semmelbroesel
Member
Hi.
I spent about 30 minutes researching this, but everything so far turned out to be a bust for my case here.
A friend's computer running Vista 32bit had a seemingly minor infection (some fake antivirus program). Using HiJackThis, SilentRunners and Spybot, I removed the infection. I tried installing AVG Antivirus Free, but the installation failed, both for version 2011 and version 9, so I installed Clam Win which installed, updated and scanned normally. The AVG installers failing could be a sign of another problem, but my main concern is that Task Manager won't open. There is no error message - just a short rattling of the hard drive as it opens the file, then nothing.
I tried CTRL-SHIFT-ESC, CTRL-ALT-DELETE, right-click on Taskbar and select Task Manager, double-click Taskgmr.exe from system32 folder and even double-clicking a version of Taskmgr.exe downloaded from a forum that supposedly helped others. I also could not rename or overwrite Taskmgr.exe with the downloaded copy, but that could be a Windows safety precaution.
I found all the recommendations for the usual suspects in the Registry, e.g. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System (the folder System did not exist).
For a list of them, try here: http://forums.orumph.com/viewtopic.php?f=6&t=11 - I did not download and use the file in that post but made the changes manually.
FYI, I had to run Command Prompt as Administrator for the registry changes to stick, still nothing, even after a restart.
The only three things I have not tried are System Restore (it would likely bring back the virus), sfc /scannow (didn't have time today nor the disc handy) or re-install. I would like to avoid either of those if I can, unless my friend can find the Vista CD in which case I'd try sfc.
I tried Process Explorer and searched for "taskmgr" in the hopes that some background task was still running and blocking it, but no such luck.
I also did not have the time to run Spybot in Safe Mode as I usually do when I take a computer with me to the office, but I let it run automatically on Windows restart.
So the question is: If a supposedly clean copy of Taskmgr.exe cannot even run from a different folder, what else could possibly block it?
Any other thoughts?
FYI, being that this is not my computer and that I do not have easy physical access to it, I cannot attach any logs for now, but maybe in a few days if I see any ideas that look promising. I have been working in Tech Support (especially virus removal) for over 5 years, so I'm no beginner, so hit me with whatever you think might work :-)
Thanks!
I spent about 30 minutes researching this, but everything so far turned out to be a bust for my case here.
A friend's computer running Vista 32bit had a seemingly minor infection (some fake antivirus program). Using HiJackThis, SilentRunners and Spybot, I removed the infection. I tried installing AVG Antivirus Free, but the installation failed, both for version 2011 and version 9, so I installed Clam Win which installed, updated and scanned normally. The AVG installers failing could be a sign of another problem, but my main concern is that Task Manager won't open. There is no error message - just a short rattling of the hard drive as it opens the file, then nothing.
I tried CTRL-SHIFT-ESC, CTRL-ALT-DELETE, right-click on Taskbar and select Task Manager, double-click Taskgmr.exe from system32 folder and even double-clicking a version of Taskmgr.exe downloaded from a forum that supposedly helped others. I also could not rename or overwrite Taskmgr.exe with the downloaded copy, but that could be a Windows safety precaution.
I found all the recommendations for the usual suspects in the Registry, e.g. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System (the folder System did not exist).
For a list of them, try here: http://forums.orumph.com/viewtopic.php?f=6&t=11 - I did not download and use the file in that post but made the changes manually.
FYI, I had to run Command Prompt as Administrator for the registry changes to stick, still nothing, even after a restart.
The only three things I have not tried are System Restore (it would likely bring back the virus), sfc /scannow (didn't have time today nor the disc handy) or re-install. I would like to avoid either of those if I can, unless my friend can find the Vista CD in which case I'd try sfc.
I tried Process Explorer and searched for "taskmgr" in the hopes that some background task was still running and blocking it, but no such luck.
I also did not have the time to run Spybot in Safe Mode as I usually do when I take a computer with me to the office, but I let it run automatically on Windows restart.
So the question is: If a supposedly clean copy of Taskmgr.exe cannot even run from a different folder, what else could possibly block it?
Any other thoughts?
FYI, being that this is not my computer and that I do not have easy physical access to it, I cannot attach any logs for now, but maybe in a few days if I see any ideas that look promising. I have been working in Tech Support (especially virus removal) for over 5 years, so I'm no beginner, so hit me with whatever you think might work :-)
Thanks!
