419
  • Loc: u.k
  • Status: Offline

Post January 8th, 2008, 10:41 am

then i did not find anything
This is a block of text that can be added to posts you make. There is a 500 character limit.
  • jhernandez
  • Born
  • Born
  • No Avatar
  • Joined: Jan 30, 2008
  • Posts: 2
  • Status: Offline

Post January 30th, 2008, 2:49 am

hello...

i had the same problem before... so when i read this thread i knew i had to pass on my two cents or help.. lol

i'm not sure why it was disabled in the first place but you can go here:

http://www.windowsnetworking.com/kbase/ ... mePro.html

and fix it...

i used the second method using the gpedit.msc command from the run command thing... lol

let me know how it goes....

props to the windowsnetworking site for helping me out...

best of luck...
-technoWEENIE

Page 1 of 1

Post Information

  • Total Posts in this topic: 7 posts
  • Users browsing this forum: No registered users and 102 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.