I have windows XP Pro sp2. I've had this for a while, and suddenly have a problem. I forgot to make a system restore point before this, so that is out of the question. The problem is that when I press alt+ctrl+del, the taskmanager shows up for 2 seconds, and closes out. Also when I do msconfig, it only shows up for 2 seconds. I checked for spyware and viruses, and I dont have any. Does anyone have any ideas on how to fix this.

i think it is virus related, i had the same problem a while back, i ended up reformatting in the end cos no virus program / spyware program picked anything up, i tryed to repair the installation using the windows cd but it still did it after that

do a virus/adware scan in safe mode.. then report back.

also, you could try taking the drive out and scanning it in another machine (make it a slave disk, etc) that way, no component of the filesystem is loaded in memory.

--slly

sounds like you have a bug to me....

Im sure I saw something like this ages ago. Run gpedit.msc at the run prompt and I think its somewhere in there.

Alrite, I'll try all your suggestions. I'll report back if it clears up. Thanks

Alright, I scanned for viruses and adware under both safe mode and normal mode. Its starting to get really frustrating :confused: Any other ideas?

Download hijackthis and scan. It finds loads of things that normal anti-virus crap won't. Take a look in your System32 folder for files, specifically dll files added or modified recently.

Files to look for are atlli.exe, ntef32.dll

Download Process Explorer and find programs linked to your system processes. If you see atlli.exe or ntef32.dll, or anything else that shouldn't be there it'll help you locate just what program is hiding in your system using that file.

ntef32.dll and atlli.exe are unlikely, but they're just examples. If you had those ones you probably would have the bug that shut me down last week. Couldnt even USE System Restore, Norton, or any other programs that would get rid of it. Tried for hours until formatting.

Either way, good luck with your endeavors. :)

Also, some viruses block attempts of resident A/V programs. Try online scans at any of the A/V websites (like trendmicro's) to see if those catch it.

I somehow got a flavor of the istbar trojan under AVG 6.0, and it hid well, even kept AVG 7.0 from installing. Online scanning and hijackthis caught it.

Be careful with hijackthis - anything you delete using HJT is deleted, whether good for your system or not...

i was doing some sidework this week. similar problem. user had spybot and nav2004 and scanned w/t hem on a daily basis but found nothing. i grabed AVG and adaware and headed for safemode. nav2004 found 2 virii. AVG found 4. adaware found 44 pieces of spyware.

however, after it was all rebooted, it was still hyjacked and i ran out of time (3.5 hrs)

it's been in a crippled state for a while. i'll be wiping/formatting it on mon/tues, because it's that bad.

--slly

Be careful with hijackthis - anything you delete using HJT is deleted, whether good for your system or not...

That's true of legit files and some viruses. But some of them replicate.

As for online scanners... they're worthless. Their effectiveness is about the same as poking it with a stick :p: :stick:

Most of the bad ones do this to your computer :p: :cord:

These days the biggest nerds have nothing better to do than make viruses that just piss a buncha people off :grr: Heck, they'd probably pass up getting laid in favor of virus writing. They probably get off more on that. :rocker:

Right, if replicated but not active in the registry HJT can't get them. Not that many able to effectively hide AND later run after HJT, though. On your system, if they're hidden that well you're fubar'd anyway. Anything deleted by HJT IS deleted. If the bugger has a hidden version and one not hidden the hidden version stays but the visible one is gone. Statement stands ;)

Online scanners have saved my butt numerous times (working on client comps). Far from worthless IMO. Booting an A/V CD is one way, but if online access is there trend's, Panda's, CA's, McAfee's and BitDefender's all work well. What's the reasoning behind calling them worthless? And, which do you consider "bad ones?"

These days the biggest nerds have nothing better to do than make viruses that just piss a buncha people off :grr: Heck, they'd probably pass up getting laid in favor of virus writing. They probably get off more on that. :rocker:wait until the professionals start writing virii, not these script-kiddie hacks. then we'll have something to be worried about.

--slly

Well online scanners have never saved my butt, so perhaps that is why I don't have any faith in them.

I got one last week that disabled any program that could get rid of it. System Restore came up with a blank white window, so did Norton A/V. So did Add/Remove Programs. My Computer and other folders were renamed "folder" and access to them was almost totally restricted.

Adaware and spybot found lots of spyware, but when deleted none of them were the cause. Hijackthis detected the core files, and was able to delete them. But when I did a rescan I saw that the file was coming up as "missing; not found." Obviously something was looking for them.

Bootup with the A/V CD and scanning detected no virus. Online scanners detected no virus. Norton Antivirus kept timing out even in fire fox. This thing had nearly total control of my computer. Had no other recourse after hours but to format and restore.

That's what I cann a bad one. :)

Alrite, so I'll try the online scanners. What do u guys mean with boot up on an A/V boot cd?