TUTORIAL: Task Manager, Regedit, etc won't open (Part 1)

  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

(This is part one of a multi part tutorial.)

Having problems with Task Manager, Regedit, Msconfig, etc not opening? Can't run a virus scan or update your .dat files? Seems to be a fairly common problem these days. There could be a variety of explanations, but most likely you have a virus / trojan infecting your machine. Many viruses / trojans / malware attempt to circumvent the tools to find and remove them. This is now your problem.


(*note – Before proceeding (provided you are not reading this from the infected computer), disconnect all internet connections, particularly if you are on broadband or DSL. An active connection may allow a malicious user to do additional damage to your machine while you are reading. Reconnect only when instructed to do so. In fact it is a best practice, to immediately disconnect your computer from the internet any time you suspect or determine that you have a virus until you can get it cleaned or get advice from an expert.)

_________________________________
How can I avoid this? (Top dozen)

Let me start with some best practices:
1. If you don't have one already, install and religiously use a good Anti-Virus program such as Symantec's Norton http://symantec.com/ or McAfee http://mcafee.com/us/ . Religiously update the dat files and run scheduled weekly (or daily) scans.
2. Make sure Realtime scanning is enabled. A Firewall is a definite plus.
3. If you can't afford a cost effective virus protection then use some free online tools like TrendMicro http://www.trendmicro.com/en/home/us/enterprise.htm or Grisoft http://www.grisoft.com/doc/1 on a regular basis.
4. Don't trust pop-ups that tell you that you may have spyware on your machine. Most of these are money making schemes designed to get you to buy their removal product, which in some cases also contain adware and spyware. For a list of those to avoid see here: http://www.spywarewarrior.com/rogue_anti-spyware.htm
5. Make back-ups of your most essential files frequently by whatever means you have available, i.e. Tape, CD, DVD, USB Drives, Ghost programs, etc. You never know when you'll have to reformat and start from scratch and without current backups of your essential files, you're basically screwed. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.
6. Be careful where you "surf". If you know you are going to click a site that is questionable, then at least be intelligent enough to disable javascript, java, ActiveX installations, etc... You "surf" these sites at your own risk and don't come crying to mama when you get burned.
7. Uninstall and quit using P2P networking proggies like Kazaa and Limewire. These are your most likely weakest links if you're using them. Primarily most stuff transferred is illegally obtained and if you won't give it up -- suck it up and pay the consequences.
8. Install and regularly use anti-spyware removal tools such as Adaware and Spybot S&D
9. Don't give access to your computer to friends / family who appear to be clueless about what they are doing. Otherwise you'll come home from school / work one day and your computer will be trashed.
10. Many "free" online games come bundled with adware / spyware and simply won't work without them. If you have Wild Tangent installed on your computer you are already a victim.
11. Don't install Weather Bug. If you want a free weather service install the Weather Channel version instead.
12. When in doubt -- don't download it and don't install it until you've researched it. You are always welcome to ask OZZU about questionable programs for advice.

Back to the topic at hand.
_____________________________________
I can't run Virus scans or do Updates

Chances are your hosts file has been hijacked and modified. Your host file is used to tell your browser where it should find files/sites -- normally it's never used except by experienced users. By default, the only thing that comes with a clean Windows install in your host file is 127.0.0.1 Localhost. In essence what that means is that anything that has the 127.0.0.1 address in your hosts file redirects to your computer, hence making the webpage undisplayable (for example if you included 127.0.0.1 http://www.google.com in your hosts file you would get a page not found error, because your browser would be looking for google on your machine). What many new viruses / trojans attempt to do is edit your hosts file to essentially make most recognized antivirus proggies unusable, or disallow access to definition updates. This file is located in c:\WINDOWS\system32\drivers\etc. or c:\WINNT\system32\drivers\etc (depending on what version of Windows you use) and does not include a file extension. In order to open and edit it, you can use Notepad, but to see it, you must select "all files" from the dropdown menu instead of text .txt files. If this file contains anything other than 127.0.0.1 Localhost that you didn't add there yourself, then delete the additional entries and save the file (be sure to scroll all the way down as some viruses add their entries with many spaces below the valid ones.) When you save, select File and Save. Do not select "Save As" as this will by default add a .txt file extension and will make the file unusable. *note the host file in system32 is not the same as hosts.ics or lmhosts.sam. Do not confuse them.

By editing this file (without rebooting - rebooting may cause the file to be overwritten again by the virus), there is a possibility that you could now update your virus protection files or at least run online scans. It doesn't completely fix the problem but at least it's a start. Your best practice is to attempt to get a dat update for your Virus protection and then reboot to safemode and run your virus protection in safemode. If you have configuration options available, configure your virus protection to first "clean" infected files, and as a second option "delete". In my opinion Quarantine is useless. Why would you want to leave a virus on your machine? Get rid of it from the start. Your virus protection may or may not find anything, depending on how current the virus is, and how up-to-date your anti-virus definition files are.


_____________________________
I’ve edited my Hosts file, but my virus protection still won’t run.

Many users today are running their computers on a home network. If your computer is networked with others, then you may have some easier solutions than others. One of the benefits of being networked is that you can connect to your problem machine from another unaffected computer on the network and run virus scans via the clean machine. For those of you who are experienced with networking, simply map a drive to the administrative share (c$) on the infected computer and use your virus scanner to scan the mapped drive. If you already know how to do this, then skip the next part of these instructions. If you are clueless about what I just said, read on.

Being networked allows you to share files and view files and directories between machines. Windows NT, Windows 2000 and Windows XP come with a built in “Administrative Share” for each drive you have on the machine. Here’s how to connect from one machine to another if you don’t know how. Make sure both machines are booted to Windows and you are logged in as Administrator. You will need to know the Computer Name of the infected computer. If you don’t know the name, right click My Computer and select Properties. Go to the Computer Name tab and note the Full Computer Name.

If you have disconnected your network from internet access as previously instructed, temporarily reconnect and update the virus definition files on the uninfected machine you are going to use. Then disconnect from the internet again.

Open Windows Explorer and Select Tools | Map Network Drive. In the dialog box, uncheck reconnect at next logon. Choose whatever drive letter you would like to use and in the folder section type \\machinename\c$ (Replace “machinename” with the name of your infected computer. Select the link “Connect using a different user name”. In the username box type in machinename\username (Replace “machinename” with the name of the infected computer and replace “username” with an administrative user on the infected computer). For password type in the password of the administrative user. Click OK. Click Connect. This should open an Explorer Window showing the contents of the C drive on the infected computer.

Open your virus scan program on the clean computer and run a full scan on the drive letter you chose for the mapped drive. Run the scan (if possible) choosing the option to delete infected files. This will scan the infected computer and work just as if you were running the virus scan on the machine itself. This should find any existing viruses just as if you were running it on the machine itself. Delete any virus files the scan detects.

Reboot the infected machine. Hopefully this has solved the bulk of your problems. If not (or if you are not networked and can't follow these steps) head on to part two.


_____________________________
This concludes part one of this tutorial. You’ll have to forgive me, but given time constraints it may take me a few days before I can finish part two. Hopefully this section will be enough to at least get you closer to having a working computer again. If you need additional assistance please post for help in this board.

Please feel welcome to reply with feedback on this tutorial or questions if something is not clear, and I’ll do my best to update it accordingly. Please do not post your problems in this thread. Create a new top level post to describe your problems.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • sonnyrizo
  • Graduate
  • Graduate
  • sonnyrizo
  • Posts: 159

Post 3+ Months Ago

Hey ATNO,

I really appreciate you doing things. These questions were getting out of hand.

Thanks, again.
  • pramitroy
  • Guru
  • Guru
  • pramitroy
  • Posts: 1284

Post 3+ Months Ago

One thing I experienced but that is not answered by Symantec Knowledgebase and also by this forum.
I had some malware installed few months ago.It not only disabled but damaged my taskmgr.exe file.
Task Manager would not run and the icon of the file became like that of MS-DOS application(COM) files.

I just left no popular antispy or antivirus(Norton,MSAntiSpy,CWShredder,Spybot,Ad-Aware,Sysclean), online security checks to scan both normally and in safe mode the whole system.
I posted HijackThis to 5 forums and expert sites but none found to be something running in background.

When the suspected malware was opened it disabled Norton AntiVirus and did something more. After scanning by AVG right then nothing was found and Norton repeatedly raised "internal program error" message and asked to reinstall. After a restart all got back properly but not the task manager.

Well, this is a strange incident I have ever heard. All is now normal after a clean reinstallation of XP.
But there may be something against it. Is there?
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Well, on two occasions now, I have had to reinstall Symantec afterwards in order to get it to run correctly. I have yet heard of any virus or trojan actually damaging Task Manager to where it wouldn't run because of being damaged or corrupt.

I have since writing this portion of the tute learned the registry key which controls whether task manager is enabled or disabled.

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
Value Name: DisableTaskMgr
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = default, 1 = disable Task Manager)

If the value is set to 1 Task Manager will be disabled. By returning it to it's default value of 0 it can be re-enabled (although doesn't "fix" the root cause, i.e. trojan removal). If regedit is also not working, you can make a copy of regedit.exe and rename the copy regedit.com and at a run command prompt you can type in regedit.com instead of plain old regedit and it should work.

If taskmgr.exe is damaged you should be able to simple copy it over from a good machine and replace the damaged file with a good copy.
  • pramitroy
  • Guru
  • Guru
  • pramitroy
  • Posts: 1284

Post 3+ Months Ago

I knew those and did that too. Some registry entries are available at

Kelly's Korner

But could not do anything. May I had at that time something very much unknown :!: .

I changed the name of taskmgr.exe to taskmgr.com but nothing new happened, I used to get a cmd window perhaps was going to show the task list but disappeared instantly. I copied that infected file to another directory but the same incident there.Though the idea of replacing a good copy did not come to my mind at that embarassed situation. Now I have made the back up of taskmgr,msconfig and regedit.
  • meman
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3432
  • Loc: London Town , Apples and pears and all that crap

Post 3+ Months Ago

Something that could be handy for not so experianced users is the xp_taskmgrenab utility by Doug Knox.

It does what ATNO was saying about altering the registry value to enable the task manager, but it does it for you at the click of a button.
Handy if you are not to comfortable about going into the registry and changing values.
  • pramitroy
  • Guru
  • Guru
  • pramitroy
  • Posts: 1284

Post 3+ Months Ago

Well, handy too and I am quite comfortable to go to the regedit and do that manually. I did that too and theres not much difference in that, but the event was that it did not work.
  • vain68
  • Novice
  • Novice
  • User avatar
  • Posts: 16
  • Loc: Miami, FL

Post 3+ Months Ago

Ladies and Gentz,

Seems like a very comprehensive forum here--glad to have joined up; found this stickie searching for answers to my problem. In my case, regedit won't run from the run dialog box, but if I type in "regedit.exe" it will open the editor. Furthermore, both taskmanager and msconfig do work. I did have some trojans I believe, but I modified registry as I always do to monitor startup programs and keep the startup list clean. Anybody have an idea why the prototypical regedit won't work? I have cleaned everything, run a few online scans--nothing more...like I said, msconfig and taskmanager both are operable--no other symptomatology at this time.


-V
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Right click My Computer and select Properties. Click the Advanced Tab and at the bottom of the Dialog box Select Environment Variables. Scroll down and find the variable PATHEXT. Ensure that .EXE is included, if not add it via the edit option. The default variable value should look roughly like this (give or take):
Code: [ Select ]
.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH


I can almost be certain the reason you have to type the regedit.exe is because .exe is not included in the PATHEXT environment variable.

edit//you may need to reboot for the change to take affect.
  • vain68
  • Novice
  • Novice
  • User avatar
  • Posts: 16
  • Loc: Miami, FL

Post 3+ Months Ago

ATNO/TW,

Thanks man, I did check that, but no dice; .exe is in there.....I'm open to anything and everything. As mentioned here and on other boards, the symptom is as follows:

when I type "regedit" in the run dialog box, I get the quick popup and nothing more. However, if I type "regedit.exe" the editor does appear. As with before, both task manager and msconfig are fine; additionally, dxdiag is; as are other 'run' commands.........


Perhaps a file is corrupt? I don't sense anything else is amiss with my system at this point, although this little issue will drive me up a wall.......I think this trojan? came vis a vis a Bearshare dl, but not sure; at any rate, I'll await further commentary......thanks again.

V-
  • LAbrego
  • brego from LA
  • Web Master
  • User avatar
  • Posts: 2854

Post 3+ Months Ago

Hi vain68, the reason you canopen regedit by typing "regedit.exe" and not regedit alone, is because some worms create a new file called "regedt.com" in your system (this will execute first than the .exe). Follow this instructions to remove all this files.

- Click Here to download Killbox by Option^Explicit.
- Extract the program to your desktop and double-click on its folder, then double-click on Killbox.exe to start the program.
- In the killbox program, select the Delete on Reboot option.
- Copy the file names below to the clipboard by highlighting them and pressing Control-C:
Code: [ Select ]
C:\Program Files\MsConfigs\MsConfigs.exe
C:\WINDOWS\system32\p2pnetwork.exe
C:\WINDOWS\system32\CMD.COM
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\taskmgr.com
C:\WINDOWS\system32\tracert.com
  1. C:\Program Files\MsConfigs\MsConfigs.exe
  2. C:\WINDOWS\system32\p2pnetwork.exe
  3. C:\WINDOWS\system32\CMD.COM
  4. C:\WINDOWS\system32\netstat.com
  5. C:\WINDOWS\system32\ping.com
  6. C:\WINDOWS\system32\regedit.com
  7. C:\WINDOWS\system32\tasklist.com
  8. C:\WINDOWS\system32\taskkill.com
  9. C:\WINDOWS\system32\taskmgr.com
  10. C:\WINDOWS\system32\tracert.com

- Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
- Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

After the reboot regedit should work again.
  • vain68
  • Novice
  • Novice
  • User avatar
  • Posts: 16
  • Loc: Miami, FL

Post 3+ Months Ago

Labrego,
This took care of business, I can't thank you enough; I got a few general questions as I am always trying to acquire new knowledge about all aspects of XP based systems and vulnerabilities.

1) After I got rid of the programs that loaded on startup by editing the registry, did these .com files remain as orphans left behind? The reason I ask is b/c a general windows search would not reveal these files? Also, I noted that when I pasted these files into Killbox, not every single one was in there (perhaps I could manually do one at time---but my issues is solved, I just want to be sure no traces of any of these .com files are left on board). Or on the other hand, does Killbox automatically detect which ones the system needs to delete?

2) In my search on the web, I found the worm to be one of the following (perhaps):
w32.Spybot
w32.HLLW.Cydog@mm
W32.HLLW.Kefy
Worm/Klez.h
W32.Erkez.B@mm
Worm_Mugly.I

However, aside from "moderate" threat, I couldn't get much more information....are these worms, in fact, serious problems?

Thanks again man, a pleasure to learn new things from thick brains.

Vv
  • Mortek
  • Born
  • Born
  • Mortek
  • Posts: 3

Post 3+ Months Ago

I am having trouble with this procedure. Will Killbox only let you do one file at a time. I can only paste one file in the box. Will it delete the file if it is marked archived?

Mortek
  • Mortek
  • Born
  • Born
  • Mortek
  • Posts: 3

Post 3+ Months Ago

Ok I got rid of those files and regedit works for me now. However, I have several dos based or windows based programs that access dos and they give me the same message system not suitable for running msdos or window applications. Any more ideas.

mortek
  • LAbrego
  • brego from LA
  • Web Master
  • User avatar
  • Posts: 2854

Post 3+ Months Ago

vain68 wrote:
Labrego,
This took care of business, I can't thank you enough; I got a few general questions as I am always trying to acquire new knowledge about all aspects of XP based systems and vulnerabilities.

1) After I got rid of the programs that loaded on startup by editing the registry, did these .com files remain as orphans left behind? The reason I ask is b/c a general windows search would not reveal these files? Also, I noted that when I pasted these files into Killbox, not every single one was in there (perhaps I could manually do one at time---but my issues is solved, I just want to be sure no traces of any of these .com files are left on board). Or on the other hand, does Killbox automatically detect which ones the system needs to delete?

2) In my search on the web, I found the worm to be one of the following (perhaps):
w32.Spybot
w32.HLLW.Cydog@mm
W32.HLLW.Kefy
Worm/Klez.h
W32.Erkez.B@mm
Worm_Mugly.I

However, aside from "moderate" threat, I couldn't get much more information....are these worms, in fact, serious problems?

Thanks again man, a pleasure to learn new things from thick brains.

Vv

Hi vain68, yes, those files were left orphans in your system but don't worry, if you had one of these worms it doesn't mean you have all the files there. These worms are not a "serious" problem, it'll only give you some headaches if your system starts to fail, I have seen people with this worms who never noticed them until their systems started to slow down.

Mortek wrote:
Ok I got rid of those files and regedit works for me now. However, I have several dos based or windows based programs that access dos and they give me the same message system not suitable for running msdos or window applications. Any more ideas.

Hi Mortek, it seems your problem is related with your Autoexec.net file, check this post to see if it helps:
http://www.ozzu.com/mswindows-forum/autoexec-t33891.html&hi ... utoexec+nt
  • Mortek
  • Born
  • Born
  • Mortek
  • Posts: 3

Post 3+ Months Ago

I found that info on microsofts site. I followed their instructions and all my programs are working again. My only though was that even though you can use regedit, you probably lost the autoexec.nt file also which will prevent you from using dos files. Back up and running again and happy about it.

Thanks for the help
  • Stu
  • Born
  • Born
  • Stu
  • Posts: 2

Post 3+ Months Ago

Regedit, msconfig & task manager wont open

I also found that I was unable to update my NAV definitions or even uninstall/reinstall NAV.

This is how I resolved it.

1. Bought a new HDD for £30
2. After installing windows, I installed NAV 2004 Pro, Spybot & Adaware.
3. Ran live update and updated all definitions for all programs.
4. Slaved the problem drive
5. Scanned the drive with NAV, Spybot & Adaware.
6. NAV found & removed the following viruses:
---w32.Netsky.P@mm
---w32.Mydoom.BU@mm
I can now open & use regedit, msconfig & task manager

Also I now have a spare backup drive!

Took about 3 hours in total - and most of that was installing windows & running the scans!

Hope this is some help,

Cheers,
Stu
    • Stu
    • Born
    • Born
    • Stu
    • Posts: 2

    Post 3+ Months Ago

    Oh, and I could now update my definitions too!
    • ZsaZsa
    • Born
    • Born
    • ZsaZsa
    • Posts: 2

    Post 3+ Months Ago

    Hello everyone,

    After a big headache and many hours of not sleeping, I found out that the problem resides on a worm virus called W32/Rbot-ANK.

    It places a file on C:\Windows\System named mswinsck.exe and it is hidden.

    What I did, (And really worked) was:

    1.- Created a Restore Point
    2.-Downloaded PROCESS EXPLORER freeware to see what processes were running
    (http://www.sysinternals.com/Utilities/P ... lorer.html)
    3.- Found the process “mswinsck.exe”
    4.- Killed the process and immediately was able to use Task Manager, cmd, Msconfig, regedit, etc.
    5.-I deleted the file “mswinsck.exe” located in C:\Windows\System (Remember, it is a hidden file, so set up your windows explorer)
    6.- The following registry entries are modified by the worm to execute the file at logon, so I had to delete them.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Microsoft Winsock
    mswinsck.exe

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Microsoft Winsock
    mswinsck.exe

    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    Microsoft Winsock
    mswinsck.exe

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
    Microsoft Winsock
    mswinsck.exe

    HKCU\SYSTEM\CurrentControlSet\Control\Lsa
    Microsoft Winsock
    mswinsck.exe

    HKLM\SYSTEM\CurrentControlSet\Control\Lsa
    Microsoft Winsock
    mswinsck.exe

    HKCU\Software\Microsoft\OLE
    Microsoft Winsock
    mswinsck.exe

    HKLM\SOFTWARE\Microsoft\Ole
    Microsoft Winsock

    8.- I rebooted and my computer seems to work fine.

    9.- Scanned the computer, no virus or spyware found

    I hope this information is useful for you

    Take care

    ZsaZsa
    • ZsaZsa
    • Born
    • Born
    • ZsaZsa
    • Posts: 2

    Post 3+ Months Ago

    Hello again,

    I forgot to tell you that the worm modifies your HOSTS file and you won't be able to access some webpages related to security (i.e. symantec, panda, f-serve, trend micro, etc.)

    To resolve this issue do the following:

    1.- Open your windows explorer and go to c:\windows\system32\drivers\etc
    2.- Backup the file "hosts" it does not have an extention
    3.- Open the file hosts with your notepad
    4.- Don't delete the line 127.0.0.1 localhost
    5.- Delete every line after the 127.0.0.1 (including the 127.0.0.1) that has addresses you want to access.

    That's it

    Hope you find it useful

    ZsaZsa
    • pramitroy
    • Guru
    • Guru
    • pramitroy
    • Posts: 1284

    Post 3+ Months Ago

    It is also suggested to introduce entries after 127.0.0.1 but that is to get rid of web ads so I don't find that necessary to post in this topic.

    http://www.mvps.org/winhelp2002/hosts.htm

    Hosts file will be like this
    http://www.mvps.org/winhelp2002/hosts.txt

    http://www.everythingisnt.com/hosts.html
    • lucaskk
    • Novice
    • Novice
    • lucaskk
    • Posts: 16

    Post 3+ Months Ago

    someone tell me how to use the killbox because i press paste from clipboard and nothing happen...someone can explain me here how you got it.



    sorry for my bad english xD

    thanks
    • pramitroy
    • Guru
    • Guru
    • pramitroy
    • Posts: 1284

    Post 3+ Months Ago

    What do you try to paste there? You can't copy a file and paste in the box. You have to give the full file path there. Like if you have a file file.txt in C:\folder1\folder2 directory you have to type there C:\folder1\folder2\file.txt. You can copy-paste only when you have this file-path written anywhere.
    After giving the file path press the red button that looks like 'stop' in the browser, to delete that file. If Killbox is not able to kill that at that instant it will ask whether to delete the file at next reboot during startup so that the process that is blocking that to be deleted cannot start before deletion attempt.
    • delig8dor
    • Newbie
    • Newbie
    • delig8dor
    • Posts: 7
    • Loc: S. California

    Post 3+ Months Ago

    KILLDISK?

    If I kill my regedit, does windows autimatically repair or rebuild it?

    Do I paste the list of files from the previous posts >>> as follows, do I need to kill all these files if I am only having trouble with regedit?

    C:\Program Files\MsConfigs\MsConfigs.exe
    C:\WINDOWS\system32\p2pnetwork.exe
    C:\WINDOWS\system32\CMD.COM
    C:\WINDOWS\system32\netstat.com
    C:\WINDOWS\system32\ping.com
    C:\WINDOWS\system32\regedit.com
    C:\WINDOWS\system32\tasklist.com
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\taskmgr.com
    C:\WINDOWS\system32\tracert.com
    • delig8dor
    • Newbie
    • Newbie
    • delig8dor
    • Posts: 7
    • Loc: S. California

    Post 3+ Months Ago

    NOVIce here with the regedit won't start problem. virus. Now cleaned. 2 x full scan came clean. but damage to registry done.

    question I download Killbox and kill the list you sent

    C:\Program Files\MsConfigs\MsConfigs.exe
    C:\WINDOWS\system32\p2pnetwork.exe
    C:\WINDOWS\system32\CMD.COM
    C:\WINDOWS\system32\netstat.com
    C:\WINDOWS\system32\ping.com
    C:\WINDOWS\system32\regedit.com
    C:\WINDOWS\system32\tasklist.com
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\taskmgr.com
    C:\WINDOWS\system32\tracert.com

    ..... does windows reinstall or repair those files when I reboot.
    I appreciate the help. ty.
    • grinch2171
    • Moderator
    • Genius
    • User avatar
    • Posts: 6807
    • Loc: Martinsburg, WV

    Post 3+ Months Ago

    delig8dor wrote:
    NOVIce here with the regedit won't start problem. virus. Now cleaned. 2 x full scan came clean. but damage to registry done.

    question I download Killbox and kill the list you sent

    C:\Program Files\MsConfigs\MsConfigs.exe
    C:\WINDOWS\system32\p2pnetwork.exe
    C:\WINDOWS\system32\CMD.COM
    C:\WINDOWS\system32\netstat.com
    C:\WINDOWS\system32\ping.com
    C:\WINDOWS\system32\regedit.com
    C:\WINDOWS\system32\tasklist.com
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\taskmgr.com
    C:\WINDOWS\system32\tracert.com

    ..... does windows reinstall or repair those files when I reboot.
    I appreciate the help. ty.


    What damage has been done to your registry? If your registry is that damaged you will probably be better off formatting and re-installing Windows. Windows, to my knowledge, does not repair the registry automatically.
    • KayGreen
    • Beginner
    • Beginner
    • KayGreen
    • Posts: 50
    • Loc: UK

    Post 3+ Months Ago

    I hope this is the right place to post this question - please jump over it if it isn't. I was reading that bit about Norton up there, so...
    I've had something messing up my computer, which was stopping me accessing merchant sites. I downloaded spybot to clear it, but it made me realise I don't understand my security systems (windows and Norton). Now, when I go online, windows security pops up and tells me Norton's switched off - which it doesn't appear to be, or sometimes windows pops up with its own firewall or virus detection switched off. I goes to switch them on again, but in the panel, they say they are on. What's 'appening?
    • rohan_sh20
    • Born
    • Born
    • rohan_sh20
    • Posts: 1

    Post 3+ Months Ago

    I am not able to run the task manager.NAV says i have no virus please help !
    • facattack
    • Born
    • Born
    • facattack
    • Posts: 1

    Post 3+ Months Ago

    I'm having the same problem. I had a dell tech do a bunch of stuff and he couldn't figure out why the taskmgr wouldn't load.

    There's one in C:\windows\system32 that does nothing but say it is already being used even though it isn't.

    He made a new one, but the taskmanager won't load when I hit CTRL ALT DELETE.

    Any idea what the problem could be? He said there was a virus. :(
    I'm downloading the updates to Stopzilla 4.4 right now.
    • genie_pie
    • Born
    • Born
    • genie_pie
    • Posts: 3

    Post 3+ Months Ago

    Hello guys.

    I need help please. Can you please tell me how to easily enable the "Run" option in my Windows XP. I just had a virus and I have already cleaned it and everything but the Run Option disappeared from the Start button. I do hope you can give me clear procedure or a tool will be great.

    Thanks.
    • Anonymous
    • Bot
    • No Avatar
    • Posts: ?
    • Loc: Ozzuland
    • Status: Online

    Post 3+ Months Ago

    Post Information

    • Total Posts in this topic: 43 posts
    • Moderator: Tutorial Writers
    • Users browsing this forum: No registered users and 3 guests
    • You cannot post new topics in this forum
    • You cannot reply to topics in this forum
    • You cannot edit your posts in this forum
    • You cannot delete your posts in this forum
    • You cannot post attachments in this forum
     
     

    © 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.