Pages

Sunday, 30 December 2012

Registry Editing Has Been Disabled By Your Administrator Step by Step Methods for Fixing Registry Editor


Many times when working on a computer that has been infected with a virus, trojan, or piece of spyware I find myself with my most important command, Regedit, the Windows Registry Editor being disabled. Virus creators like to disable the Registry Editor so it makes solving the problem and removing the issue difficult.

Sometimes administrators in IT departments may place restrictions on using the regedit command to keep employees from changes things on company computers, but viruses and other issues may also try to disable it.

Listed below you will find the different ways to enable regedit, the Registry Editor.


First we'll begin with the method that appears to work the best.

Method 1 - Enabling the Registry with VBScriptDoug Knox, a Microsoft Most Valuable Professional, has created a VBScript that enables or disables the Registry Editor based on the following location in the registry. Of course, since the registry editor is disabled, you can't change it manually, so Doug wrote a Visual Basic Script to accomplish the task.

HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\System\

Visit Doug's page and download Registry Tools VBScript to your desktop, double-click on it to run it, then reboot your computer and try to open the Registry Editor.

If this fix didn't solve your problem, try method two shown below.
Method 2:  Use Symantec's tool to reset shell\open\command registry keys
Sometimes worms and trojans will make changes to the shell\open\command registry entries as part of their infections. This will cause the virus to run each time you try to run an .exe file such as the Registry Editor. In these cases, visit Symantec's website and download the UnHookExec.inf file to your desktop. Right-click on it and choose Install. Restart your computer and then try to open the Registry Editor.
Method 3: Rename Regedit.com to Regedit.exe
Some viruses and other malware will load a regedit.com file that is many times a zero byte dummy file. Because .com files have preference over .exe files when executed if you type REGEDIT in the run line, it will run the regedit.com instead of the real regedit.exe file.

Delete the regedit.com file if its a zero byte file to restore access to REGEDIT. In some cases, such as the W32.Navidad worm, you'll need to rename the REGEDIT file to get it to work.

Method 4: Windows XP Professional and Group Policy Editor
If you have Windows XP Professional and access to an administrative user account, you could change the registry editor options in the Group Policy Editor.
1. Click Start, Run
2. Type GPEDIT.MSC and Press Enter
3. Go to the following location
o User Configuration
o Administrative Templates
o System
4. In the Settings Window, find the option for "Prevent Access to Registry Editing Tools" and double-click on it to change.
5. Select Disabled or Not Configured and choose OK
6. Close the Group Policy Editor and restart your computer
7. Try opening REGEDIT again
Although there are a few other ways, the above ways I have used with great success in re-enabling the REGEDIT command. If you are interested in more ways to reactive the REGEDIT command

1 comments:

  1. students visit http://www.kidsfront.com/academics/class.html and know how to prepare for exams

    ReplyDelete