I don't find anything at the Mickey$oft Knowledge Base that's specific to Task Manager failure. There are several configuration options that will make it appear differently, or that will cause the Ctl-Alt-Del combination to do other things. Most of the settings involved are found at Start - Control Panel - Administrative Tools - Computer Management – Local Users and Groups – Users.

If you have - or have had - more than one user defined, even if it's just you as a user and you as an administrator, changes may have been made here that would make Task Manager open differently. If you've been into this area of Control Panel without complete understanding of what's there (happens to me all the time – I usually just quite without changing anything) it's possible that you made unintended changes.

Regardless of any changes you might have made, or that your recent virus may have made, Task Manager should open when you right-click the Task Manager (Sys Tray) toolbar at the lower right of your screen. Failure to open from there indicates that a file is missing or corrupted. This is probably consistent with your description of Norton's requirement for safe mode to remove the virus. Norton will attempt to remove or quarantine only the viral component, if possible. The next step, if the viral part can't be removed, is to delete the file that contains it. In safe mode, Norton can usually delete an irreparably infected file even if it's a file critical to machine operation.

It is possible that restoring TASKMAN.EXE, the main Taskmanager file, from either your installation disk or from .CAB files that may be on your machine,would work; but the possiblility of other corrupt files makes this somewhat "iffy." You should look up the procedure if you want to try. The short form is at Description and Explanation of a Cabinet File 310435

An idea of what you're facing in trying to restore/replace files one at a time can be found at List of Windows Files. Note that this is not an official listing.

Since System Restore can't be trusted when there's been a viral infection, and you've indicated you turned it off and hence have dumped all previous restore points, the logical(?????) next step would be a "reinstall-restore" from your original WinXP CD. (Even if restoring the Taskman.exe file seems to work, you may want to consider this step to eliminate the possibility of other corrupt files, or if it worked you may want to try running for a while to see if things look ok.)

Before you start a repair reinstall - take a deep breath and think pleasant things. A reinstall is not usually complex, but it's not something that can be done in a few minutes, and not something to be done if you still think you might have other options. The reinstall is fairly simple – but getting all the security patches back may take quite a lot of time.

You probably should take a look at How to perform an in-place upgrade (reinstallation) of Windows XP at the Microsoft Knowledge Base site before you dive into it.

1. You must have your original WinXP installation disk. If you got a computer with XP preinstalled, it may have some incomprehensibly strange name; but you can probably find it.

2. You must have a valid Product ID number for your disk. It may be on the disk itself, so you need to write it down before you put the disk in where you can't read it.

3. If your machine is set to allow boot from the CD drive (the usual case) you can just put the CD in the drive and restart. The boot process may ask if you want to boot from CD - say yes. If your machine doesn't' boot from the CD drive, just put the CD in and look for an Install.exe.

4. Once the "Installation Manager" starts, it should ask what kind of installation you want, and you choose the "upgrade" option. (More specific info is in the article linked above.)

The link above cites several things that might go wrong, but in most cases this "upgrade installation" will replace Windows without disturbing other installed programs or data. If you can do it easily, you should back up anything critical before you start, but the process is relatively safe with respect to other stuff on the machine. Use your own judgment, there are no guarantees. Since browsers and email are closely linked to the Windows installation, backup of browser favorites, email, and address book(s) might be a good idea.

Unfortunately, the Windows version installed will be whatever was current when you got your disk. It will NOT HAVE ANY SECURITY UPDATES. If/when the reinstallation is completed, you should make sure your AV is up and working (and firewall if you have one) before you connect to any outside (web or LAN) sites. You then MUST GO DIRECTLY to Windows Update and get ALL the current critical updates. If you choose "Express Install" you'll only be shown the Critical Updates. You can come back later and select the "Custom Install" to see the other "optional goodies."

You do need to install all the critical updates, at least up to where the update site says you're ready for SR2. If you don't patch ALL the holes that the scum have found, the likelihood of operating anywhere on the net without being reinfected with something approaches nearly zero, even with AV and firewall in place. Some sources report and "ATI" (average time to infection) less than 20 minutes for machines with reinstalled unpatched Windows.

Installing all the critical updates may require rebooting and then reconnecting to the update site numerous times. You may want to set the update site as your browser home page the first time you go there. (Be sure to put your regular home page into your "Favorites" list before you change home pages.) The total of all patches you need appears to be something like 600 MB.

IF you have decided to install the latest SR2 update, an option would be to obtain the free SR2 CD, which permits you to reinstall windows AND ALL CRITICAL UPDATES - including SR2 - from CDs before making any connection to the internet. Unfortunately, the current wait for mail delivery of the CD is estimated at 4 to 6 weeks. If you can wait that long, or if you know someone who has the CD version of SR2, the update site has links to what you need to know about it.

Most of the updates have procedures for downloading without installing them, and theoretically you could download them all before you do the Windows Reinstall, so that you could apply the fixes before you hook up to the net. The procedures are really intended for administrators who need to download once and then install on multiple machines, so they are not simple to implement for a single machine.



Replacing TaskMan.exe is probably worth trying. You may have some other clues that would help find another file or two that may be corrupted and could be extracted from .CAB and replaced. (Look for a Norton log, perhaps, to see if you can find what was deleted?) It's not unlikely that your virus has done something to your Registry, but without specific instructions I wouldn't recommend poking around there.

There is also the option of phone or email support direct from Microsoft. Usually there's a "free support" period that starts with your first request for assistance, so if you haven't gone there you might get free help. If you've used up your free support period, there is likely to be a charge, but sometimes you can argue with them and get a waiver. Nearly all the Knowledge Base pages (links above) have a link to support options if you're interested.

John