1

Had a nasty virus. Got a trojan through a patch to a game I have played a lot (world of tanks). The trojan was named Win32: Patched-ZX. Which opened up for several rootkit(according to AV) and 3 worms (forgot name).

Got them all deleted but ever since then my task manager won't start. when I press ctrl+alt+del and select task manager it shows up as a icon in my small taskbar in lower right corner but nothing opens. after a few seconds it closes down and dissapers. Same thing is happening to my CCC (going to reinstall that one though) and my desktop window manager keeps crashing.

What can I do to make task manager and desktop window manager work again?

Saphyron
  • 13
  • 1
  • 3
  • 1
    If your OS still act weird after seemingly removing a root kit then it is time to read this post: [How do I get rid of malicious spyware, malware, viruses or rootkits from my PC?](http://superuser.com/questions/100360/how-do-i-get-rid-of-malicious-spyware-malware-viruses-or-rootkits-from-my-pc). (or skip it and **never** use that PC for anything important. E.g. no telebanking, never buy anything from amazon with a credit card. Etc etc) – Hennes Jul 28 '13 at 17:16
  • I did the chdsk or whatever it was called. ill try reboot and run a boot scan and a new one of that. if it does not work ill just reformat everythign and keep the important parts. – Saphyron Jul 28 '13 at 17:24
  • "Format"... the problem is within your registry and/or User/Group policy. You can try using Sysinternals Process Explorer. Also, your backups could be infected too! Check them before doing anything! – Braiam Jul 28 '13 at 17:27
  • I will just be backupping important documents and family photos which ill scan before putting onto a couple of flash disk – Saphyron Jul 28 '13 at 17:34
  • Until you manage to get Task Manager back, bear in mind that you can always just use the command-line tools: tasklist & taskkill as a replacement. – Samie Bencherif Jul 29 '13 at 01:40

3 Answers3

3

Run regedit.exe go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options and delete the key taskmgr.exe. Malware can create a key debugger and redirect the calls to a different tool.

magicandre1981
  • 97,301
  • 30
  • 179
  • 245
1

I would open a Command Prompt window, and run sfc /scannow, and see if that repairs your damaged task manager files (it might even repair some other damaged files in the process)!

TSJNachos117
  • 321
  • 3
  • 10
0

I'm not totally trustful of these anti virus removal programs. They do a pretty good job but the virus writers are sometimes a lot smarter.

If this system is critical, important and needs a high level of integrity, I'd be cracking out the Install disks for Windows and reinstalling the entire thing. THEN, using the fine backups that I have been keeping restore necessary files.

mdpc
  • 4,429
  • 9
  • 28
  • 36
  • That is basically what I am going to do. 20gb important files just take a while to get onto an old flash disk. which max speed is 2mb/s. At least the format I have plenty of experience with just sucks I have to go through it again when I just wanted to play a game. – Saphyron Jul 28 '13 at 18:15