There is this virus by the name Rontokbro. This virus once it affcets the machine it disables the registry. For sometime now I have been successful in eliminating it by either Symantec or Norton. After this process I would normally run or instal 'UnHookExec' to enable the registry, but this time around am failing. It just says ''Registry editing has been disabled by your administrator'' despite many attempts to install UnHookExec. It is important to access the registry because the virus is there too, and I need to remove it manually. Is there any other way of accessing the registry contents? Please assist.

Ona.

I assume that you have tried a simple REGEDIT or REGEDT32.

When was the last time you did some serious maintenance on your machine ?


System maintenance includes:
Defrag
FULL patching
Virus scanning
Spyware scanning
Removal of rubish files

Defrag is an inbuilt function in XP.
Open My Computer > Right click C: > Tools Tab and it's there.

To make sure everything is running fine run both anti virus and anti spyware apps in normal AND safe modes. (make sure that they are updated first ! ;)) (AVG (http://free.grisoft.com/doc/1) is good and free AV)
(A couple of good removal tools are Spybot (http://www.safer-networking.org/) and Adaware (http://www.lavasoftusa.com/software/adaware/))

ALso an on line virus and spyware scanner is Trend Housecall (http://housecall.trendmicro.com/)

Just a note; actively running two AV's on one machine can cause problems.
So if you are thinking about it make sure your current one is disabled first.
Same thing applies to online scanners as well.

Removal of junk files is easy with CCleaner (http://www.ccleaner.com) a free app that does exactly what

If all this fails then a repair install may be in order:

Here's (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/doug92.mspx) the official Micro$oft way of doing it,
And Here's (http://www.geekstogo.com/forum/index.php?showtopic=138) one with screen shots.

Basically this installs windows over the top of your current setup.
So you don't loose any information you already have.

Also, Google the virus name, you should find removal instructions somewhere.