Task Manager does not open!

Status
Not open for further replies.

krazzy

Techtree Reviewer
My Task Manager does not open. Well actually it does but soon after a second it closes all by itself. It just doesn't stay open. I had a virus after which this problem started. I deleted it with Avast! But the problem persists. Any solution?
 

ray|raven

Think Zen.
Looks like you still got the virus dude.
Get a HijackThis log ready and maybe somebody can trace it for you.
 

ashu888ashu888

Core i7 (nehalem) Owner
^^
How can i make a Hijack this log?? plz giv a simple procedure, as never tried it,

coz i too face with the same problem and hv avast as my AV (wich seems to removed the virus) but still the problem persists... :(

Cheers n e-peace...
 
V

vaibhavtek

Guest
download Hijackthis :- *www.filehippo.com/download_hijackthis/

Then make a log file and then post the log file here *www.thinkdigit.com/forum/showthread.php?t=81107 i and vishal gupta will try to help u...!!!
 

ashu888ashu888

Core i7 (nehalem) Owner
^^

Thanx very much for the link, here is my Log file.. plz try and help me.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:52:05 PM, on 2/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\aswUpdSv.exe
T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\ntdetec1\shell32.exe
C:\ntdetec1\cmrss.exe
C:\WINDOWS\system32\spoolsv.exe
C:\ntdetec1\ntdetec1.exe
T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Distillr\Acrotray.exe
T:\PERSON~1\AVASTP~1.104\ashDisp.exe
T:\PERSONAL COMPUTER\NERO 7\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
T:\PERSONAL COMPUTER\NERO 7\Nero 7\InCD\InCD.exe
C:\WINDOWS\system32\PnkBstrA.exe
T:\PERSONAL COMPUTER\HDD Health\hddhealth.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
T:\PERSONAL COMPUTER\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Common Files\Sonic Shared\cinetray.exe
T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\ashMaiSv.exe
T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
T:\PERSONAL COMPUTER\HIJACK THIS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] T:\PERSONAL COMPUTER\NOKIA PC SUITE\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [avast!] T:\PERSON~1\AVASTP~1.104\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] T:\PERSONAL COMPUTER\NERO 7\Nero 7\InCD\InCD.exe
O4 - HKCU\..\Run: [HDDHealth] T:\PERSONAL COMPUTER\HDD Health\hddhealth.exe -wl
O4 - HKCU\..\Run: [AWMON] "T:\PERSONAL COMPUTER\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Policies\Explorer\Run: [winlogon] C:\ntdetec1\run.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] T:\PERSONAL COMPUTER\NOKIA PC SUITE\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] T:\PERSONAL COMPUTER\NOKIA PC SUITE\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://T:\PERSONAL COMPUTER\ADOBE\ACROBAT PROFESSIONAL 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - *www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - *www.yougamers.com/systeminfo/MSC3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D7BF011-69A9-4162-BAA5-DB1AAC3FB935}: NameServer = 203.94.227.70,203.94.243.70
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - T:\PERSONAL COMPUTER\Avast Professional ver.4.7.1043\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - T:\PERSONAL COMPUTER\NERO 7\Nero 7\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 8448 bytes

Cheers n e-peace...
 

ico

Super Moderator
Staff member
My Task Manager does not open. Well actually it does but soon after a second it closes all by itself. It just doesn't stay open. I had a virus after which this problem started. I deleted it with Avast! But the problem persists. Any solution?
Yes, it is due to worm. I guess it is still left in your computer. If I'm right, all the computers infected with this *vil.nai.com/vil/content/v_142233.htm worm had this problem.

It was detected by NOD32 in the school computers and I suggest you to download NOD32 or Kaspersky trial and have a scan.

Do post your HijackThis log.........
-----------------------------------

@ashu888ashu888

I analyzed your log and I am finding these to be suspicious.....

C:\ntdetec1\shell32.exe
C:\ntdetec1\cmrss.exe
C:\ntdetec1\ntdetec1.exe
O4 - HKLM\..\Policies\Explorer\Run: [winlogon] C:\ntdetec1\run.exe

Remove them using HijackThis and delete the related files manually and also have a scan from NOD32 or Kaspersky.....
 
Last edited:
OP
krazzy

krazzy

Techtree Reviewer
Here is my log file:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:41:36 PM, on 2/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\ntdetec1\shell32.exe
C:\ntdetec1\cmrss.exe
C:\ntdetec1\ntdetec1.exe
D:\Program Files\Styler\Styler.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Prasad N\My Documents\Bluetooth Exchange Folder\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = *go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = *go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = *go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = *go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - D:\Program Files\IEPro\iepro.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Vistadrv] C:\Documents and Settings\Prasad N\My Documents\Vista_Drive_Status\Vista Drive Status\vsdrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Policies\Explorer\Run: [winlogon] C:\ntdetec1\run.exe
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

--
End of file - 5076 bytes
 

ico

Super Moderator
Staff member
^^ Lol......

You are also having the same problem.....

C:\ntdetec1\shell32.exe
C:\ntdetec1\cmrss.exe
C:\ntdetec1\ntdetec1.exe
O4 - HKLM\..\Policies\Explorer\Run: [winlogon] C:\ntdetec1\run.exe

Anyhow have a look here: *www.greatis.com/appdata/d/n/ntdetec1.exe.htm

Scan your PC from NOD32 or Kaspersky........
 
V

vaibhavtek

Guest
@ ashu888ashu888 and krazyfrog

Gagandeep has suggested u good, even I would suggest u that...!!!
vbmenu_register("postmenu_762638", true);
vbmenu_register("postmenu_762592", true);

Guys having problem on there system goes here because this thread is for Task Manager problem and this thread is going offtopic.

All Guys just go here..!!
 
Last edited by a moderator:
OP
krazzy

krazzy

Techtree Reviewer
Thanks everyone for your help.

@gagandeep I'll try your suggestion and will post what happened. Thanks.

@ashu888ashu888 you HijackThis-ed my thread:D.
 

chandru_skc

Software Engine
sisya simply install quick heal 9.0 trial if u r not interested in all the above procedure... yes i did it too...
 

Pathik

Google Bot
Try to analyse your HT logs yourself or get it auto analysed here : *www.hijackthis.de/
If the problem persists, then create a topic.
 
V

vaibhavtek

Guest
Try to analyse your HT logs yourself or get it auto analysed here : *www.hijackthis.de/
If the problem persists, then create a topic.

A few ppl think that it might be auto analyzed at hijackthis site but I never advise it cause the results are not accurate. They are just based on the older results. Its always better to manually analyze it and fix the required entries.

*www.thinkdigit.com/forum/showthread.php?p=758798#post758798

But u can post ur log file here:- HijackThis - Post ur log file
 
Last edited by a moderator:
Status
Not open for further replies.
Top Bottom