Many times when working on a computer that has been infected with a virus, trojan, or piece of spyware I find myself with my most important command, Regedit, the Windows Registry Editor being disabled. Virus creators like to disable the Registry Editor so it makes solving the problem and removing the issue difficult.
Sometimes administrators in IT departments may place restrictions on using the regedit command to keep employees from changes things on company computers, but viruses and other issues may also try to disable it.
Listed below you will find the different ways to enable regedit, the Registry Editor.
First we'll begin with the method that appears to work the best.
Method 1 - Enabling the Registry with VBScript
Doug Knox, a Microsoft Most Valuable Professional, has created a VBScript that enables or disables the Registry Editor based on the following location in the registry. Of course, since the registry editor is disabled, you can't change it manually, so Doug wrote a Visual Basic Script to accomplish the task.
HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\System\
Visit Doug's page and download Registry Tools VBScript to your desktop, double-click on it to run it, then reboot your computer and try to open the Registry Editor.
If this fix didn't solve your problem, try method two shown below.
Sometimes worms and trojans will make changes to the shell\open\command registry entries as part of their infections. This will cause the virus to run each time you try to run an .exe file such as the Registry Editor. In these cases, visit Symantec's website and download the UnHookExec.inf file to your desktop. Right-click on it and choose Install. Restart your computer and then try to open the Registry Editor.
Method 3: Rename Regedit.com to Regedit.exe
Delete the regedit.com file if its a zero byte file to restore access to REGEDIT. In some cases, such as the W32.Navidad worm, you'll need to rename the REGEDIT file to get it to work.
Method 4: Windows XP Professional and Group Policy Editor
If you have Windows XP Professional and access to an administrative user account, you could change the registry editor options in the Group Policy Editor.
Sometimes administrators in IT departments may place restrictions on using the regedit command to keep employees from changes things on company computers, but viruses and other issues may also try to disable it.
Listed below you will find the different ways to enable regedit, the Registry Editor.
Method 1 - Enabling the Registry with VBScript
Doug Knox, a Microsoft Most Valuable Professional, has created a VBScript that enables or disables the Registry Editor based on the following location in the registry. Of course, since the registry editor is disabled, you can't change it manually, so Doug wrote a Visual Basic Script to accomplish the task.
HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\System\
Visit Doug's page and download Registry Tools VBScript to your desktop, double-click on it to run it, then reboot your computer and try to open the Registry Editor.
If this fix didn't solve your problem, try method two shown below.
Sometimes worms and trojans will make changes to the shell\open\command registry entries as part of their infections. This will cause the virus to run each time you try to run an .exe file such as the Registry Editor. In these cases, visit Symantec's website and download the UnHookExec.inf file to your desktop. Right-click on it and choose Install. Restart your computer and then try to open the Registry Editor.
Method 3: Rename Regedit.com to Regedit.exe
Delete the regedit.com file if its a zero byte file to restore access to REGEDIT. In some cases, such as the W32.Navidad worm, you'll need to rename the REGEDIT file to get it to work.
Method 4: Windows XP Professional and Group Policy Editor
If you have Windows XP Professional and access to an administrative user account, you could change the registry editor options in the Group Policy Editor.
- Click Start, Run
- Type GPEDIT.MSC and Press Enter
- Go to the following location
- User Configuration
- Administrative Templates
- System
- In the Settings Window, find the option for "Prevent Access to Registry Editing Tools" and double-click on it to change.
- Select Disabled or Not Configured and choose OK
- Close the Group Policy Editor and restart your computer
- Try opening REGEDIT again
0 comments:
Post a Comment