Home Page








Features Contents

7th June 2003


Brian Grainger

email.gif (183 bytes)


Some little while ago I wrote a feature about how to reactivate REGEDIT.EXE, when your friendly Systems Administrator had disabled registry tools. The aim was to enable one to be able to view the registry to help in problem solving. At the time the fix would only open up REGEDIT.EXE. It would not work with REGEDIT32.EXE and I doubted it would work with versions of Windows more recent than NT4.

Much more recently I wrote a feature about Windows Scripting and its usefulness to providing functionality such as keyboard macros. At the time of writing I did not make the connection with my earlier problem, since I was much more interested in keyboard macros and creating dual Explorer Windows!

Just this week the registry editing problem has come back to haunt me again. At work, I wanted a way to periodically store my Windows NT4 profile. On more than one occasion our profile server goes missing. As we use roaming profiles this gets Windows NT upset. What should, and does, happen is that a previously stored local profile is used instead. However, there are occasions when the effect of all this is that the profile gets corrupted and then nothing works! Our IT solution to this is to restore the default profile, which means all the little personal tweaks I have made are lost. Now you can see why I want to backup my profile periodically. The next time this happens I want to tell IT to restore my backup, rather than the default. So what is an NT profile? It is two things. First a collection of folders, with various files in them holding personal settings. These are easy to back up with Windows Explorer. Second, the Current User hive of the registry. This is much more difficult to back up, especially when Registry tools have been disabled!

I have been doing some reading of a very good Microsoft White Paper on NT4 profiles and it seems that REGEDIT32 may have the functionality to backup the hive. My previous tweak to re-enable registry tools only worked with REGEDIT.EXE so you can see why my problem came back to revisit me. I do what I usually do in this situation and STFW, (searched the flipping web). It was then I found that users of Windows XP were beginning to experience this problem. Apparently, one way the Windows XP registry editor can be disabled is by a virus. They do this to stop the technically minded user from finding out about the attack and to hinder virus removal.

It did not matter who was having the problem. What it meant was that somebody had found a solution! In fact there are two basic solutions. One answer is to create a .REG file to update the registry to turn off the disable registry tools flag. When run .REG files update the registry according to the contents of the file.

The second approach was to create a script file, which was multifunctional. It first checks for existence of the flag in the registry. If it does not exist it is created and set to enable the registry tools. If the flag exists the contents are toggled so that a disabled state will turn into an enabled state and vice versa. This solution is much more elegant, since a single file can both adjust the registry to allow me to take my hive backup and then turn the adjustment back to its previous state when I had finished.

Here is the script:

'Enable/Disable Registry Editing tools
'© Doug Knox - rev 12/06/99
'This code may be freely distributed/modified

Option Explicit
'Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype

Set WSHShell = WScript.CreateObject("WScript.Shell")
p = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"
p = p & "DisableRegistryTools"
itemtype = "REG_DWORD"
mustboot = "Log off and back on, or restart your pc to" & vbCR & "effect the changes"
enab = "ENABLED"
disab = "DISABLED"
jobfunc = "Registry Editing Tools are now "

'This section tries to read the registry key value. If not present an
'error is generated. Normal error return should be 0 if value is
t = "Confirmation"
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number

if errnum <> 0 then
'Create the registry key value for DisableRegistryTools with value 0
WSHShell.RegWrite p, 0, itemtype
End If

'If the key is present, or was created, it is toggled

'Confirmations can be disabled by commenting out
'the two MyBox lines below

If n = 0 Then
n = 1
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & disab & vbCR & mustboot, 4096, t)
ElseIf n = 1 then
n = 0
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & enab & vbCR & mustboot, 4096, t)
End If

I am indebted to Doug Knox for making his script freely available. If you want to download it to save the typing then you will find the script at:

15 Jan 2006

Occasionally I do a Google ego search for ICPUG to see who might be referring to my pages! On one of these sessions I came across a site run by 'Pathetic Cockroach', who had amended the script above and referred to this page in his amended code.

Now Pathetic Cockroach is a smart cookie because he has also provided an amended version of Regedit.exe for Windows 2000 (French) and Windows XP (English) that does away with the need for a script altogether.

To download these programs go to Step 3 on the following page:

Now that my machine at work runs XP, with a disabled Regedit.exe, I have had a chance to run the modified Registry Editor for XP and it works! I can now read the Registry again. Not so Pathetic Cockroach!

Unfortunately, Windows XP gives administrators the capability to stop users writing to the registry as well - and this has stopped me implementing some simple tools to make my life easier. Anybody know how, without modifying the registry, I can select a folder within Windows Explorer and click to the command line with the folder as the current directory?

20 Apr 2006

Graham Lattin provided the answer to my question above:

Create a shortcut in your Send To folder with the target of:
C:\WINNT\system32\cmd.exe /k cd /d
(If necessary, replace C:\WINNT\system32\ with wherever cmd lives on your machine).

This executes the cd command with the selected drive and directory as the parameter and then stays active.