How to enable regedit when infected by virus
69
- How to enable regedit when infected by virus
When your registry is being disabled: First, maybe the administrator disabled it for some restriction purposes Second, due to virus. Most of the virus disabled the regedit for you to ... - 2 years ago
- Recover your regedit.exe
Onceyour regedit is disabled, it could be infected by virus and it stops you for accessing it. Also If your folder option is gone, this may also infected by virus one of those viruses is brontok which stops... - 2 years ago
- How to remove winzip123 or bar311
How to remove winzip123 or bar311 - 2 years ago
How to enable registry whe infected by virus
When your registry is being disabled:
First, maybe the administrator disabled it for some restriction purposes
Second, due to virus. Most of the virus disabled the regedit for you to unable to stop the execution of its program.
Here are the solutions for enabling the regedit again.
- Use the gpedit.msc to enable the registry editor.
Step 1: Hit the window or click start button then press "r" or simply click the run
Step 2: type gpedit.msc
Step 3: Click on Administrative Templates
Step 4: Click the System and locate the Prevent access to registry editing tools and double click on it
Step 5: Select the enabled on the optionbutton the click apply.
This will make a policy to prevent access to the registry editing tools, The computer will automatically made the policy.
Step 6: After clicking on apply select the disabled in the option button then click the apply again then click ok button when finished.
The disabled button will make the policy into default, the computer will automatically configured it and becomes a default comfig which is the registry editor can be access by the user.
And Thats it... Try run the regedit.exe... Have Fun!!!!
|
Kaspersky Anti-Virus 2010 3-User
Price: $20.00
List Price: $59.95 |
![Kaspersky Anti-Virus 2009 [OLD VERSION]](http://ecx.images-amazon.com/images/I/31U2rw427JL._SL75_.jpg)
|
Kaspersky Anti-Virus 2009 [OLD VERSION]
Price: $12.50
List Price: $59.95 |
|
McAfee AntiVirus Plus 1User 2010
Price: $12.97
List Price: $39.99 |
|
McAfee Total Protection 3User 2010
Price: $19.99
List Price: $79.99 |
|
HOOTS: SELECT GUARD REGISTRY CLEANER VISTA SEALED NEW
Current Bid: $2.98
|
|
REGISTRY CLEANER Fix Software Last Version 2009 New
Current Bid: $2.99
|
|
Registry Mechanic 9 Repair Cleaner 1 Yr 3 User License
Current Bid: $22.95
|
|
Registry Mechanic 9 Repair Cleaner 1 Yr 3 User License
Current Bid: $22.95
|
PrintShare it! — Rate it: up down flag this hub
Comments
That's OK, but what if gpedit.msc is not in the system, or it's erased. And if you copied it from another computer and run it, it says : Snap-in-failed to initialize. Name: <unknown> CLSD:{8FC9B734-A0E1-11D1-A7D3-0000F87571E3}
im so sorry but still having the same issue.
solution did not work...
any thing else ???
i'm still having problem with regedit. i enabled it using "gpedit.msc" but it still says "registry editing has been disabled by ur administrator".
well.. i try ur steps, seems like almost figure it but then it be block again.. i guess we have to terminate the program before doing ur step first right? did logging off can terminate the program from running or they will autorun when u log on too?
If this does not work maybe the virus infected piercely your computer, try to download the UNHOOK.inf from www.symantec.com
Try this if this works...
Thanks.. Hope this will help...
thx this help a lot
thanks bro, your the best..=)
but I have another problem..how can i enable task manager, it seems that it has been infected also by an unknown virus.
gr8 job buddy!!!!!!!!!
this option helped me a lot
thank u very much you are the best
good job bro, but this thing wont work also!!!!
this might not work since policy and registry are very close to each other. Most of the time, if you can't access your registry, you can access the policy adm.
thanks
Thanks! It helps me a lot....(",)
I am having the same problem but I am stuck at Step 4. I am running on Vista by the way but I cannot seem to find the option Prevent access to registry editing tools under System. Please help. Thank you very much.
thanks for this site!!! I did tried your instructions but just upto #4 I connot find "Prevent access to registry editing tools" word or any same word.
maybe you can help me mor.... thanks a lot
i try but i didnt found Prevent access to registry editing tools
can any one help me
thank you!!!
Excellent...............Work!!!!!!!!!
this works............
Pls be remind that gpedit.msc is only exist in Microsoft XP sp 2 edition...
Thanks for the tips. now i can use it if there have a problem from my computer.
just correct, to enable registry editor we should choose disable option, not enable.
ahmm.. just disabled it, and enabled it again. same thing as turn it off, then turn it on again.
works every time start,run,(paste this)
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /fman,, ahmmm how can i delete win32: jeefo?i tried almost everything. everything you suggested and also anyone else's suggestions but nothing worked,,, i tried to enable regedit but i wasnt able to,,, please help me.
thanks for the great job,,,,,,,
thanks for the great job,,,,,,,
This is fantasitc! Not only has it helped me unlock the registry after a virus, it's opened my eyes to a whole host of things that I can use to control or fix on our computers!
I have been searching for days on how to sort out a virus on this computer. Anti-virus and registry clearning products just didn't do their job and I couldn't manually fix because of the disabled registry.
I'm so glad you were out there to help!
u r the man!!
tHANKS A LOt ..
^_^
how did you know??? or discover it???
any sites or books???
bro thx very much for your tips, its really amazing for me, now my registry is accesible again, and its coz of your tips. thakns for sharing. God bless you.
i have tried it and it work.. thanks a lot
thanks a lot bro for the help. i can now use the regedit of my PC and return the folder options which is disabled by the virus.
once again thanks a lot.
Copy the below code to notepad and save as .inf
then dubble click on this file.
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
Excellent work and tutorial for those in need. Keep up the good work
Bro,
even the gpedit.msc are disable by the virus, and i found a regedit file in my windows folder and i cant delete. i alrady used kaspersky antivirus and it was updated... please healp...
thanks bro.
Hai.... for this
Copy the below code to notepad and save as .inf
then dubble click on this file.
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,
please help me.....
couse i cant install antivirus,,,,
my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...
Thx Be4
Hai.... for this
Copy the below code to notepad and save as .inf
then dubble click on this file.
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,
please help me.....
couse i cant install antivirus,,,,
my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...
Thx Be4
Nice hub. Thank you for the information about regedit. I do use that sometimes. Please visit my hubs when you have a chance.
its not working
tghetye
thanks for this site!!! I did tried your instructions but just upto #4 I connot find "Prevent access to registry editing tools" word or any same word.
maybe you can help me more.... thanks a lot
thanks Its working perfectly
thanks man it really took away the head ache i had
JAmes nice job.... grt help frm u ;)
it's great, thank you very much :))
Tnx for the tip!... It's true...:-)
Thanks a lot .Perfect hai yaar.
Thanks for the tips Sepiroth! I managed to enable my regedit and also my task manager in no time. I suspected that the WGA Notification is the one responsible for disabling these tools from my computer. But till this moment I'm having a hard time eliminating this program. If you have any suggestion on how to manually delete this program from my computer, please do post it here. It will be very much appreciated. Thank you!
Try to delete it on msconfig, after that search it using cmd prompt, probably on drive c:\windows\system32...
After that run regedit, search it on HKLM\Software\Microsoft\windows\currentversion\run
just keep posted...
Hope this will help... ;-)
when i first do this it help me but after i close regedit its block again, then this step didnt work now!
now thx to james^^
excellent 2 thumps up its great guys....more power
if that happens, the virus is blocking your access to regedit, try these steps:
- update your anti virus- download process explorer (this will help you see all the process that runs on your pc, same thing on task manager)- kill the the task which is anonymous to you, or malicous taks activated by virus- run full scan on your systempls keep posted if it's not working... Thanks... :-)
thank you very much bro..hope you will discover more tricks and share it on us.,.god bless you always and more power
i cant five in the sysytem the Prevent access to registry editing tools... pls help
i cant find in the system the Prevent access to registry editing tools... pls help
nice tutorials, you're a saver
have the same prob. i followed the tips but got installation failed installing the unhook.inf.
what shall i do? please help. thanks in advance
i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy
i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy
this work for a while but later it gets disabled again =(
bro, di ko ma-run ung "unhook.inf", ano virus tumama pc kc lahat ng antivirus n try ko run ung exe file kino-close ng system kya ayaw magrun ng program..ano dapat ko gawin sa pc?thns
Thanks My Dear Friend Its Really Works !!!!!!!!!
Thanks My Dear Friend Its Really Works !!!!!!!!!
you can make a programe on vb using the code and excute to enable it mail me if want it unni.0p@gmail.com
i try to paste and run
but is failed..
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
didnt work ... i dnt have dt prevent registry option ... wt shud i do ?? ='(
Copy the below code to notepad and save as .inf
then dubble click on this file.
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
Bucro says:
8 months ago
Excellent work and tutorial for those in need. Keep up the good work
Emma says:
7 months ago
Bro,
even the gpedit.msc are disable by the virus, and i found a regedit file in my windows folder and i cant delete. i alrady used kaspersky antivirus and it was updated... please healp...
thanks bro.
Edi says:
6 months ago
Hai.... for this
Copy the below code to notepad and save as .inf
then dubble click on this file.
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,
please help me.....
couse i cant install antivirus,,,,
my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...
Thx Be4
Edi says:
6 months ago
Hai.... for this
Copy the below code to notepad and save as .inf
then dubble click on this file.
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
i cant 'double click' or right click 'install' if i choose install its get me a form 'open with',,,
please help me.....
couse i cant install antivirus,,,,
my com is effected worm32.sality very long time.....i try to format,,,but still like that again,, HELP me...
Thx Be4
chloefaith says:
6 months ago
Nice hub. Thank you for the information about regedit. I do use that sometimes. Please visit my hubs when you have a chance.
aby says:
6 months ago
its not working
james says:
6 months ago
tghetye
ashish sethiya says:
6 months ago
thanks for this site!!! I did tried your instructions but just upto #4 I connot find "Prevent access to registry editing tools" word or any same word.
maybe you can help me more.... thanks a lot
azath says:
6 months ago
thanks Its working perfectly
nixon says:
5 months ago
thanks man it really took away the head ache i had
Popov says:
5 months ago
JAmes nice job.... grt help frm u ;)
bin says:
4 months ago
it's great, thank you very much :))
KuDe_RyL says:
4 months ago
Tnx for the tip!... It's true...:-)
Rakesh.R says:
4 months ago
Thanks a lot .Perfect hai yaar.
Kakarot says:
4 months ago
Thanks for the tips Sepiroth! I managed to enable my regedit and also my task manager in no time. I suspected that the WGA Notification is the one responsible for disabling these tools from my computer. But till this moment I'm having a hard time eliminating this program. If you have any suggestion on how to manually delete this program from my computer, please do post it here. It will be very much appreciated. Thank you!
sepiroth says:
4 months ago
Try to delete it on msconfig, after that search it using cmd prompt, probably on drive c:\windows\system32...
After that run regedit, search it on HKLM\Software\Microsoft\windows\currentversion\run
just keep posted...
Hope this will help... ;-)
thx alot says:
3 months ago
when i first do this it help me but after i close regedit its block again, then this step didnt work now!
now thx to james^^
lanceyucu says:
3 months ago
excellent 2 thumps up its great guys....more power
sepiroth says:
3 months ago
if that happens, the virus is blocking your access to regedit, try these steps:
- update your anti virus- download process explorer (this will help you see all the process that runs on your pc, same thing on task manager)- kill the the task which is anonymous to you, or malicous taks activated by virus- run full scan on your systempls keep posted if it's not working... Thanks... :-)
jonathanJavellana says:
3 months ago
thank you very much bro..hope you will discover more tricks and share it on us.,.god bless you always and more power
marian jean says:
3 months ago
i cant five in the sysytem the Prevent access to registry editing tools... pls help
marian jean says:
3 months ago
i cant find in the system the Prevent access to registry editing tools... pls help
sam says:
2 months ago
nice tutorials, you're a saver
allan says:
2 months ago
have the same prob. i followed the tips but got installation failed installing the unhook.inf.
what shall i do? please help. thanks in advance
sipaetok says:
2 months ago
i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy
sipaetok says:
2 months ago
i love you haha, this is it. You are the best my broooo.. it"s work. i am happyyyyyyyyyyyyyy
Needs help says:
5 weeks ago
this work for a while but later it gets disabled again =(
eoj says:
3 weeks ago
bro, di ko ma-run ung "unhook.inf", ano virus tumama pc kc lahat ng antivirus n try ko run ung exe file kino-close ng system kya ayaw magrun ng program..ano dapat ko gawin sa pc?thns
rafique says:
3 weeks ago
Thanks My Dear Friend Its Really Works !!!!!!!!!
rafique says:
3 weeks ago
Thanks My Dear Friend Its Really Works !!!!!!!!!
Unnikrishnan says:
2 weeks ago
you can make a programe on vb using the code and excute to enable it mail me if want it unni.0p@gmail.com
freemanjosephyap says:
2 weeks ago
i try to paste and run
but is failed..
[Version]Signature="$Chicago$"Provider=Symantec
[DefaultInstall]AddReg=UnhookRegKey
[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
hassan says:
2 weeks ago
didnt work ... i dnt have dt prevent registry option ... wt shud i do ?? ='(
iwant to make secret my pc by registry and html or other cooding but i dont understand about this tell me abot security tips of computer
bravo....!!! thanks for the information..!!
It Helped me.... Great... Thanks a lot buddy
rhye says:
2 years ago
bro your tips are really great!!! i was almost in a state of panic when my regedit was disabled by s3update.dll.vbs... thanks for your site... its great!@!!! continue the sharing of blessings... Merry Christmas