PDA

View Full Version : Enable Regedit vbs script for 2000,xp,2k4,vista,win7


AtYourService
07-19-2009, 05:26 AM
I kind of pieced this code together because i wanted a single script
that would be able to enable regedit if a virus had disabled it
I tested on windows XP so far
I dont have a vista box or win7 to test this on , but I think it should work
if anyone can test it and let me know


' Enable Regedit for 2000,XP,2003,Vista,Win7
' @ Your Service Computer Repair
' will@whatsmypass.com will@yourserv.us

strComputer = "."
Dim strOS, val, val2, itemtype
Dim WshShell, strUserName, strDomain, strSID
Dim objWMIService, objItem, arrName, objAccount

On Error Resume Next

Set WshShell = WScript.CreateObject("WScript.Shell")
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colOperatingSystems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")

For Each objOperatingSystem in colOperatingSystems
strOS = objOperatingSystem.Version
Next
If InStr(1, strOS, "5.", vbTextCompare) Then strOS = "5"


'check if version of windows is below vista

If strOS = 5 Then
''''''''If 2000 or XP do this'''''''''''''''''''''''''
val = "HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System\DisableRegistryTools"
val2 = "HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System\DisableRegistryTools"
itemtype = "REG_DWORD"
WSHShell.RegDelete val
WSHShell.RegDelete val2
Msgbox "Regedit is now enabled.", 0 + 32,"Complete!"
Else
'''''''''If vista or win7 do this'''''''''''''''''''''
For Each objItem in colOperatingSystems
arrName = Split(objItem.UserName, "\")
strDomain = arrName(0)
strUserName = arrName(1)
Next

Set objAccount = objWMIService.Get _
("Win32_UserAccount.Name='" & strUserName & "',Domain='" & strDomain & "'")
strSID=objAccount.SID

If trim(strSID) <> "" then
WshShell.RegDelete ("HKEY_USERS\" & strSID & "\Software\Microsoft\Windows\CurrentVersion\Policie s\System\DisableRegistryTools")
Msgbox "Regedit is now enabled.", 0 + 32,"Complete!"
End if
End If

iisjman07
07-19-2009, 07:03 AM
I tested it on Vista and got an error message... see the screenshot below for more info:

http://img16.imageshack.us/img16/5818/screenshotpyz.png

If you want a script that works then use this instead:
Option Explicit
'Declare variables
Dim WSHShell, rr, rr2, MyBox, val, val2, ttl, toggle
Dim jobfunc, itemtype
On Error Resume Next
Set WSHShell = WScript.CreateObject("WScript.Shell")
val = "HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System\DisableRegistryTools"
val2 = "HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System\DisableRegistryTools"
itemtype = "REG_DWORD"
jobfunc = "Registry Editing Tools are now "
ttl = "Result"
'reads the registry key value.
rr = WSHShell.RegRead (val)
rr2 = WSHShell.RegRead (val2)
toggle=1
If (rr=1 or rr2=1) Then toggle=0
If toggle = 1 Then
WSHShell.RegWrite val, 1, itemtype
WSHShell.RegWrite val2, 1, itemtype
Mybox = MsgBox(jobfunc & "disabled.", 4096, ttl)
Else
WSHShell.RegDelete val
WSHShell.RegDelete val2
Mybox = MsgBox(jobfunc & "enabled.", 4096, ttl)
End If

It works on both XP & Vista without problems...

AtYourService
07-19-2009, 08:28 PM
i seen that script but was under the assumption that it didnt work on vista
because i seen another script that deleted the key for vista @

HKEY_USERS\%%USERS SID%%\Software\Microsoft\Windows\CurrentVersion\Po licies\System\DisableRegistryTools