Please forgive if I've missed an earlier part of this thread. What happens if you:
1) Copy taskmgr.exe from a known-good computer onto your machine and run it manually from the command line with the entire path specified? 2) Run the copy in %windir%\system32 manually from the command line with the entire path specified? My workstation is XP SP3 and the MD5 sum of taskmgr.exe is 2cd1c3506a85b38e2d17e61aded175c4. It has a create date of February 28, 2006, 8:00:00 AM. From: [email protected] [mailto:[email protected]] Sent: Wednesday, September 09, 2009 8:47 AM To: NT System Admin Issues Subject: Re: Can't run TaskManager Thanks... I've checked the other symptoms. All "pass", except for not being able to run TaskMgr.exe. The CLI app "TaskList.exe" runs fine, as does the ability to lock the screen, change password, run Windows Update, turn IE tool bars on-and-off, etc. I have now booted into Safe Mode (I ran across a root kit that prevented that recently) and am running a full MBytes scan in Safe Mode. Again, I am _not_ finding any of the registry settings which have been reported elswhere. "Angus Scott-Fleming" <[email protected]> wrote on 09/08/2009 06:00:06 PM: > On 8 Sep 2009 at 10:42, [email protected] wrote: > > > I still cannot run Task Manager on this machine - either by right- clicking > > the task bar and selecting it, or by Ctrl-Alt-Del and clicking the Task > > Manager button. > > > > SO, I go to the machine and run "taskmgr.exe".To that I get a response > > - the file is not there. > > > > Any ideas as to what could have whacked that file? Thanks! -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 [email protected] P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org <http://www.aspca.org/> The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. > > Virus/Trojan. I *_know_* I was reading something about this exact problem in > the last few days, but I can't find it. Wait, found it in my history .... > Here's what I remember reading: > > Computer Security Research - McAfee Avert Labs Blog > http://www.avertlabs.com/research/blog/index.php/2009/09/01/task-manager- > still-working-can-you-change-your-windows-password/ > or here if the above wraps unusably: http://preview.tinyurl.com/mbxlkt > > Original blog, published September 1: > > We´ve heard about malware that reduce a computer´s state of security. > These malware might, for instance, disable your access to the > registry, lower Internet Explorer´s security configuration, delete > system files, or manipulate the system´s DNS settings. Each of these > steps exposes the victim to graver malware infections or system > compromise. > > Yesterday we ran into a Trojan that weakens the victim system´s > security by making registry changes. The malware disables Task > Manager, Windows Update, and toolbars in Internet Explorer. Further, > it does not let you lock your machine or change your password. > > Anyway, I'd re-image the box. If you want to try to clean, or to figure out > what it is, get Process Explorer from Sysinternals, it's a Better TaskMgr and > probably won't be blocked like TaskMgr.exe is. > > HTH, let us know ... > > -- > Angus Scott-Fleming > GeoApps, Tucson, Arizona > 1-520-290-5038 > +-----------------------------------+ > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
