Device Manager, Task Manager, or any other mgmt tool not displayin

G

Guest

No system tool is displaying (yes, I am the computer admin). Actually, I run
the program and it flashes for a second and then it goes away. This happens
with, Device manager, Task Manager, MSCONFIG, you name it. The icons in the
system tray do not appear even though they are all set to "always display".
Regedit does not even display. Which settings have I hosed?

I recently had to format my HD and reinstall my OS. Did I take the wrong CD
off the shelf? (I have three computers)
 
W

Wesley Vogel

[[When you open System Configuration Utility [MSCONFIG], Registry Editor or
Task Manager, they flash for a second and quit. This symptom is caused by
Viruses.]]

Task Manager, MSCONFIG, or REGEDIT disappear while opening
http://www.mvps.org/sramesh2k/ToolsQuit.htm


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
G

Guest

Wes,

I scanned using Norton (updated viruses) and Spy Speeper, rebooting in
between sweeps.

No viruses and no no adware found.

Any other hints?

Bryan

Wesley Vogel said:
[[When you open System Configuration Utility [MSCONFIG], Registry Editor or
Task Manager, they flash for a second and quit. This symptom is caused by
Viruses.]]

Task Manager, MSCONFIG, or REGEDIT disappear while opening
http://www.mvps.org/sramesh2k/ToolsQuit.htm


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
Bryan said:
No system tool is displaying (yes, I am the computer admin).
Actually, I run the program and it flashes for a second and then it
goes away. This happens with, Device manager, Task Manager,
MSCONFIG, you name it. The icons in the system tray do not appear
even though they are all set to "always display". Regedit does not
even display. Which settings have I hosed?

I recently had to format my HD and reinstall my OS. Did I take the
wrong CD off the shelf? (I have three computers)
Click to expand...
Click to expand...
 
R

Ramesh, MS-MVP

Bryan,

With the type and severity of malware emerging these days, you need to use
all of these three software (atleast):

1. Ad-Aware
http://www.lavasoftusa.com

2. SpyBot S&D
http://www.safer-networking.org

3. CWShredder
http://www.intermute.com/spysubtract/cwshredder_download.html

** Update 1 & 2 before running a scan **

Clean-up Windows Startup
http://windowsxp.mvps.org/startup.htm

Then, run a full system virus scan: (RAV is proving good)
http://windowsxp.mvps.org/scanners.htm

If nothing helps, download HijackThis from
http://www.spywareinfo.com/~merijn/ Generate a log using HijackThis and
visit any of these forums below to post your HijackThis log. The experts
there will guide you how to remove the spyware from your system:

http://aumha.net
http://forums.spywareinfo.com

--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://windowsxp.mvps.org


Bryan said:
Wes,

I scanned using Norton (updated viruses) and Spy Speeper, rebooting in
between sweeps.

No viruses and no no adware found.

Any other hints?

Bryan

Wesley Vogel said:
[[When you open System Configuration Utility [MSCONFIG], Registry Editor
or
Task Manager, they flash for a second and quit. This symptom is caused by
Viruses.]]

Task Manager, MSCONFIG, or REGEDIT disappear while opening
http://www.mvps.org/sramesh2k/ToolsQuit.htm


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
Bryan said:
No system tool is displaying (yes, I am the computer admin).
Actually, I run the program and it flashes for a second and then it
goes away. This happens with, Device manager, Task Manager,
MSCONFIG, you name it. The icons in the system tray do not appear
even though they are all set to "always display". Regedit does not
even display. Which settings have I hosed?

I recently had to format my HD and reinstall my OS. Did I take the
wrong CD off the shelf? (I have three computers)
Click to expand...
Click to expand...
Click to expand...
 
G

Guest

Here is my Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 5:46:27 PM, on 2/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Hijack This\HijackThis.exe

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft
Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common
Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft
Money\System\Activation.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [Microsoft Instant Messenger] MSNGMSNGR32.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH -
C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany
- C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec
Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

I used AntiVir Guard, WebRoot Spy Sweeper and Hijack This. Rebooting after
each sweep.

Please tell me if you see anything out of the ordinary.

Thank you,
Bryan

Ramesh said:
Bryan,

With the type and severity of malware emerging these days, you need to use
all of these three software (atleast):

1. Ad-Aware
http://www.lavasoftusa.com

2. SpyBot S&D
http://www.safer-networking.org

3. CWShredder
http://www.intermute.com/spysubtract/cwshredder_download.html

** Update 1 & 2 before running a scan **

Clean-up Windows Startup
http://windowsxp.mvps.org/startup.htm

Then, run a full system virus scan: (RAV is proving good)
http://windowsxp.mvps.org/scanners.htm

If nothing helps, download HijackThis from
http://www.spywareinfo.com/~merijn/ Generate a log using HijackThis and
visit any of these forums below to post your HijackThis log. The experts
there will guide you how to remove the spyware from your system:

http://aumha.net
http://forums.spywareinfo.com

--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://windowsxp.mvps.org


Bryan said:
Wes,

I scanned using Norton (updated viruses) and Spy Speeper, rebooting in
between sweeps.

No viruses and no no adware found.

Any other hints?

Bryan

Wesley Vogel said:
[[When you open System Configuration Utility [MSCONFIG], Registry Editor
or
Task Manager, they flash for a second and quit. This symptom is caused by
Viruses.]]

Task Manager, MSCONFIG, or REGEDIT disappear while opening
http://www.mvps.org/sramesh2k/ToolsQuit.htm


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In Bryan <[email protected]> hunted and pecked:
No system tool is displaying (yes, I am the computer admin).
Actually, I run the program and it flashes for a second and then it
goes away. This happens with, Device manager, Task Manager,
MSCONFIG, you name it. The icons in the system tray do not appear
even though they are all set to "always display". Regedit does not
even display. Which settings have I hosed?

I recently had to format my HD and reinstall my OS. Did I take the
wrong CD off the shelf? (I have three computers)
Click to expand...
Click to expand...
Click to expand...
 
R

Ramesh, MS-MVP

Bryan,
Visit any of these forums below to post your HijackThis log. The experts
there will guide you how to remove the spyware from your system:

http://aumha.net
http://forums.spywareinfo.com

--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://windowsxp.mvps.org


Bryan said:
Here is my Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 5:46:27 PM, on 2/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Hijack This\HijackThis.exe

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft
Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program
Files\Common
Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft
Money\System\Activation.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [Microsoft Instant Messenger] MSNGMSNGR32.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik
GmbH -
C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH,
Germany
- C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec
Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

I used AntiVir Guard, WebRoot Spy Sweeper and Hijack This. Rebooting
after
each sweep.

Please tell me if you see anything out of the ordinary.

Thank you,
Bryan

Ramesh said:
Bryan,

With the type and severity of malware emerging these days, you need to
use
all of these three software (atleast):

1. Ad-Aware
http://www.lavasoftusa.com

2. SpyBot S&D
http://www.safer-networking.org

3. CWShredder
http://www.intermute.com/spysubtract/cwshredder_download.html

** Update 1 & 2 before running a scan **

Clean-up Windows Startup
http://windowsxp.mvps.org/startup.htm

Then, run a full system virus scan: (RAV is proving good)
http://windowsxp.mvps.org/scanners.htm

If nothing helps, download HijackThis from
http://www.spywareinfo.com/~merijn/ Generate a log using HijackThis and
visit any of these forums below to post your HijackThis log. The experts
there will guide you how to remove the spyware from your system:

http://aumha.net
http://forums.spywareinfo.com

--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://windowsxp.mvps.org


Bryan said:
Wes,

I scanned using Norton (updated viruses) and Spy Speeper, rebooting in
between sweeps.

No viruses and no no adware found.

Any other hints?

Bryan

:

[[When you open System Configuration Utility [MSCONFIG], Registry
Editor
or
Task Manager, they flash for a second and quit. This symptom is caused
by
Viruses.]]

Task Manager, MSCONFIG, or REGEDIT disappear while opening
http://www.mvps.org/sramesh2k/ToolsQuit.htm


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In Bryan <[email protected]> hunted and pecked:
No system tool is displaying (yes, I am the computer admin).
Actually, I run the program and it flashes for a second and then it
goes away. This happens with, Device manager, Task Manager,
MSCONFIG, you name it. The icons in the system tray do not appear
even though they are all set to "always display". Regedit does not
even display. Which settings have I hosed?

I recently had to format my HD and reinstall my OS. Did I take the
wrong CD off the shelf? (I have three computers)
Click to expand...
Click to expand...
Click to expand...
 
B

Bill

Bryan, I had the same problem just the other day. It turned out to be
some nasty spyware masquerading as Microsoft instant messenger.

The rogue process was MSNGMSNGR32.EXE. From the looks of your Hijack
This log, it looks like you might have the same problem.

I had to download some third party tools that the little bug wasn't
monitoring (and killing) to see the process and kill it. Probably any
appropriate tool will work, I found a process list tool and a process
kill tool for free at:
http://www.sysinternals.com/ntw2k/freeware/pstools.shtml.

Only after I killed the process, could I remove it from the startup
locations in the registry. Otherwise the process just put itself back
into one of the startup locations in the registry.

I had to kill the process, remove any referencing registry entries, and
delete the file.

Hope this helps,

Bill
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Device Manager is empty help populate 5
Device Manager damaged? 2
Non existent USB devices appearing in device manager and safely re 1
Task manager, display CPU percent bar in system tray 3
Cannot open any Administrative Tools 3
task manager question 4
windows task manager, msconfig and regedit 8
I have to kill the process in task manager to exit Outlook. Why? 4

Top