How to enable regedit when infected by virus

Recover your regedit.exe
Onceyour regedit is disabled, it could be infected by virus and it stops you for accessing it. Also If your folder option is gone, this may also infected by virus one of those viruses is brontok which stops you to accessing system exe files such as... - 4 years ago
How to enable regedit when infected by virus
When your registry is being disabled: First, maybe the administrator disabled it for some restriction purposes Second, due to virus. Most of the virus disabled the regedit for you to unable to stop the execution of its... - 4 years ago
Photoshop Basics
Here's a simple tutorials but works fine. Have Fun... In the dialog box, set the following... width = 200, height = 50, resolution leave it as default click on the mark, in the lower left before the... - 4 years ago

How to enable registry whe infected by virus

When your registry is being disabled:

First, maybe the administrator disabled it for some restriction purposes

Second, due to virus. Most of the virus disabled the regedit for you to unable to stop the execution of its program.

Here are the solutions for enabling the regedit again.

Use the gpedit.msc to enable the registry editor.

Step 1: Hit the window or click start button then press "r" or simply click the run

Step 2: type gpedit.msc

Step 3: Click on Administrative Templates

Step 4: Click the System and locate the Prevent access to registry editing tools and double click on it

Step 5: Select the enabled on the optionbutton the click apply.

This will make a policy to prevent access to the registry editing tools, The computer will automatically made the policy.

Step 6: After clicking on apply select the disabled in the option button then click the apply again then click ok button when finished.

The disabled button will make the policy into default, the computer will automatically configured it and becomes a default comfig which is the registry editor can be access by the user.

And Thats it... Try run the regedit.exe... Have Fun!!!!

Others are also reading...

How to remove antz.vbs

XP start up boot faster

How to remove FUNNY_UST_SCANDAL virus

"Why is my computer running so slowly?"

Computer Antivirus Software

Comments

Go to last comment

rhye 4 years ago

bro your tips are really great!!! i was almost in a state of panic when my regedit was disabled by s3update.dll.vbs... thanks for your site... its great!@!!! continue the sharing of blessings... Merry Christmas

Omar Matos 4 years ago

That's OK, but what if gpedit.msc is not in the system, or it's erased. And if you copied it from another computer and run it, it says : Snap-in-failed to initialize. Name: <unknown> CLSD:{8FC9B734-A0E1-11D1-A7D3-0000F87571E3}

salah 4 years ago

im so sorry but still having the same issue.

solution did not work...

any thing else ???

bharatnegi 4 years ago

i'm still having problem with regedit. i enabled it using "gpedit.msc" but it still says "registry editing has been disabled by ur administrator".

kula 4 years ago

well.. i try ur steps, seems like almost figure it but then it be block again.. i guess we have to terminate the program before doing ur step first right? did logging off can terminate the program from running or they will autorun when u log on too?

sepiroth 4 years ago

If this does not work maybe the virus infected piercely your computer, try to download the UNHOOK.inf from www.symantec.com

Try this if this works...

Thanks.. Hope this will help...

ren 4 years ago

thx this help a lot

rexy 4 years ago

thanks bro, your the best..=)

but I have another problem..how can i enable task manager, it seems that it has been infected also by an unknown virus.

varun 4 years ago

gr8 job buddy!!!!!!!!!

this option helped me a lot

thank u very much you are the best

shotgunbanjo 4 years ago

good job bro, but this thing wont work also!!!!

CLIPER 4 years ago

this might not work since policy and registry are very close to each other. Most of the time, if you can't access your registry, you can access the policy adm.

balraj 3 years ago

thanks

ej 3 years ago

Thanks! It helps me a lot....(",)

killpurt 3 years ago

I am having the same problem but I am stuck at Step 4. I am running on Vista by the way but I cannot seem to find the option Prevent access to registry editing tools under System. Please help. Thank you very much.

sam 3 years ago

thanks for this site!!! I did tried your instructions but just upto #4 I connot find "Prevent access to registry editing tools" word or any same word.

maybe you can help me mor.... thanks a lot

cikgutan 3 years ago

i try but i didnt found Prevent access to registry editing tools

can any one help me

ronald 3 years ago

thank you!!!

Katik 3 years ago

Excellent...............Work!!!!!!!!!

this works............

sepiroth 3 years ago

Pls be remind that gpedit.msc is only exist in Microsoft XP sp 2 edition...

Daryll 3 years ago

Thanks for the tips. now i can use it if there have a problem from my computer.

chodirin 3 years ago

just correct, to enable registry editor we should choose disable option, not enable.

sepiroth 3 years ago

ahmm.. just disabled it, and enabled it again. same thing as turn it off, then turn it on again.

James 3 years ago

works every time start,run,(paste this)

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

nelly002 3 years ago

man,, ahmmm how can i delete win32: jeefo?i tried almost everything. everything you suggested and also anyone else's suggestions but nothing worked,,, i tried to enable regedit but i wasnt able to,,, please help me.

JAMES 3 years ago

thanks for the great job,,,,,,,

JAMES 3 years ago

thanks for the great job,,,,,,,

Cat 3 years ago

This is fantasitc! Not only has it helped me unlock the registry after a virus, it's opened my eyes to a whole host of things that I can use to control or fix on our computers!

I have been searching for days on how to sort out a virus on this computer. Anti-virus and registry clearning products just didn't do their job and I couldn't manually fix because of the disabled registry.

I'm so glad you were out there to help!

FroZeN!! 3 years ago

u r the man!!

JEE 3 years ago

tHANKS A LOt ..

^_^

how did you know??? or discover it???

any sites or books???

raper777 3 years ago

bro thx very much for your tips, its really amazing for me, now my registry is accesible again, and its coz of your tips. thakns for sharing. God bless you.

ian 3 years ago

i have tried it and it work.. thanks a lot

lyndon 3 years ago

thanks a lot bro for the help. i can now use the regedit of my PC and return the folder options which is disabled by the virus.

once again thanks a lot.

Joe 3 years ago

Copy the below code to notepad and save as .inf

then dubble click on this file.

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0

Bucro 3 years ago

Excellent work and tutorial for those in need. Keep up the good work

Emma 3 years ago

Bro,

even the gpedit.msc are disable by the virus, and i found a regedit file in my windows folder and i cant delete. i alrady used kaspersky antivirus and it was updated... please healp...

thanks bro.

Edi 3 years ago

Hai.... for this

Copy the below code to notepad and save as .inf

then dubble click on this file.

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,

please help me.....

couse i cant install antivirus,,,,

my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...

Thx Be4

Edi 3 years ago

Hai.... for this

Copy the below code to notepad and save as .inf

then dubble click on this file.

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,

please help me.....

couse i cant install antivirus,,,,

my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...

Thx Be4

chloefaith 3 years ago

Nice hub. Thank you for the information about regedit. I do use that sometimes. Please visit my hubs when you have a chance.

aby 3 years ago

its not working

james 3 years ago

tghetye

ashish sethiya 3 years ago

thanks for this site!!! I did tried your instructions but just upto #4 I connot find "Prevent access to registry editing tools" word or any same word.

maybe you can help me more.... thanks a lot

azath 3 years ago

thanks Its working perfectly

nixon 3 years ago

thanks man it really took away the head ache i had

Popov 3 years ago

JAmes nice job.... grt help frm u ;)

bin 3 years ago

it's great, thank you very much :))

KuDe_RyL 3 years ago

Tnx for the tip!... It's true...:-)

Rakesh.R 3 years ago

Thanks a lot .Perfect hai yaar.

Kakarot 3 years ago

Thanks for the tips Sepiroth! I managed to enable my regedit and also my task manager in no time. I suspected that the WGA Notification is the one responsible for disabling these tools from my computer. But till this moment I'm having a hard time eliminating this program. If you have any suggestion on how to manually delete this program from my computer, please do post it here. It will be very much appreciated. Thank you!

sepiroth 3 years ago

Try to delete it on msconfig, after that search it using cmd prompt, probably on drive c:\windows\system32...

After that run regedit, search it on HKLM\Software\Microsoft\windows\currentversion\run

just keep posted...

Hope this will help... ;-)

thx alot 2 years ago

when i first do this it help me but after i close regedit its block again, then this step didnt work now!

now thx to james^^

lanceyucu 2 years ago

excellent 2 thumps up its great guys....more power

sepiroth 2 years ago

if that happens, the virus is blocking your access to regedit, try these steps:

- update your anti virus- download process explorer (this will help you see all the process that runs on your pc, same thing on task manager)- kill the the task which is anonymous to you, or malicous taks activated by virus- run full scan on your systempls keep posted if it's not working... Thanks... :-)

jonathanJavellana 2 years ago

thank you very much bro..hope you will discover more tricks and share it on us.,.god bless you always and more power

marian jean 2 years ago

i cant five in the sysytem the Prevent access to registry editing tools... pls help

marian jean 2 years ago

i cant find in the system the Prevent access to registry editing tools... pls help

sam 2 years ago

nice tutorials, you're a saver

allan 2 years ago

have the same prob. i followed the tips but got installation failed installing the unhook.inf.

what shall i do? please help. thanks in advance

sipaetok 2 years ago

i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy

sipaetok 2 years ago

i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy

Needs help 2 years ago

this work for a while but later it gets disabled again =(

eoj 2 years ago

bro, di ko ma-run ung "unhook.inf", ano virus tumama pc kc lahat ng antivirus n try ko run ung exe file kino-close ng system kya ayaw magrun ng program..ano dapat ko gawin sa pc?thns

rafique 2 years ago

Thanks My Dear Friend Its Really Works !!!!!!!!!

rafique 2 years ago

Thanks My Dear Friend Its Really Works !!!!!!!!!

Unnikrishnan 2 years ago

you can make a programe on vb using the code and excute to enable it mail me if want it unni.0p@gmail.com

freemanjosephyap 2 years ago

i try to paste and run

but is failed..

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

hassan 2 years ago

didnt work ... i dnt have dt prevent registry option ... wt shud i do ?? ='(

BHATTI 2 years ago

Copy the below code to notepad and save as .inf

then dubble click on this file.

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

Bucro says:

8 months ago

Excellent work and tutorial for those in need. Keep up the good work

Emma says:

7 months ago

Bro,

even the gpedit.msc are disable by the virus, and i found a regedit file in my windows folder and i cant delete. i alrady used kaspersky antivirus and it was updated... please healp...

thanks bro.

Edi says:

6 months ago

Hai.... for this

Copy the below code to notepad and save as .inf

then dubble click on this file.

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,

please help me.....

couse i cant install antivirus,,,,

my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...

Thx Be4

Edi says:

6 months ago

Hai.... for this

Copy the below code to notepad and save as .inf

then dubble click on this file.

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,

please help me.....

couse i cant install antivirus,,,,

my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...

Thx Be4

chloefaith says:

6 months ago

Nice hub. Thank you for the information about regedit. I do use that sometimes. Please visit my hubs when you have a chance.

aby says:

6 months ago

its not working

james says:

6 months ago

tghetye

ashish sethiya says:

6 months ago

thanks for this site!!! I did tried your instructions but just upto #4 I connot find "Prevent access to registry editing tools" word or any same word.

maybe you can help me more.... thanks a lot

azath says:

6 months ago

thanks Its working perfectly

nixon says:

5 months ago

thanks man it really took away the head ache i had

Popov says:

5 months ago

JAmes nice job.... grt help frm u ;)

bin says:

4 months ago

it's great, thank you very much :))

KuDe_RyL says:

4 months ago

Tnx for the tip!... It's true...:-)

Rakesh.R says:

4 months ago

Thanks a lot .Perfect hai yaar.

Kakarot says:

4 months ago

sepiroth says:

4 months ago

Try to delete it on msconfig, after that search it using cmd prompt, probably on drive c:\windows\system32...

After that run regedit, search it on HKLM\Software\Microsoft\windows\currentversion\run

just keep posted...

Hope this will help... ;-)

thx alot says:

3 months ago

when i first do this it help me but after i close regedit its block again, then this step didnt work now!

now thx to james^^

lanceyucu says:

3 months ago

excellent 2 thumps up its great guys....more power

sepiroth says:

3 months ago

if that happens, the virus is blocking your access to regedit, try these steps:

jonathanJavellana says:

3 months ago

thank you very much bro..hope you will discover more tricks and share it on us.,.god bless you always and more power

marian jean says:

3 months ago

i cant five in the sysytem the Prevent access to registry editing tools... pls help

marian jean says:

3 months ago

i cant find in the system the Prevent access to registry editing tools... pls help

sam says:

2 months ago

nice tutorials, you're a saver

allan says:

2 months ago

have the same prob. i followed the tips but got installation failed installing the unhook.inf.

what shall i do? please help. thanks in advance

sipaetok says:

2 months ago

i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy

sipaetok says:

2 months ago

i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy

Needs help says:

5 weeks ago

this work for a while but later it gets disabled again =(

eoj says:

3 weeks ago

bro, di ko ma-run ung "unhook.inf", ano virus tumama pc kc lahat ng antivirus n try ko run ung exe file kino-close ng system kya ayaw magrun ng program..ano dapat ko gawin sa pc?thns

rafique says:

3 weeks ago

Thanks My Dear Friend Its Really Works !!!!!!!!!

rafique says:

3 weeks ago

Thanks My Dear Friend Its Really Works !!!!!!!!!

Unnikrishnan says:

2 weeks ago

you can make a programe on vb using the code and excute to enable it mail me if want it unni.0p@gmail.com

freemanjosephyap says:

2 weeks ago

i try to paste and run

but is failed..

[Version]Signature="$Chicago$"Provider=Symantec

[DefaultInstall]AddReg=UnhookRegKey

hassan says:

2 weeks ago

didnt work ... i dnt have dt prevent registry option ... wt shud i do ?? ='(

yousaf 2 years ago

iwant to make secret my pc by registry and html or other cooding but i dont understand about this tell me abot security tips of computer

dhatuk 2 years ago

bravo....!!! thanks for the information..!!

Jobin 2 years ago

It Helped me.... Great... Thanks a lot buddy

Sangharsh 2 years ago

The Enalbe/Disable - Regedit / Windows Update

Start -> Run -> gpedit.msc -> User Configuration -> Administrative Templates -> System -> Prevent access to registry editing tools -> Right Click Properties -> Disabled

If this is not working try downloading - UnHookExec.inf from Symantec Website, and install the file.

http://www.symantec.com/security_response/writeup.

Thank you...!

kriz 2 years ago

my administrative templates is blank. what should i do?

Web Hosting 2 years ago

I am use the tips and apply..

Thanks for sheering now

Regards,

Yunas

Qudsia 2 years ago

this link worked for me...please check

http://catchitnews.blogspot.com/2009/10/how-to-ena

nirmal 2 years ago

its great. i got it. Only this method is working for me.

phantomloser 2 years ago

Thank You...

Ankur Srivastava 2 years ago

That's very nice of you. Appreciable tips

Thanks dude.

Welhim 2 years ago

Thanks to you im using windows 7 ultimate and it works 100% fine

Edgar 2 years ago

This works. thanks very much. How do I start up my own similar facility to help others?

Disable "http://www.msn.com" "http://www.microsoft.com/"http://www.bing.com/-http://bing.com" 2 years ago

vaaali 13 months ago

yes sorry I do not understand step 5 and 6 can explain it to me in more detail:)

mahesh 7 weeks ago

Thnks a lot

ravi 7 weeks ago

sorry dude....it did not work.

i m still not able to access regedit.

100 2 weeks ago

thnk yuo soooo much its working

Like this Hub?