Task manager opens and immediately closes

C

carl fussell

When I start the taskmanager (by any means), it opens and
then perhaps a second later closes again. It does not
exhibit this behavior in "safe" mode. Related, running
regedit from a command prompt window has just started
doing the same thing too, i.e. opens and immediatedly
closes.

Anyone seen anything like this or have any suggestions?

The computer runs ok other than this (as far as I have
observed.)

Thanks.

Carl

(e-mail address removed)
 
B

Brad

OK I've tried that link, to no avail. I'm wondering whether
to add the registry entry in safe mode, then doing a resrart?
Thanks.
 
J

JamesS

I am having this same problem after the appearence of a
strange tftp file during start up. I am assuming this is
a variant of the msblaster worm but I can't find any
trace of it in system32 folder or in registry.
 
C

carl fussell

I found out what's causing it sort of... It is some
form of virus/worm, unrelated I think to blaster. Look
in the Windows and its subdirs (system32, etc.) for
hidden files with generated filenames (such as QWSDRT,
etc.) It stuffs multiples of these critters in them,
hides them, and modifies the registry (run, runonce,
etc.) Just when you thin you've gotten rid of 'um, it's
back.

You can make a copy of taskmgr.exe (call it anything
else) and that will run so you will see this sucker
running in the process list. It is specifically looking
for taskmgr, regedit, etc. and kills it when it sees it.
That at least gives a workaround to try and manually
clean out this little beastie.

caf.
 
S

Sam

Wow, this worm is pretty crazy. It added WSDRIVER.EXE to
my Registry. This was the process I killed by opening
Taskmanager (after renaming it to another file you
suggested - awesome, it worked, thanks!!). In the
registry, it was under Current Version - Run & RunOnce
(under WINSOCK DRIVER). Killing this process from task
manager & the registry allowed me to open REGEDIT.EXE and
TASKMGR.EXE normally without having to rename them. The
worm also added TFTPxxx to my startup which I also
removed. Thanks for your suggestions; looks like I'm all
set. Funny thing is, these files aren't even viruses,
according to the scan I did with the latest virus
definitions. No more disappearing Regedit & Task Manager
when I open it! Thanks man!
-Sam
 
D

Doug Knox MS-MVP

They're new variants of either Nimda, or Spybot, as far as we can determine,
and the AV Scanners aren't catching them yet.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Internet Eplorer opens then closes immediately after Adobe 8.0install?? 3
Task Manager 1
AMD64.exe - closes Task Manager, Regedit, Msconfig immediately 7
Cant Access task Manager 2
msconfig and task manager 2
Task Manager Closes without reason 3
Task Manager 3
Unable to open task mgr regedit msconfig 4

Top