Get back the control of your registry from Trojans

Advertisement

windowsFew days before i was copying some files from my friends SONY M2 memory card and bam i've been hit by a Trojan, it was silently sitting on the memory card. the file name is Flash.exe and it creates a autorun.inf file in your memory card and any usb disk you put into your computer will be infected by it. It keeps running on the memory and it will disable your Task Manager, Command Prompt and Registry Editor. Well these are the tools you need to use to get rid of the trojan virus. I've cleaned my system with Kaspersky Antivirus Pro 7 and still i was not able to use command prompt or regedit. Here are the things you need to do after cleaning the Trojan Virus.

TO ENABLE COMMAND PROMPT USE ONE OF THE METHOD BELOW:

Message: "The command prompt has been disabled by your administrator"

When you attempt to run CMD.exe or a batch file, you may receive the message "The command prompt has been disabled by your administrator". This is caused by restrictions placed in Registry. DisableCMD value is set to 1 or via Group Policy. To enable Task Manager, try any of these methods:

Method 1: Using the console registry tool

Get Free Updates - Weekly

Sign up for the free tips on business and productivity today.
Receive email only when we have new content.

  • Click Start, Run and type this command exactly as given below: (better – Copy and paste)
    REG add HKCUSoftwarePoliciesMicrosoftWindowsSystem /v DisableCMD /t REG_DWORD /d 0 /f

Method 2: Edit the registry directly

  • Open Registry Editor (Regedit.exe) and navigate to:

[HKEY_CURRENT_USERSoftwarePoliciesMicrosoftWindowsSystem]

  • In the right-pane, double-click DisableCMD and set it's data to 0
     

Method 3: Using Group Policy Editor in Windows XP Professional.

  • Click Start, Run, type gpedit.msc and click OK.

  • Navigate to User Configuration Administrative Templates System

  • Double-click the Prevent access to the command prompt

You can then disable or set the policy to Not Configured. Disabling or setting this policy to Not Configured should solve the problem.

TO ENABLE REGISTRY EDITING TOOLS USE ONE OF THE METHOD BELOW:

Registry Editing has been disabled by your administrator

This error occurs if the DisableRegistryTools Policy is enabled. With this policy enabled, you receive the following error message when you start the Registry Editor (regedit.exe)

For standalone Windows XP systems, perform the steps below to remove the registry editing restrictions.

Method 1: Using the REG.EXE console tool

  1. Click Start, Run and type this command:
    REG add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /t REG_DWORD /d 0 /f

Method 2: Using the Group Policy Editor (Windows XP Professional only)

Advertisement

Divi - Huge Savings

  • Click Start, Run and type gpedit.msc and press ENTER
  • Go to the following location:

User Configuration | Administrative Templates | System

  • Double-click Disable registry editing tools and set it to Not Configured
  • Exit the Group Policy Editor

Note: If the setting already reads Not Configured, set it to Enabled, and click Apply. Then revert it back to Not Configured. This ensures that the DisableRegistryTools registry value is removed successfully.

TO ENABLE TASK MANAGER USE ONE OF THE METHOD BELOW:

When you try to open Task Manager, the following error may occur:

Task Manager has been disabled by your administrator

This error is caused if the DisableTaskMgr restriction is enabled. To enable Task Manager, try one of these methods:

Method 1

  • Click Start, Run and type this command exactly as given below: (better – Copy and paste)
    REG add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 0 /f

Method 3

  • Click Start, Run and type Regedit.exe
  • Navigate to the following branch:

HKEY_CURRENT_USER Software Microsoft Windows CurrentVersion Policies System

  • In the right-pane, delete the value named DisableTaskMgr
  • Close Regedit.exe

Method 4:  Using Group Policy Editor – for Windows XP Professional

  • Click Start, Run, type gpedit.msc and click OK.
  • Navigate to this branch:

User Configuration / Administrative Templates / System / Ctrl+Alt+Delete Options / Remove Task Manager

  • Double-click the Remove Task Manager option.
  • Set the policy to Not Configured.

Hope it will help someone out there.

[tags]windows xp, virus, trojan, registry, command line, command prompt, ruhanirabin.com, task manager, articles, software, windows, enable, disable[/tags]

Some of the link on this post may have affiliate links attached. Read the FTC Disclaimer.

15 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
15
0
Would love your thoughts, please comment.x
()
x