I recently became the victim of a trojan virus… it was my own fault, and I have only myself to blame. This virus wasn’t a true “virus” per-se… it just exploited alot of dirty tricks in an attempt to preserve its existance. One of the first things that many trojans do is to disable use of the Task Manager, so that you cannot terminate it.
Task Manager is usually disabled using a Group Policy, so if you’re a home user and cannot run Task Manager by any means, then you may be the victim of a trojan virus. Companies may implement a domain policy that prevents execution of the Task Manager (else you could discover all of the Big Brother software they’re using on you), so check with your IT department if you experience this on a work computer. One way to test this is to login to your local machine account rather than the domain and see how much access is restricted.
If Task Manager is disabled, then you will not be able to access it by any means. It will be “greyed out” on your taskbar, the option to run Task Manager will disappear when you press “Ctrl+Alt+Del“, and will refuse to run by typing “taskman” in a Run dialog box.
Even after I was able to remove my trojan virus, the policy was still in place that turned off access to Task Manager. Regardless of what caused it, here’s how to re-enable access to your Task Manager.
As with many Windows settings, this little “feature” is buried in your Registry, so we need our favorite editor, regedit:
Browse down to this branch:
On the right is a REG_DWORD value called DisableTaskMgr. It will either have a 1 or 0, which disables or enables access to task manager, respectively.
Double-click on the DisableTaskMgr word and change the value to 0. You shouldn’t have to reboot, as the effect should happen immediately. If TM is still disabled, then you either have a Group or Domain Policy overriding it, or a virus set it back.
Eliminating a virus is a topic for several other articles, but you’ll probably need to go into Safe Mode before running a virus scan or enabling Task Manager. You’ll need to completely clean out the effected files before booting into normal mode again.