How can the browser homepage be changed and the registry be unlocked maliciously?

Time:2022-8-3

Presumably, many users will download some software or resources on the Internet for installation, but after the installation is completed, they will find that their IE home page has been locked and modified by malicious websites, but the modified home page still cannot be unlocked. This situation occurs because the registry has been modified. As long as the registry is modified back, it is OK. How can the browser home page be changed and the registry be unlocked maliciously? Now let’s introduce it to you. Let’s have a look!

怎样解除注册表被恶意锁定

Method 1: self made deregistration document

This is a simple and convenient method to release the malicious lock of the registry. Make a registration file by yourself. For the specific method, first open notepad and enter the following code.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]”DisableRegistryTools”=dword:00000000

怎样解除注册表被恶意锁定

Then save, step, click the window “file” menu, and then select “save” in the open menu.

怎样解除注册表被恶意锁定

Pop up the save window and save the settings as follows:

1、 Select the disk to save the file, such as disk D;

2、 Select a folder to save the file, such as the “1” folder.

3、 Define a file name, such as “unlock Registry”.Reg “, and note that the suffix is reg;

4、 Select the file type as “all files”;

5、 Press save.

怎样解除注册表被恶意锁定

After saving, go to the save folder, find and double-click “unlock Registry”.Reg “, a confirmation window will pop up, and press” OK “.

怎样解除注册表被恶意锁定

Then open the “run” program from the start menu, enter the regedit command, and confirm that this time, it is not blocked, and the registry editor is successfully opened.

怎样解除注册表被恶意锁定

Method 2: modify Group Policy

If the above method is invalid, you can also use the group policy method to solve it. As long as you follow the method, it is still relatively easy to implement. For the specific method, open the running program first, enter the gpedit.msc command, and then confirm.

怎样解除注册表被恶意锁定

After entering the Group Policy Editor window, first find the “user configuration” item, and then open its sub item to find the “management template” from it.

怎样解除注册表被恶意锁定

Then open the management template, find and select “system” from its sub items.

怎样解除注册表被恶意锁定

In the right window of the system item, find the item “prevent access to the registry editor”, double-click it to open its properties window.

怎样解除注册表被恶意锁定

Enter the properties window and find that the current status is “enabled”, which means that if it is enabled, it will prevent the registry from being opened.

怎样解除注册表被恶意锁定

If you want to remove the prohibition, change “enabled” to “unconfigured”, then press “apply” to save, and press “OK” to exit.

怎样解除注册表被恶意锁定

But sometimes it is found that after entering the property window, the current state is “unconfigured”. What should I do? In fact, you can first set it to “started”, press “apply”, exit the window, then enter the property window, set it to “unconfigured”, and then press “apply” to save and confirm. Why do you do this? It’s an activation process.

怎样解除注册表被恶意锁定

matters needing attention

Group policy modification is very effective. If you can’t open the group policy, you may lose the group policy file. You can copy a gpedit.msc file on the Internet or on the computer of the same system and put it under the folder c:\windows\system32.

The above is how to remove the malicious lock of the registry when the browser home page is changed. Do you understand? I hope it can help you!