Windows XP Task Manager starts and instantly teminates

All of sudden, it seems, task manager will not stay running. I cntl/alt/del it starts an instantly terminates. Anyone know why?

Found this:
http://www.mcse.ms/message899814.html


Google:
Task Manager Closes

Good Luck

Ran NAV, AdAware, Spybot, Found no viruses. Still have problem.
???

i'm quite sure that u have a "worm or spam" that make your TASK manager stop no antivirus can detect it try this :-

"SPYBOT" you can find it at download.com it's free ware maybe it can help if not try to go 2 "msconfig" then "startup" tab and disable unknown files that start with unknown letters.

Can you run regedit? or does that terminate also?

If so, my best guess is what's included in the link JrzyCrim provided above

Probably W32.Spybot.Worm
http://securityresponse.symantec.com/av ... .worm.html

You might also check the replies here (scroll down to see):
http://www.experts-exchange.com/Applica ... 77095.html

installed an ran spyboth and ad aware.
Still task manager flashes and terminates.
also REGEDIT does the same

Search through the links provided carefully. If you are still having trouble download Hijack This

Run it, click scan, save your log and post it here. Don't fix anything yet. Just post your log and we'll see what's going on...

dude i have seen this before but it is a worm over there in your system
unfourtinatly the only solution was to reinstall the system. i have done all what i know which toke like 5 hours and the same problem still there

I have run hijack. What do I look for?
and yes REGEDIT does the same this.

You can post your hijackthis log here. We'll help if possible.

Logfile of HijackThis v1.98.2
Scan saved at 9:18:54 PM, on 9/1/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\OHWNBEIU.EXE
C:\QUICKENW\QAGENT.EXE
C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe
C:\KMaestro\KMaestro.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\QUICKENW\QWDLLS.EXE
C:\WINDOWS\system32\mrtMngr.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Tom Palmer\My Documents\Download\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AOL Instent Messenger] OHWNBEIU.EXE
O4 - HKLM\..\Run: [QAGENT] C:\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKCU\..\RunOnce: [AOL Instent Messenger] OHWNBEIU.EXE
O4 - Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ScanButton 2.1.lnk = C:\Program Files\ScanButton 2.1\ScanButton.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsup ... veData.cab

I don't see anything that needs to be fixed. Your log looks clean to me.


Try the online virus scan here and see if it turns up anything:

http://housecall.trendmicro.com/

In the meantime, I'll see if I can turn up any other causes for your problem.

Man -- that looks pretty darn clean to me.

Given the fact that you apparently use AIM, there is a possibility of this:

http://reviews.cnet.com/5208-6132-0.htm ... eID=372092

Although I don't see any evidence of it in your log file. Also checked several variants (under symantec's name)
http://reviews.cnet.com/5208-6132-0.htm ... eID=372092

Looks like you have the same problem as the first link, but I don't see in your log where it might be.

Have you tried MSCONFIG and does it close too, like others are having problems with?