PDA

View Full Version : Task Manager and the Virus W32 ErkezB



kay jay
16-06-2004, 10:58 AM
Can someone please help, I have the above virus on my machine, I found the instructions to remove it, but can't access the Task Manager, have tried ctrl alt del and ctrl shift esc but nothing happens also using run and typing in there everything comes up as being already in use by another programme.
Thanks for any suggestions offered.

kay jay

Rob99
16-06-2004, 11:03 AM
Reboot in safe mode

Davesdad
16-06-2004, 11:05 AM
You will need to boot into safe mode (Press F8 after POST) to bypass the startup files

kay jay
16-06-2004, 11:08 AM
Thanks I did try that but when the computer starts up it doesn't show what its doing as it goes through the motions, do I just keep hitting f8? hoping I tap at the right time, sorry to sound so thick :-)

nzStan
16-06-2004, 11:19 AM
Yes, keep tapping F8 after the bios checks.

kay jay
16-06-2004, 12:14 PM
Thank you all very much for your help, there is now a removal tool and I have used it successfully.

nzStan
16-06-2004, 12:23 PM
Well, now you need to make sure your PC is protected.

Install an anti-virus if you do not have one already. There is a free anti-virus software called AVG at http://www.grisoft.com. Install and get the latest virus definition update.

Install a firewell if you do not have one already. There are many free firewall software, the one I use is ZoneAlarm from http://www.zonealarm.com. This will give you additional protection from being probed and hacked.

And last but not least - do a monthly sweep with Ad-Aware from http://www.lavasoft.de. Ad-aware can detect virus and worms files as well.

kay jay
16-06-2004, 12:40 PM
Thanks Stan I run Nortons and Zone Alarm and also use Adaware, but was away for 2 weeks and Nortons expired and the teenager has downloaded or opened something she shouldn't have :-)

Davesdad
16-06-2004, 01:13 PM
The Erkez virus disables anti-virus and firewall programs by replacing .exe files in the anti-virus and firewall folders with copies of itself so you will need to reinstall NAV and ZA.

aronking
16-06-2004, 01:27 PM
Microsoft has also released a patch in the last two weeks. Remember to do that as well.

Safe computing - I had to clean up a machine yesterday as well.

Cheers (still sober...

johnboy
16-06-2004, 01:59 PM
Here is some info on accessing the task manager to try

Can you Right click task bar and select task manager from there.

You also can check in your Windows\system32 folder to see if taskmgr.exe file is there.

Check Location of Task Manager in registry

HKCU\Software\Microsoft\ Windows\CurrentVersion\ Policies\System
Value is "0" (without quotes) to enable access to Task Manager
value "1" (without quotes) to disable Task Manager,

Why does Task Manager, MSCONFIG, or REGEDIT disappear while opening?
Here (http://www.mvps.org/sramesh2k/ToolsQuit.htm)
Here (http://www.experts-exchange.com/Operating_Systems/WinXP/Q_20966770.html)

Jim B
16-06-2004, 02:55 PM
The virus disables task manager and registry but there is no need to access either or to start in safe mode unless you want to remove the virus manually.

It is easier download the removal tool and run it to remove the virus.

kay jay
16-06-2004, 03:44 PM
Thanks everyone for your help, yes the virus had removed both zone alarm and nortons, they were both replaced as soon as I got home, when I first started trying to get rid of this worm there wasn't a download tool, but when I went back today it was there. Everything seems to be running properly now and I am protected once again :-)