If you recently tried to open the Windows registry editor and you were presented with the message “The administrator has disabled editing the registry “, you are not alone! This error message can appear for a couple of different reasons, some of which have a solution and others that do not.
Most of the time you will see this in corporate environments where IT staff has blocked the computer by disabling Windows settings and services. If it is a policy rejected by the main servers, it can be very difficult or impossible to omit it. However, you can still give it a try!
Another important reason why the registry is disabled is because of malicious viruses. By disabling access to the registry, the virus can prevent the user from repairing their system.
In this article, I will discuss a couple of different methods that you can try to enable access to the registry.
Method 1 – Group Policy
The first method is to open the group policy editor in Windows and verify the configuration for access to the registry. Unfortunately, the group policy editor is only available in the Professional, Ultimate and Pro versions of Windows 7 and Windows 8. If you have the Starter or Home editions, this method will not work.
Step 1: Click on Start and type gpedit.msc in the search box.
Step 2: Navigate to User Configuration – Administrative Templates – System.
Step 3: In the panel on the right, double-click on Prevent access to the registry’s editing tools.
Step 4: If the configuration is set to On, you can change it to Not Configured or Deactivated.
Now try to run the registry editor and see if it works. Otherwise, go to the command prompt (Start, Run, type cmd) and type gpupdate, but only if you are not in a corporate environment. In a corporate network, the gpupdate command will download the server settings again, which could overwrite the configuration to Enabled.
You can try to avoid receiving the server configuration by restarting your computer, but disconnecting your network card so that it can not communicate with the network. You may also want to try the whole procedure above while you are disconnected from the network to make sure that the corporate policy does not invalidate the local policy.
If you have a computer at home, then you do not have to worry about all this, just restart your computer and you should be able to edit the registry again.
Method 2 – Registry Key
Even if you can not open the GUI registry editor, there is a DOS command-line tool called REG that allows you to edit, update and manipulate the registry. Using this command, we can try to add a key that allows the registration. Click Start, type Run, and paste the following line in the Run box:
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
Now try to open the registry editor and see if it is accessible. You may have to restart your computer first. Since Windows is running, you may have problems with this method.
Fortunately, there are ways to edit the registry offline, which means editing it without having to load Windows. Another good technology blog has written a detailed article on different ways to edit the offline log, so check if the Execute command method did not work. If this did not work either, read on!
Method 3 – Rename regedit
Sometimes, a virus or malware program will simply avoid loading the registry by the name of the EXE file (regedit.exe). This is pretty easy to ignore since you can simply rename the EXE file to something like regedit_new.exe and it could load fine.
You can find the regedit executable file in the C: \ Windows directory. Since this folder is a Windows system folder, you can not simply right click and rename it. You will receive an error message stating that you do not have TrustedInstaller permission.
To change the name of the file, you must change the owner for yourself and then change the permissions to give you full control. I have written the entire procedure to change the TrustedInstaller permissions so you can delete, rename or move the file.
Also, check if regedit was already named as something like regedit.com. Some viruses change the name of the .exe file so that it does not load when you try to execute it. In these cases, simply change the name of the file to regedit.exe and see if it works.
Method 4 – Symantec
Symantec has a very old file from 2005 that still seems to work with this registry problem. Some viruses will change the shell command registry keys so that, at any time, it executes an EXE file, simply run the virus instead. This file will replace those keys with the original defaults. Once you download it, right click on it and choose Install.
When you open the above link, be sure to right-click on the link to UnHookExec.inf and select Save link as, otherwise, you will simply upload the contents of the file into your web browser.
The Save As type should already be configured in Configuration Information, but in case it is not, change it to that.
There are a couple of other ways you can try to enable the registry, but I have not had any success with any of them and that is why I do not mention them here. If you are not in a corporate environment, the first thing you should do is install antivirus and antimalware software to test and eliminate any malicious program that may be causing the problem.