Windows XP TaskManager is disabled by Virus
This usually happens because of a virus infection. Of Course, try to remove the virus first since any changes that you make will be reverted by the virus that may still be on the computer.
However, if you are pretty sure that the virus infection has been eliminated then go ahead and try these methods below:
Method 1:
•Click Start, Run and type Regedit.exe
•Navigate to the following branch:
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies\ System
•In the right-pane, delete the value named DisableTaskMgr
•Close Regedit.exe
Method 2:
•Click Start, Run, type gpedit.msc and click OK.
•Navigate to this branch:
User Configuration / Administrative Templates / System / Ctrl+Alt+Delete Options / Remove Task Manager
•Double-click the Remove Task Manager option.
•Set the policy to Not Configured.
Administrative Tools are disabled
We ran into the same issue and fixed the problem by re-associating .msc files with the Microsoft Management Console (mmc.exe).
Navigate to the C:\Windows\System32 folder and right-click the eventvwr.msc file (or any .msc file).
Choose ‘Open With’. If you see the Microsoft Management Console listed at the top of the next window, click on it to highlight. If you do not see the Microsoft Management Console, click Browse, navigate to C:\Windows\System32, and double-click the mmc.exe file.
With the Microsoft Management Console or mmc highlighted in the Open With box, check the box for ‘Always use the selected program to open this kind of file’.
Click OK and see if the issue is resolved.
Log On/ Log Off Loop after Virus Removal
1. This problem is almost exclusevily the result of a bad virus infection. Often times the virus’ write themselves into executable files, including explorer.exe, winlogon.exe, and userinit.exe. Once infected, the virus is then activated at start up, in the HKLM\Software\Microsoft\Windows\CurrentVersion\Run and HKCU\Software\Microsoft\Windows\CurrentVersion\Run registry keys.
2. Upon removal of the virus, users may encounter what is affectionately known as the Log On/Log Off loop. This is when a user logs into a Windows account normally, but then immediately is logged off. This is due to the removal of an infected userinit.exe, as pointed to in the registry, under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.
3. So, how do we correct the Log On/Log Off loop? For starters, you’ll need your Windows XP CD-ROM available, a working Windows machine with a CD burner (you can usually borrow the use of a friend’s machine), and the Windows Bootable Recovery CD known as Bart PE. This guide (http://thinkinginpixels.com/quick-fixes/fix-windows-xp-log-onlog-off-loop/2/) shows how to set up Bart PE for specifically this problem with very clear and concise step-by-step instructions. For that reason, we won’t go into extreme detail, suffice it to say that once Bart PE is loaded, run the Remote RegEdit tool and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon and modify the “Userinit” key to read C:\Windows\system32\userinit.exe, and then, just to be safe, manually copy userinit.exe from the X:\I386\SYSTEM32 folder to C:\Windows\system32\. (X:\ being the newly created disc drive from which Bart PE runs)
4. After following these instructions you may find that the Explorer shell will not load. That is, the taskbar, desktop, etc… are not loading. This told me that Explorer.exe was also removed or damaged. Not to be panicked, you can copy Explorer.exe from the Bert PE CD into C:\Windows\ in the same fashion. This allows you to once again have a normal looking Windows XP interface.
5. So now that your PC is back up to snuff, what do you do now? Make sure to run updated antivirus software on ALL drives, including external hard drives and USB thumb drives.
And there you have it. If there are any questions or if you are having trouble please feel free to contact us.
Bogus Virus Notice (Microsoft 2010 Virus Update, AV 2010, etc.)
Yep,
There is a new set of viruses going around that are exploiting a weakness in Adobe Acrobat PDF viewers or Adobe Flash Players from legitimate websites with adSense advertisements. People are being infected simply by visiting sites with no user interaction. Some sites that we have come across include CNN.com, Foxnews.com, MySpace, and a slew of others.
One prompt people are getting looks something like this:
If you take a closer look at the prompt you will notice that this picture is embedded within your web browser (even you Mozilla Firefox users). If you get this prompt DON’T click on the button on the bottom “Full System Cleanup” since that will install some extra files (Mal-Ware) on your system. Best thing to do is use the CTRL+ALT+DELETE option and close the application that way through the Task Manager. If you have a good Anti-Virus program then scan your machine Note: McAfee is a worthless Anti-Virus program that can’t seem to find or fix most newer viruses. We recommend either Norton Anti-Virus, Webroot Anti-Virus, or Kaspersky. There are also some free AV programs such as Malwarebytes from malwarebytes.org or Spy-Bot Search and Destroy that can get rid of the infected files on your PC.
Remember, if you still have problems with removing the virus, please don’t hesitate to call us. We are more than happy to come to your rescue.