Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

task manager seems to be disabled 3

Status
Not open for further replies.
scroce

scroce

MIS
Nov 30, 2000
780
US
I have a win 2k professional user on my network who's task manager is eerily disabled. If you ctrl-alt-del, and choose task manager, it doesn't say anything, it just disappears.

I checked with our central IS, and they said that there should be no policy that prevents the user from being able to view task manager.

Does anyone know where I could look to find a local option that controls this?

I am a nobody, and nobody is perfect; therefore, I am perfect.
 
Sort by date Sort by votes
I was up 'til 3pm last night applying bcastner's suggestion, and what an incredible resource! After using six different virus scans, each one finding viruses the others didn't, the problem was solved. I didn't stay awake long enough to remove psexesvc.exe, but nonetheless made incredible progress. I installed AVG anti-virus to watch over my system while I slept.

This morning I woke up to the same symptoms, so I'm starting over, but perhaps I need a router as I have a cable connection to the internet? I understand there are software routers -- any suggestions?

I'll keep you all posted as to my progress this afternoon in restoring my system's health.
 
Upvote 0 Downvote
3am, that is, and are there any opinions regarding buying and using many anti-virus programs on one computer?
 
Upvote 0 Downvote
so which one of those scanners solved your problem? sounds like your computer got re-infected after that, since the problem came back?

also, could you clarify your reference to psexesvc.exe - (it doesn't sound like anything good - i'm guessing it's malware)

I am a nobody, and nobody is perfect; therefore, I am perfect.
 
Upvote 0 Downvote
Hi scroce -- not sure which scan solved my problem since I just plowed through the list, then checked to see if I could access regedit and Task Manager w/out them disappearing. I'll pay more attention this time 'round and report back.

psexesvc.exe is one of the nasties that appeared while scanning with Ad-aware -- a Trojan? I'm not sure of the correct words to use, but it is running, so I can't outright delete it. When I come across something like this, I usually google it and read what comes up and try different things to remove it, but I think in this case Ad-aware quarantined it because it's not there anymore! I was just too sleepy last night to stay up a minute longer.

Yes, my computer is reinfected today, but I'm thinking it might have something to do with my always-on broadband connection. I remember reading about something called a router which is supposed to protect systems with always-on internet connections from having nasties constantly dumped into them.

Also, I think I remember that a router can be software OR hardware, and of course I would want to take the easiest course of action -- software, right? I'm thinking this might help prevent me from being constantly reinfected. Of course I can always have many, many anti-viruses running on my computer at all times, can't I? ~;D
 
Upvote 0 Downvote
You need a firewall. These come in software or hardware. Several routers have built-in firewalls, but they are a hardware appliance. Noone should have an "always on" connection and not be firewalled off. I myself have 2, one hardware and one software.

If the program psexesvc.exe is running, end task on it with Task Mgr. Start it manually from the %SYSTEMROOT% directory.

Thanks,

Matt Wray

GFH

 
Upvote 0 Downvote
beachplum, you can download a good firewall for free. I use tiny personal firewall,

(
I've had it for years on my home pc which is on broadband, and it's done and excellent job

I am a nobody, and nobody is perfect; therefore, I am perfect.
 
Upvote 0 Downvote
mattwray, thanks for your post. I cannot access Task Manager the way you suggested either. I think I remember that sroce said he could, but I can't.

I will look into getting a router with a built-in firewall -- thank you for clarifying the difference. Any suggestions along those lines?

In the meantime, I was distracted from my anti-virus fun by scroce's post. scroce, I downloaded the firewall you suggested, and it immediately asked me to accept or deny 12 different connections. I didn't know what to do, so I denied them all. Then my internet access didn't work so well, so I went into Administration and deleted all the rules, and succeeded in corrupting the firewall (although who knows, maybe it was one of the nasties).

So I have uninstalled the firewall and will wait to hear from you before installing it again. Maybe you don't remember the set-up phase, but should I set it to "Don't Bother Me" and let the firewall do its thing?

Many thanks...
 
Upvote 0 Downvote
PS Downloading the firewall seemed to fix my TM/regedit problem until I messed with it.

PSS Just FYI, prior to discovering this website and post, while trying to fix this weirdness I did try re-formatting my hard drive and installing fresh Win2000Pro OS SEVERAL TIMES, like maybe 5 times over the course of the last week, plus all programs, to no avail. I really think by now evidence shows it is a trojan/worm/virus problem. ???
 
Upvote 0 Downvote
two things

#1 - found a workaround to access task manager. You right click the task bar and choose task manager - that seems to bring it up ok

Beach plum
those incoming connections are exactly what the firewall is intended to deny. Rule of thumb is that if you don't know who it is, what it is, or why it's coming in, DENY IT - If your PC is on broadband without a firewall, it's basically open season for hackers on your sitting duck PC. I would not recommend going firewall-less on broadband at all - I would venture to guess many of your woes are due to it not being there.

I am a nobody, and nobody is perfect; therefore, I am perfect.
 
Upvote 0 Downvote
Thanks, scroce. I did try your suggestion of right-clicking on the task bar yesterday, but TM still disappears. I must have a nastier bug than you do!

ok, I'll try the firewall thing again. More later ...
 
Upvote 0 Downvote
I downloaded the firewall again and denied everything except system.exe and svchost.exe stuff -- ok?

Now what about alerts such as:

'SYSTEM' from your computer wants to send UDP datagram to ool-18bd7fff.dyn.optonline.net [24.189.127.255], port 138

where optonline is Optimum Online, my internet service provider (ISP).???

This popped up when I went to one of the virus scan websites and asked for a free scan.

Permit this, right?

I guess what I'm asking is if I'm on the right track ~;D

 
Upvote 0 Downvote
and then of course the next one says:

[24.189.116.240], port 138 wants to send UDP datagram to port 138 owned by 'SYSTEM' on your computer

and Remote:

ool-18bd74f0.dyn.optonline.net
[24.189.116.240], port 138 - UDP
 
Upvote 0 Downvote
OK, I'm finished and I'm optimistic. I have a working computer again, thank you. AND I have a firewall. AND I am much more familiar with how the nasties work -- whew! who knew??.

FYI this time it was Symantec (Norton) that came up with the final killer nasty that no one else found -- W32.Tzet.worm. I followed Symantec's removal instructions and all's well. In fact, it wasn't until after the Symantec scan and my manual removal that Task Manager and regedit began to work properly again. Wonder why McAfee didn't find that one .....?

I'm hoping that since I've installed Tiny Personal Firewall I won't have the same problems again when I wake up tomorrow -- many, many thanks, scroce. (I did figure out that the answer is DENY, DENY, DENY.)

For anyone who is interested, here is the order in which I used the virus scanners and what they found:

1. housecall at trendmicro
Found 1 worm

2. bitdefend
Found IRC worm

3. LOADED TINY PERSONAL FIREWALL

4. Panda
Found Gaobot.JF.worm

5. RAV
Found IRC/SdBot

6. Freedom
Found nothing.

7. McAfee
Found 2 instances of Morphine

8. Symantec
Found W32.Tzet.worm which did not want to go away, necessitating boot to safe mode, etc. etc. in accordance w/Symantec removal instructions.

~;D



 
Upvote 0 Downvote
beach,

sounds like you're well on your way - here's a useful link called "shields up" which is an online tester of how vulnerable or invisible your computer is to potential hackers on the web. I've found this to be very helpful


I am a nobody, and nobody is perfect; therefore, I am perfect.
 
Upvote 0 Downvote
scro,

Thank you for that link. Wow, Steve Gibson is INTENSE. I have been playing around in his site for a couple of hours now, took all of his tests, downloaded his fixes, and read some of his articles. Still learning...

Any more suggestions...?

By the way, how is YOUR system running? ~;D
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

VicM
  • Locked
  • Question
Task Scheduler message persistence?
Replies
3
Views
608
VicM
VicM
Andrzejek
  • Locked
  • Question
How to Disable Google Chrome Password Manager 2
Replies
3
Views
980
combo
combo
Deniall
  • Locked
  • Question
AutoHotKey for a very simple task 1
Replies
5
Views
747
Deniall
Deniall
hamburg18w
  • Locked
  • Question
Task Host is Stopping the Shutdown
Replies
1
Views
949
Ign3us
Ign3us
dpellegrini
  • Locked
  • Question
Clear All Credentials in Credential Manager
Replies
0
Views
372
dpellegrini
dpellegrini

Part and Inventory Search

Sponsor

Back
Top