We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

How do I enable Task Manager again after recovery from Win32.GEMA attack?


teuchter

Likes # 0

Hi

I'm running Windows XP SP3.

I recently suffered an attack of the Win32.GEMA trojan.

Details of it are here: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FRansirac.G

I recovered my system using:

AVG Rescue Disk

Kaspersky Rescue Disk

BitDefender Rescue Disk

MalwareBytes Scan

McAffee Scan

Hitman Pro Scan

Spybot Scan

Eusing Registry Cleaner

CCleaner

Overkill maybe? But it worked..........So far

Apparently the trojan disables Task Manager and it's this I am having trouble restoring.

I followed the advice in this Microsoft article - http://support.microsoft.com/kb/913623/ - but when I followed this part

*To set the DisableTaskMgr registry entry value to 0 for a specific user, follow these steps:

1.Log off from the computer.

2.Log on to the computer by using a user account that has administrative permissions.

3.Click Start, click Run, type regedit in the Open box, and then click OK.

4.In the left pane, click the following registry subkey: HKEYCURRENTUSER\Software\Microsoft\Windows\CurrentVersion\Policies\System 5.In the right pane, double-click DisableTaskMgr.

6.In the Value data box, type 0, and then click OK.

7.On the File menu, click Exit.

8.Restart the computer.*

No. 5 says that Disable TaskMgr should appear in the right pane, but there was no entry for Disable TaskMgr. All there is is a small "ab" icon with (default) beside it, then, REG_SZ.

I then tried to follow this part of the Microsoft article

*To set the DisableTaskMgr registry entry value to 0 for all users, follow these steps:

1.Log off from the computer.

2.Log on to the computer by using a user account that has administrative permissions.

3.Click Start, click Run, type regedit in the Open box, and then click OK.

4.In the left pane, click the following registry subkey: HKEYLOCALMACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System

5.In the right pane, double-click DisableTaskMgr.

6.In the Value data box, type 0, and then click OK.

7.On the File menu, click Exit.

8.Restart the computer.*

This time Disable TaskMgr was in the right pane - this time with a smal "ohho"? icon followed by REG_DWORD

I tried creating a new entry for the current user by copying the one for all users, but no joy.

Any suggestions?

Ctrl + Alt + Delete gets no response whatsoever, neither does Ctrl+Shift+Esc nor right clicking the task bar and selecting Task Manager

Thanks in anticipation

Like this post
KRONOS the First

Likes # 0

Try this way as you can copy and paste most of the commands,it is similar to what you have tried. I must stress that you have to follow instructions to the letter when editing the registry. Try this.

Like this post
Sea Urchin

Likes # 0

I would try editing the Group Policy settings as per No 4 on Chronus' link. Wise to back up before trying this.

1.Click Start | Run.

2.Enter gpedit.msc at the command line and click OK. This will open the Group Policy settings window shown in Figure B.

3.Select User Configuration | Administrative Templates | System | Ctrl+Alt+Delete Options | Remove Task Manager.

4.Double-click the Remove Task Manager option from the Group Policy menu. You can then disable, enable, or set the policy to Not Configured. Remember: Since the policy in question is called Remove Task Manager, by disabling the policy, you are actually enabling the Task Manager. Setting this policy to Not Configured should alleviate your problem. Apply and OK.

Like this post
teuchter

Likes # 0

Thanks Chronus and Sea Urchin for your quick replies.

Chronus, I tried everything in the link you gave.

In Step 1 - the value is already set at 0.

I tried Start - Run - gpedit.msc but "Windows cannot find gpedit.msc"

I also downloaded Disk Heal and asked it to fix Task Manager Inaccessibility problems. It said " No TM inaccessibility issues were detected. "

I ran TaskManagerFix and it declared - "TM enabled successfully". Still didn't work.

I tried the VB script option - EnableTaskManagerXP.vbs from PaulsXP.com. It declared - "TM has been enabled". Nope.

There's something I'm missing somewhere?

Like this post
KRONOS the First

Likes # 0

Have you tried nothing more simple than opening a Cmd window and typing sfc /scannow?

Like this post
rdave13

Likes # 0

Some useful info here.Scroll down to task manager.

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Chromebooks: ready for the prime time (but not for everybody)

IDG UK Sites

Hands-on with Sony's latest smartglasses

IDG UK Sites

Apple TV expert tips: get US Apple TV content, watch Google Play, use multiple Apple IDs and more