5 Ways to Re-enable Registry Editor When Disabled By Virus

We have already discussed how to re-enable task manager and other problems that can be solved by using the Windows Registry Editor. Now, users may experience a serious dilemma if the Registry Editor itself is disabled. This can be due to a Trojan, virus, spyware or a Malware infection to your system. Whenever this occurs, an attempt to start the editor results in the appearance of a  message declaring that “Registry editing has been disabled by the Administrator”.

This creates a setback to the solutions of various other problems using the Registry Editor. However, how much complicated this problem may seem, it’s certainly not incurable. In fact, we, in this article will discuss how simple it is to re-enable your Registry Editor. The fixes that we show here, work in Windows XP, Windows Vista and also in Windows 7.

Fix 1 : From the Run command


Click on the “Start” button and then select “Run”, or simply press “Windows Key+R”. The Run application starts and in the box copy and paste the following line :

REG add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem
 /v DisableRegistryTools /t REG_DWORD /d 0 /f

Click OK and then reboot your computer. On restart, the Windows Registry Editor is re-enabled.

Fix 2 : By removing the regedit.com file


Another simple solution to re-enable your Registry Editor is to rename the “regedit.com” to “regedit.exe”. Sometimes, some viruses or malware loads a “regedit.com” file in the system. This “.com” file is usually a zero byte dummy file which either replaces the actual “regedit.exe” file or is added as a new file.  Now, when you type “regedit” in the “Run” box, this “.com” file is executed rather than the actual “.exe” file, since “.com” files get a greater preference than “.exe” files in the process of execution of a program.

  1. Open the drive where the Windows operating system is installed.
  2. Then open the folder named “WINDOWS” in that drive.
  3. Notice if the file “regedit” is a “.com” zero byte dummy file or not.
  4. If it is so, then delete it permanently.

In case of invasion of a worm named “W32.Navidad”, the “regedit.exe” gets renamed to“regedit.com”. In such a case you just have to rename the “.com” file by “regedit.exe”. You will now be able to access the Registry Editor normally.

Fix 3 : By editing the Group Policy


At first go to Start > Run or simply press “Windows key+R”. Type “gpedit.msc” in the Run box and click OK.

The Group Policy Editor opens up. Navigate to User Configuration > Administrative Templates>System. Now, on the right hand part of the Group Policy Editor, in the “Setting”column, double click on “Prevent Acess to Registry Editing Tools”.

 

The Properties box appears and here, change the property to “Not Configured”. If it is already so, select “Enable” and apply it. Then repeat the Fix 3 process to change the setting to “Not Configured”. This removes the Disable Registry Tools value successfully. Click on Apply, then OK and exit the Group Policy Editor.

 

Reboot your system. On resuming from the restart, the Registry Editor is enabled once again.

Fix 4 : By VB script


A different way to solve this problem is by using a Visual Basic script. Depending upon its position in the registry, the script enables or disables the Registry Editor. Doug Knox, a Microsoft Professional, created such a VB script “reg_enable.vbs”Download this VB Script. Save this on the Desktop in your system. Make sure to save this file with the extension “.vbs”.

Now follow the steps below :

  1. Double click on the downloaded file to run it.
  2. If you are prompted for an Administrative Password, enter it and press ENTER.
  3. After this is done, restart your computer.

Your Registry Editor is re-enabled on completing reboot.

Instead of double clicking on the file, you may also open a Command Prompt window by clicking Start > All Programs > Accessories > Command Prompt.

  1. Now, type cd /d %userprofile%desktop . [Replace %userprofile% by the Windows profile name of the user].
  2. Then type wscript.exe  reg_enable.vbs and press ENTER.
  3. Type EXIT and press ENTER to close the Command Prompt window.

The Disable Registry Tools policy gets removed and your can access Registry Editor normally.

Fix 5 : By installing the UnHookExec.inf


Sometimes invasions by trojans, worms etc. edits the shell > open > command registry entries. Each execution process of an “.exe” file, executes the virus. In such a case,

  1. Visit the Symantec website and download the “UnHookExec.inf” file.
  2. Save this file on your desktop making sure that the file extension is “.inf”.
  3. Right click on this file and choose to install.
  4. With the process completed, restart your system.

Resuming Windows after reboot, restores the command registry entries and the Registry Editor is re-enabled.

Any of the above 5 fixes can be used to re-enable the Registry Editor. These fixes work in all versions of Windows.



Hope You Will Like This Post. Please Don’t Forget To Like, Share, Comment and Subscribe This.



 

You may also like...

Leave a Reply

%d bloggers like this: