Tag Technorati: {grup-tag}Tip dan trick
I give the opportunity of knowledge I have gained in the experiment I did the regedit repair with notepad and other settings. is as follows: Method 1 --
Enabling Registry with VBScript
Doug Knox, has made VBScript that enables or Disables the Registry Editor based on the following location in the registry. Of course, since the registry editor is disabled, we can not change manually, so need the Visual Basic Script to accomplish the task.
Copi paste the below code in notepad and save with a VBScript to your desktop, double click it to run, then reboot your computer and try to open the Registry Editor on RUN.
'Enable / Disable Registry Editing tools
'� � Doug Knox - rev 12/06/99
Option Explicit
'Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype
Set WSHShell = WScript.CreateObject ( "WScript.Shell")
p = "HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \"
p = p & "DisableRegistryTools"
itemtype = "REG_DWORD"
mustboot = "Log off and back on, or restart your pc to" & vbCR & "effect the changes"
enab = "ENABLED"
disab = "disabled"
jobfunc = "Registry Editing Tools are now"
'This section tries to read the registry key value. If not present an
'error is generated. Normal error return should be 0 if value is
'present
t = "Confirmation"
Err.Clear
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number
if errnum <> 0 then
'Create the registry key value for DisableRegistryTools with value 0
WshShell.RegWrite p, 0, itemtype
End If
'If the key is present, or was created, it is toggled
'Confirmations can be disabled by Commenting out
'the two lines below MyBox
If n = 0 Then
n = 1
WshShell.RegWrite p, n, itemtype
Mybox = MsgBox (jobfunc & vbCR & disab & mustboot, 4096, t)
ElseIf n = 1 then
n = 0
WshShell.RegWrite p, n, itemtype
Mybox = MsgBox (jobfunc & vbCR & enab & mustboot, 4096, t)
End If
Method 2:
Use UnHookExec.inf from Symantec to reset shell \ open \ command registry keys
Please Copy paste the below code in notepad and save it with the name UnHookExec.inf on your desktop. Right click it and select Install. Restart your computer and then try to open the Registry Editor.
[Version]
Signature = "$ Chicago $"
Provider = Symantec
[DefaultInstall]
AddReg = UnhookRegKey
[UnhookRegKey]
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ batfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ comfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ exefile \ shell \ open \ command ,,,"""% 1 ""% * "
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ piffile \ shell \ open \ command ,,,"""% 1 ""% * "
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ regfile \ shell \ open \ command,,, "regedit.exe" "% 1" ""
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ scrfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, DisableRegistryTools, 0x00000020, 0
Method 3:
Change the name to Regedit.exe Regedit.com
Some viruses and other malware will load a file that regedit many times a zero byte dummy file. Because. Computer file will replace the function. Exe files when executed if you type regedit in RUN, it will run regedit.com not the original file from regedit.exe file.
regedit delete if the file is zero byte file to restore access to regedit. In some cases, such worms W32.Navidad, you must change the file name to the registry to normalize again ..
Method 4:
Windows XP Professional
If you have Windows XP Professional and access to one of the administrative account, you can change the registry editor options in the Group Policy Editor.
1. Click Start, Run
2. Type gpedit.msc and Press Enter
3. Go to the following location: User Configuration | Administrative Templates | System
4. Double-click "Disable registry editing tools" and the setting of "Not Configured"
5. Select disabled or not configured, and select OK
6. Close the Group Policy Editor and restart your computer
7. Try reopen regedit
In Windows Vista System:
If the message "Registry Editing Has Been Disabled By Your Administrator", possibly due to malware infection, or perhaps also a Disable Registry Tools Policy has been activated by a third party tweak programs that you can use. This is highly recommended to follow up with a complete system for viruses and malware checks, especially if you are not sure about the cause.
Note: If your system is connected to a domain, your network administrator may have enabled DisableRegistryTools Policy setting. In this case, you need to contact the network administrator to overcome this limitation, if necessary.
Method 1 --
Using Group Policy Editor
If you are using Windows Vista edition of Windows Vista Business, Enterprise and Ultimate editions) which includes the Group Policy Editor, follow these steps:
* Click Start, type "gpedit.msc" in the Search box, then ENTER
* Go to the section: "User Configuration | Administrative Templates | System"
* Double-click Prevent access to registry editing tools
* Select "Not Configured"
Note: If you've selected "Not Configured", select "Enabled", then click "Apply".
Method 2
This method is expected to work in all editions of Windows Vista.
1. Copas code "reg_enable.vbs" in notepad, and save it on Desktop
2. Open a command prompt. To do this, click START, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or for confirmation, type the password, or click Allow.
3. Switch to Desktop directory by typing the following command, and then press ENTER:
cd / d% userprofile% \ desktop
4. Then, type the following command and press ENTER
wscript.exe reg_enable.vbs
5. Type EXIT to close the Command Prompt window.
If everything works well, DisableRegistryTools policy should have been removed now. See if you can start Regedit.exe now.
code: regedit_enable.vbs
'Copyright � � 2007 Ramesh Srinivasan. All rights reserved.
'Homepage: http://www.winhelponline.com
'Filename: "regedit_enable.vbs"
'Creation: March 02, 2007
'Description: resets the "Prevent access to registry editing tools"
'Policy in Windows Vista. If UAC is enabled, this script needs to
'To be run from an elevated Command Prompt.
'Compatibility: This script was tested under Windows Vista only.
Option Explicit
Dim WshShell, strUserName, strDomain, strSID
Dim objWMIService, colItems, objItem, arrName, objAccount
Set WshShell = WScript.CreateObject ( "WScript.Shell")
Set objWMIService = GetObject ( "winmgmts: \ \. \ Root \ cimv2")
Set colItems = objWMIService.ExecQuery ( "Select * From Win32_ComputerSystem")
For Each objItem in colItems
arrName = Split (objItem.UserName, "\")
strDomain = arrName (0)
strUserName = arrName (1)
Next
Set objAccount = objWMIService.Get _
( "Win32_UserAccount.Name = '" & strUserName & "', Domain = '" & strDomain & "'")
strSID = objAccount.SID
If trim (strSID) <> "" then
WshShell.RegDelete ( "HKEY_USERS \" & strSID & "\ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ DisableRegistryTools")
MsgBox "Completed!"
End if
0 Comments:
Post a Comment