如果您最近尝试打开Windows 注册表(Windows registry)编辑器并收到消息“注册表编辑已被管理员禁用(Registry editing has been disabled by your administrator)”,那么您并不孤单!出现此错误消息的原因可能有多种,其中一些有解决方案,而另一些则没有。
大多数情况下,您会在IT 人员通过禁用(IT staff)Windows设置和服务锁定计算机的企业环境中看到这种情况。如果是主服务器推出的策略,则很难或不可能绕过。但是,您仍然可以试一试!
注册表被禁用的另一个主要原因是恶意病毒。通过禁用对注册表的访问,病毒可以阻止用户修复他们的系统。
在本文中,我将介绍几种不同的方法,您可以尝试这些方法来启用对注册表的访问。
方法 1 – 组策略
第一种方法是在Windows中打开(Windows)组策略编辑器(Group Policy editor)并检查注册表访问(registry access)设置。不幸的是,组策略编辑器(group policy editor)仅在Windows 7和Windows 8的(Windows 8)Professional、Ultimate 和 Pro 版本(Ultimate and Pro versions)中可用。如果您有Starter 或 Home editions(Starter or Home editions),此方法将不起作用。
第 1 步(Step 1):单击开始 (Start )并在搜索框中输入gpedit.msc 。
第 2 步(Step 2):导航到用户配置(User Configuration)-管理模板( Administrative Templates)-系统( System)。
第 3 步(Step 3):在右侧窗格(hand pane)中,双击阻止访问注册表编辑工具(Prevent access to registry editing tools)。
第 4 步(Step 4):如果设置设置为启用(Enabled),您可以将其更改为未配置(Not Configured)或禁用(Disabled)。
现在尝试运行注册表编辑器(registry editor),看看它是否有效。如果没有,请转到命令提示符(command prompt)(Start,Run,键入 cmd(type cmd))并键入gpupdate,但前提是您不在公司环境中。在公司网络中,gpupdate命令将再次从服务器下载设置,这可能只是将设置覆盖为Enabled。
您可以尝试通过重新启动计算机来避免从服务器接收设置,但断开网卡(network card),使其无法与网络通信。您可能还想在与网络断开连接时尝试上述整个过程,以确保公司策略不会覆盖本地策略。
如果您有一台家用计算机(home computer),那么您不必担心所有这些,只需重新启动计算机,您就可以再次编辑注册表。
方法 2 – 注册表项
即使您无法打开GUI 注册表(GUI registry)编辑器,也有一个名为REG的(REG)DOS 命令(DOS command) 行工具(line tool)可以让您编辑、更新和操作注册表。使用这个命令,我们可以尝试添加一个启用注册表的键。单击(Click)Start,键入Run并将以下行粘贴到Run框中:
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
现在尝试打开注册表编辑器(registry editor),看看它是否可以访问。您可能需要先重新启动计算机。由于Windows正在运行,因此使用此方法可能会遇到问题。
幸运的是,有一些方法可以在离线时编辑注册表,这意味着无需加载Windows即可编辑注册表。另一个优秀的技术博客(tech blog)写了一篇关于离线编辑注册表的不同方法(different ways to edit the registry offline)的详细文章,因此请检查运行命令(Run command) 方法(method didn)是否不起作用。如果这也不起作用,请继续阅读!
方法 3 – 重命名 regedit
有时,病毒或恶意软件程序会简单地通过(virus or malware program)EXE 文件(EXE file)(regedit.exe)的名称来阻止注册表加载。(registry loading)这很容易绕过,因为您只需将EXE 文件重命名为(EXE file)regedit_new.exe之类的其他名称,它就可以正常加载。
C:\Windows目录中找到 regedit 可执行文件。由于此文件夹是Windows 系统(Windows system)文件夹,因此您无法简单地右键单击并重命名它。您将收到一条错误消息(error message),指出您没有来自TrustedInstaller的权限。
为了重命名文件,您必须将所有者更改为您自己,然后更改权限以赋予自己Full Control。我已经编写了从 TrustedInstaller 更改权限(changing permissions from TrustedInstaller)的整个过程,以便您可以删除、重命名或移动文件。
另外,检查 regedit 是否已经命名为regedit.com 之(regedit.com)类的其他名称。某些病毒会重命名.exe 文件(.exe file),以便在您尝试运行它时不会加载它。在这些情况下,只需将文件重命名为 regedit.exe 并查看它是否有效。
方法 4 – 赛门铁克
赛门铁克有一个2005 年的非常旧的文件(really old file from 2005),似乎仍然可以解决这个注册表问题(registry issue)。某些病毒会更改shell 命令注册表(shell command registry)项,因此无论何时运行EXE 文件(EXE file),它都会运行病毒。此文件将使用原始默认值替换这些键。下载后,只需右键单击它并选择Install。
当您打开上面的链接时,请确保您右键单击UnHookExec.inf的链接并选择将链接另存为( Save link as),否则它只会在您的网络浏览器(web browser)中加载文件的内容。
Save as type应该已经设置为Setup Information,但如果不是,请将其更改为。
还有其他几种方法可以尝试启用注册表,但我没有任何成功,这就是我在这里没有提及它们的原因。如果您不在公司环境中,您应该做的第一件事是安装防病毒和反恶意软件,以尝试删除任何可能导致问题的恶意程序。
查看我以前的文章,这些文章可以帮助您清除病毒和恶意软件:
最佳(Best Software)恶意软件和间谍软件清除软件(Malware and Spyware Removal)
使用 Windows Defender 脱机(Use Windows Defender Offline)删除病毒
如何保护您的计算机免受病毒和恶意软件的侵害(Computer From Viruses and Malware)
如果您有任何问题,请随时发表评论。享受!
Fix Registry Editing has been Disabled by Your Administrator Error
If you’ve recently tried to оpen the Windows regiѕtry editor and were presented with the message” “Registry editing has been disabled by your administrator”, then you’re not alone! This error message can occur for a couple of different reasons, some of which have a solution and some that don’t.
Most of the time you will see this in corporate environments where the IT staff has locked down the computer by disabling Windows settings and services. If it’s a policy pushed out by the main servers, it can be very hard or impossible to bypass. However, you can still give it a shot!
Another major reason the registry gets disabled is due to malicious viruses. By disabling access to the registry, the virus can prevent the user from repairing their system.
In this article, I’m going to go through a couple of different methods you can try for enabling access to the registry.
Method 1 – Group Policy
The first method involves opening the Group Policy editor in Windows and checking the setting for registry access. Unfortunately, the group policy editor is only available in the Professional, Ultimate and Pro versions of Windows 7 and Windows 8. If you have the Starter or Home editions, this method won’t work.
Step 1: Click on Start and typing gpedit.msc into the search box.
Step 2: Navigate to User Configuration – Administrative Templates – System.
Step 3: In the right hand pane, double click on Prevent access to registry editing tools.
Step 4: If the setting is set to Enabled, you can change it to Not Configured or Disabled.
Now try to run the registry editor and see if it works. If not, go to the command prompt (Start, Run, type cmd) and type in gpupdate, but only if you are not in a corporate environment. In a corporate network, the gpupdate command will download the settings from the server again, which might just overwrite the setting to Enabled.
You can try to avoid receiving the setting from the server by restarting your computer, but disconnecting your network card so that it can’t communicate with the network. You may also want to try the whole procedure above while disconnected from the network in order to ensure that the corporate policy does not override the local policy.
If you have a home computer, then you don’t have to worry about all of this, just restart your computer and you should be able to edit the registry again.
Method 2 – Registry Key
Even if you can’t open the GUI registry editor, there is a DOS command line tool called REG that lets you edit, update and manipulate the registry. Using this command, we can try to add a key that enables the registry. Click on Start, type Run and paste the following line into the Run box:
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
Now try to open the registry editor and see if it is accessible. You may have to restart your computer first. Since Windows is running, you might run into problems using this method.
Luckily, there are ways to edit the registry while offline, meaning editing the registry without having to load Windows. Another good tech blog has written a detailed article on different ways to edit the registry offline, so check that out if the Run command method didn’t work. If this didn’t work either, keep reading!
Method 3 – Rename regedit
Sometimes a virus or malware program will simply prevent the registry loading by the name of the EXE file (regedit.exe). This is quite easy to bypass because you can just rename the EXE file to something else like regedit_new.exe and it might load just fine.
You can find the regedit executable file in the C:\Windows directory. Since this folder is a Windows system folder, you won’t be able to simply right-click and rename it. You’ll get an error message saying that you don’t have permission from TrustedInstaller.
In order to rename the file, you’ll have to change the owner to yourself and then change the permissions to give yourself Full Control. I’ve written up the entire procedure for changing permissions from TrustedInstaller so that you can delete, rename or move the file.
Also, check to see if regedit was already named something else like regedit.com. Some viruses rename the .exe file so that it doesn’t load when you try to run it. In these cases, just rename the file back to regedit.exe and see if it works.
Method 4 – Symantec
Symantec has a really old file from 2005 that still seems to work with this registry issue. Some viruses will change the shell command registry keys so that anytime you run an EXE file, it just runs the virus instead. This file will replace those keys with the original default values. Once you download it, just right-click on it and choose Install.
When you open the link above, make sure you right-click on the link to UnHookExec.inf and choose Save link as, otherwise it will simply load the contents of the file in your web browser.
The Save as type should already be set to Setup Information, but in case it’s not, change it to that.
There are a couple of other ways you can try to enable the registry, but I haven’t had any success with any of them and that’s why I’m not mentioning them here. If you’re not in a corporate environment, the first thing you should do is install anti-virus and anti-malware software to try and remove any malicious program that could be causing the issue.
Check out my previous articles that can help you with removing viruses and malware:
Best Software for Malware and Spyware Removal
Use Windows Defender Offline to Remove Viruses
How to Protect Your Computer From Viruses and Malware
If you have any questions, feel free to post a comment. Enjoy!