Registry Editing Has Been Disabled By Your Administrator
Registry Easy Tool >> Registry Editing Has Been Disabled By Your Administrator
Introduction
If you are working on a computer infected with a virus, trojan or a spyware, you will find the Windows Registry Editor (regedt.exe in Microsoft Windows 2000 or regedit.exe in Windows XP) being disabled.
This seems to be a priority for virus creators, to make the problem more difficult to solve.
On the other hand the IT Departments Administrators may put
restrictions on using the Registry Editor to keep the employees from
make changes on company computers, but keep in mind, viruses and other
malicious scripts may also try to disable the access to register
editing.
Multiple Types Of Regedit Restrictions
There are several cases when you can't run regedit or regedt32.exe:
- You don't have Administrative Privileges as guest or limited account user.
- The registry editor has been disabled by administrative group policy or by a malicious script.
- Corrupt SHELL\OPEN\COMMAND registry keys as a result from any of above.
Causes of Regedit disabled
By default in Windows, Administrators have full control to open, read, modify or delete in regedit. These privileges can be disabled in several ways:
- Intentionally by the System Administrator to restrict the guest users from messing the registry values.
- Inadvertently by infected browser objects as ActiveX or malicious scripts.
Methods to Fix Disabled Regedit
Note: If you are not the Administrator of your computer and don't have the permission to edit the registers then you should let it as it is. The following methods are only for those who have the permission to do so.
Before we start, remember to remove all viruses, trojans and browser malicious objects using an antivirus and a spyware removal tool.
In the following sentences I will describe you different methods to enable regedit, the Registry Editor.
We'll begin with the method that can possibly work the best.
First method-Enabling the Registry Editor with VBScript:
One of the Microsoft's Most Valuable Professional, Doug Knox, has created a VBScript that enables or disables the Registry Editor based on the following location in the registry.
Of course, since the registry editor is disabled, it will be impossible to change it manually, so Doug wrote a Visual Basic Script to accomplish the task.
Visit Doug's Knox page and download Registry Tools VBScript to your desktop , double-click it to run it, then restart your computer and try to open the Registry Editor.
If this advice didn't solve the problem, try method two shown below:
Second Method-Use Symantec's tool to reset shell\open\command registry keys:
Sometimes worms and trojans will make changes to the shell\open\command
registry entries as part of their malicious job.
This will
empower the virus to run each time you try to run an .exe file such as
the Registry Editor.
In these cases, visit Symantec's website and download the UnHookExec.inf file to your desktop. Right-click on it and Install. Reboot your computer and then try to open the Registry Editor.
In these cases, visit Symantec's website and download the UnHookExec.inf file to your desktop. Right-click on it and Install. Reboot your computer and then try to open the Registry Editor.
Third Method-Rename Regedit.com to Regedit.exe
Some viruses and other malware software will load a false "regedit.com"
file, a zero byte dummy file.
Because ".com" files have preference over ".exe" files when executed if you type REGEDIT in the Run, it will run the "regedit.com"-the false file, instead of the real "regedit.exe" file.
In this case to restore access to REGEDIT, delete the "regedit.com" file.
In some particular situations, such as the W32.Navidad worm, you'll need to rename the REGEDIT file to get it to work.
Because ".com" files have preference over ".exe" files when executed if you type REGEDIT in the Run, it will run the "regedit.com"-the false file, instead of the real "regedit.exe" file.
In this case to restore access to REGEDIT, delete the "regedit.com" file.
In some particular situations, such as the W32.Navidad worm, you'll need to rename the REGEDIT file to get it to work.
Fourth Method-Windows XP Professional and Group Policy Editor
If your OS is Windows XP Professional and you have access to an administrative user account, you could change the registry editor options in the Group Policy Editor.
1. Click Start, Run
2. Type GPEDIT.MSC and hit Enter
3. Go to the following location:
* User Configuration
* Administrative Templates
* System
4. In the Settings Window, search and find the option "Prevent Access to Registry Editing Tools" and double-click it to change.
5. Select Disabled or Not Configured and choose OK
6. Close the Group Policy Editor and restart your computer
7. Try opening REGEDIT again
Fresh Articles:
* Active X - Positive and Negative Aspects
_______________________
_______________________* How to Choose a Windows Registry Cleaner Tool
_______________________* What Is The Iexplore.Exe Virus And How Can I Protect My System From It?
Recommends:
