Reviews

How to delete Virus that disables Task Manager, Regedit from launching

Pfeiffersches goes Disco :)Recently, one of our machines was infected by a nasty virus that disables Task Manager and Regedit from launching. I think the virus became active once I clicked on an executable which is the same as the folder name. So if you see a file which has the same name as the folder but with an .exe extension on it, Do Not Click On It! Once clicked, the virus will be activated. That’s when your machine slows down and you can’t access Task Manager.

Despite having the latest antivirus patch, scanning the machine seems unsuccessful because there are processes running heavily on the background which I can’t kill since Task Manager is out. After much research and trying, I found a solution to the problem. Since I’m unsure of the name of the virus, these steps may or may not help you but it’s worth giving it a try if you encounter the same symptoms.

1. Download and install AnVir Task Manager Pro. This features of this app is just like task manager. Once installed you will be able to see which nasty process is running so you can temporarily stop it from running. Once stopped you can at least run your machine at its usual speed.

2. Download and install any of these Antivirus Software: Avast (Highly Recommended), Avira, AVG
The antivirus software helped to remove the virus for me. Once downloaded and installed, click on check for updates. After getting the updates, it will automatically scan your machine. In my case, at least 4-5 malwares were caught and quarantined. Without hesitation, I deleted them.

Basically these two types of applications helped me remove the viruses. If you have trouble accessing the internet to download the installations, you can get help from friends. The installers aren’t that big and should fit into a thumbdrive. Do note that you will need to have Internet connection to get updates from Avast, Avira, AVG.

Hope it helps. Any questions or comments, just post below.

About the author

Bob Lee

Hi! My name is Bob Lee and I’m a web developer / technical writer who specializes in developing and reviewing web applications. As an entrepreneur, blogger, developer, and tech enthusiast, I have been in this field for more than 10 years, and have been loving every minute of it.

21 Comments

  • wow thnx i had many viruses and trojans and etc on my laptop and flashdrive from my vacation trip to asia, well now i must try this and see if it will work 100% 😀

  • I have a weird problem. Can you walk me through to fix my laptop please? I have a Windows XP Home Edition version 2002 Service Pack 2 with no anti-virus programs and 6 days ago after searching for ‘roms’ to download and finding nothing but POP UP WEBSITES. another browsing window from Internet Explorer popped up and it wouldn’t close. So I tried Alt + CTRL + Delete and it said “Task Manager has been disabled by your administrator”

    I tried searching for the worm, cookie or trojan by going to “RUN” “REGEDIT” And received “Registry editing has been disabled by your administrator”. Then, when I went to check on my local disk ‘free space’ I noticed that the storage capacity kept on decreasing.

    I’m not able to use Firefox as a browser, just IE and I’m not able to download anything through IE because every time I want to download something or an anti-virus it closes the window that will be used to download or my pc acts like if I hadn’t clicked on the link to download.

    I tried going to the sites you’ve listed to get my laptop scanned online and when I click, my machine doesn’t do anything or sometimes it just shows a ‘green progressing image’ at the bottom of the browser on the status bar; like if it was trying to load the page but it’s not.

    What else can I do? I have a roommate who has a desktop PC and we tried uploading AVG anti-virus through her computer to my laptop; and it uploads well except that when I want to install the anti-virus the windows looks like it has been frozen and then, it shows an error message named “msiexec.exe – Application Error” it says “The instruction at “0x76c941b1” referenced memory at “0x76c941b1”. The memory could not be “written”. Click on OK to terminate the program.

    Any alternatives besides re-formatting please?

  • Dear Johnny,

    The biggest problem that you’re having now is not being able to access the task manager. Every time you try to get to task manager, you’re getting the error “Task Manager has been disabled by your administrator”!

    This is because the virus has taken control of your regedit as well as task manager.

    Did you try downloading the external task manager software that was mentioned above. If you choose not to use the task manager above, try searching for other external task manager software using your roommate’s desktop pc, then transfer it over to the notebook.

    Once you have the external task manager installed, what you need to do is to restart your machine. When the machine loads up, you need to quickly launch the task manager and sort the processes by the cpu usage. Look for any strange executable file that is running and kill off the processes as quickly as you can. It’s like racing against the virus to see who is faster. Once you have killed of all the nasty exe files, you should notice your machine behaving more stable.

    This is when you should install and run antivirus software, to catch all the viruses.

    Give it a try. Hope my method works for you.

  • i don’t know which virus disable the task manager and the regedit option in my computer. plz help me for the above problem.

  • Manoj, you dont really need to know which virus is causing the problem as there can be many viruses which are able to disable the task manager and regedit.

    Since this is the case, you will need to use an external 3rd party task manager application. This way once you have access to what applications are running on your machine, you can kill the various tasks that are taking control of your machine. Then run a good antivirus to kill the viruses.

  • after disabling the applications that are taking control of my machine (i think), i ran the antivirus stated above and deleted the virus, but i still can’t open my task manager. please help me for my problem

  • hi
    I keep getting a request to disable task manager, and I keep saying no! yet, my automatic updates and my firewall keeps being turned off by this virus. I have tried to delete it in the reg, no luck, I noticed lass.exe running and when I try to kill or stop the process it won let me.
    it keeps saying this is critical system file, and refuses.
    the computer wont let me open the system32 file even in safe mode
    please assist me to delete this worm

  • When I was trying to fix this problem, I remember that I had to quickly launch the external task manager once the machine boots up.

    Then it’s about who’s is quicker. I had to kill the processes before it could start any other processes. Also, I had to restart the machine and repeat the steps a few times before I was successful. If your machine is quite a fast machine, it may not be helpful.

    Try to read further on the following link to see if it helps your situation:
    http://www.raymond.cc/blog/archives/2007/06/28/restore-task-manager-regedit-and-folder-options-disabled-by-virus/

  • This is the most irritating virus and the more you delete the more it duplicates itself
    I a so mad I now, it is blocking all y antivirus, my folders, and just plug in the internet it replicates.
    Imagine vundo cannot detect it, and virtumomde be gone cannot detect it, the only thing detecting it is spybot and ad-aware, and they both cannot remove it.
    The best is if you kill the process or delete it, immediately it starts to restart your computer.
    I am convinced this is a new leg of the virus
    I a sure this one has not been seen anywhere.
    this is a new migrated virtumonde virus!!!!
    what I do not understand is if you cannot start your computer how is it that they want you to buy their anti virus, I believe this virus was created for a reason.
    the task manger will not kill it even at command prompt, want a challenge what’s your discount price to take a shot at the first ever evolved virumonde virus
    Created by some very skilled people.

  • Ugh, I’m getting rid of one of these as we speak, using the method recommended here. It took me forever to download that task manager, seeing as how my Trojan was blocking a lot of my internet! It would bring me to weird blank pages with huge URLs every time I clicked on a search result. I finally had to go to a different computer on my home network, download everything here (I’m on it right now), and then transfer the files over the network. But that 3rd party task manager is very nifty, nipped the little .exe in the bud, and now I’m running BitDefender and praying that it can get rid of the Trojan. I was able to run the scanner before, and it would get rid of all the other Trojans this one would download, but not this one itself. I hope it works. Fingers crossed….

  • Help me i dont have internet in our house i cant update the anti virus. Im only 16 years old i dont know what to do. e-mail me fast plsssssssss!!…

  • Hi Everyone.

    The simple and best way to get this Virus out of your computer, is you need two things.
    1: Trial version of Tune up Utility
    2: Kaspersky Anti-Virus.
    *****************************************************
    Tune up Utility is PC optimizing tool but has Reg editor within it. so the Virus will not block from installing this software.
    Once you have installed, open Reg editor and search for disabletaskmgr. you will get 2 results.
    Double click on it and change the value to 0. But do not close Reg Editior. Now you should be able to open TaskManager.
    At this point you can install Kaspersky Anti-Virus and select interactive mode during the installation.
    This will let you know which application, service or file is causing this issue.
    Once computer restarts, select trial version of Kaspersky and update the anti-virus.
    Then scan the computer, you will find all the Virus, spyware and malware on your computer and dont forget when you are prompted of Virus. ALWAYS DELETE IT.

    These steps worked for me and I was able to get rid of this nasty computer virus.

    Best of Luck. Need any help Email me.

  • I manually deleted the task bar block as instructed and loaded the an vir program but it’s so confusing. I don’t know what everything does so really I have no clue how to tell with programed is bad any more than looking at the task manger.

  • Neo,

    Thanks for the advice. I tried your suggestion and now have the CTRL+ALT+DEL function again.

    I am running Kasperskey anti virus and completed a full scan. In my 1st attempt it found several items, but Kasperskey did not give me an option to DELETE, intead, my laptop rebooted.

    I opened Kasperskey, and changed the setting from disinfect to delete. I then ran the anti virus software a second time and it appears many of virus and Trojan was cleaned.

    What remains is the malware’s icon on the desktop and in the progam list. Should Kasperskey removed these items too? Or will a simple delete of these be suffcient?

    Thanks again.

  • This virus is really a virus that takes control of your pc, monitoring all information on the pc whiles sending it back to the creator, can’t edit registry? can’t access taskmgr? huh! these are the main functions of the computer os, this virus not only blocks registry and taskmanager, but you don’t have access to installing any software too.anyone knows how to track creator of the virus?

  • I have the virus that is locking down my toolbar options and my internet. I can access the task manager, but from there I don’t know how to look for the file of the virus. Help would be appriecated

  • Hi Morgan,

    Have you tried loading into safe mode and running a virus scan from there.

    I would suggest either Avast or Microsoft Security Essentials to try to hunt down the viruses.

  • hi……..

    i have a simple way to shut it down.
    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

    -you will see “DisableTaskMgr”above that there is a file with name (Default) and the data (value not set)>open it>than the value enter tex “no trojans”
    -it’s all done. no disable task manager again.

Leave a Comment

/* ]]> */