An infiltration has blocked access to the Control Panel, Task Manager, Registry Editor, and Command Prompt

KB Solution ID: SOLN721|Last Revised: January 04, 2011

Some malware is designed to block access to system tools in Microsoft Windows such as the Control Panel, Task Manager, Registry Editor, and Command Prompt. This is done by modifying the security policy settings of the operating system. These changes can be reversed using the Registry Editor, but if the Registry Editor has been disabled, the following alternative methods can be used. 

NOTE:

Although generally safe, these methods carry some risk for data loss. Before proceeding, we recommend backing up any important or valuable files on your computer. If you are not familiar with these tools or you are experiencing other symptoms of malware, please visit the following ESET Knowledgebase article: I think my computer has a virus – what should I do?


Using the REG command

This option can be used only if the Command Prompt window (Start Run type cmd, click OK) is available. The parameters of the REG command can be displayed by typing REG /? and pressing ENTER.

The parameter ADD adds new registry entries or modifies existing ones. For example:

* Activation of Control Panel: modify the 'NoControlPanel' key in the section
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\Explorer

Command:
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v NoControlPanel /t reg_dword /d 0

* Activation of Task Manager: modify the 'DisableTaskMgr' key in the section
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

Command:
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t reg_dword /d 0

* Activation of Registry Editor: modify the 'DisableRegistryTools' key in the section
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

Command:
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t reg_dword /d 0

 

Using Group Policy (additional option for Business users)

Click Start Run. The Run window will be displayed. Type gpedit.msc and click OK (Windows Vista users: Click Start, type gpedit.msc and press ENTER). Re-enable the Windows system tools by following the instructions below.

To enable the Control Panel:

-Open User Configuration Administrative Templates Control Panel
-Set the value of the Prohibit Access to the Control Panel option to Not configured or Enabled.
-Click OK.

To enable the Task Manager:

-Open User Configuration Administrative Templates System Ctrl+Alt+Del Options
-Set the value of the Remove Task Manager option to Not configured or Enabled.
-Click OK.

To enable the Registry Editor: 

-Open User Configuration Administrative Templates System
-Set the value of the Prevent access to registry editing tools option to Not configured or Enabled.
-Click OK

To enable the Command Prompt:

-Open User Configuration Administrative Templates System
-Set the value of the Prevent access to the command prompt option to Not configured or Enabled.
-Click OK.


If you still do not have access to system tools after performing the edits above, please follow the instructions in the following ESET Knowledgebase article: I think my computer has a virus – what should I do?

Rate this article:
1 2 3 4 5
Please comment on your rating...
We cannot respond to feedback from this form. Requests for assistance should be submitted through your normal support channel.
5 - Definitely
4 - Mostly
3 - Somewhat
2 - Not Really
1 - Not At All