Windows Registry, as the name suggests, is a small but very important organized register and information book that keeps data regarding the operating system, its users, system policies, and other key values. This data may often need changed in different situations, by either the users or the administrator of the system. In order to make changes to the already stored values, an editing tool by the name of “Registry Editor” has been provided in all versions of Windows since its inception, i.e. from version 3.x until now. The executables that enable editing registry values in a system are known as regedit.exe or regedit32.exe.
One should always be very cautious while playing with the registry values. Since Registry Editor (RE) provides an interface to the internal mechanics of the system, meddling with the registry entries can prove to be disastrous if done by an inexperienced user as an unbootable system could result.
In order to make sure that Registry is not accessible when necessary, all versions of the Windows OS including XP, Vista, Server 2003 or 2008, and others allow the administrator to disable the Registry Editor.
Following are the different methods for disabling the registry editor, choose either of these:
1. To disable access to the user currently logged in, do the following:
a. Go to RUN, type in “regedit” (for Windows Vista and 7, type "regedit" in Start Search instead). Click on OK.
b. Navigate to the following key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
c. Right-click on the empty space, choose Key in New and then name it System.
d. At the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System, right-click, choose DWORD Value in New and name it DisableRegistryTools.
e. Finally, set the value for DisableRegistryTools to 1 to disable the RE.
2. For disabling access to all user accounts in the system, follow this:
Repeat all of the above 5 steps while replacing HKEY_CURRENT_USER to HKEY_LOCAL_MACHINE.
3. Using Local Group Policy Editor
Before, we use the Group Policy Editor, we need to download and run a file, which will add some extra options in the GPE. To download the file, go to this website, scroll down to the bottom and choose the appropriate file (you will see three files, one for Windows XP, one for Windows 2000, and the other one for Windows 2003).
Now, go to RUN, type in “gpedit.msc” to open The Local Group Policy Editor. Navigate to User Configuration -> Administrative Templates -> System and locate Prevent access to registry editing tools. Double-click on this and in the new window that appears, select Enabled to disable the Registry Editor access.
4. By the intrusion of a virus
Another way in which the Registry Editor can be disabled is by the intrusion of a malware, such as W32/Brontok-C.
Now once the RE is disabled, the users of the system can not access the RE. If they try to do so, the system will show the following error message “Registry editing has been disabled by your administrator” or it won’t show any message at all.
Continue on to the next page to find out how to enable Windows Registry Editor.