Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Editing/Deleting virus registry entries--won't allow?

Status
Not open for further replies.
TroyMcClure

TroyMcClure

Technical User
Oct 13, 2003
137
0
0
US
I'm trying to stop a virus/spyware by taking out it's registry key, but I get the error "error deleting key" or "can't modify key". I've explicitly set permissions for myself for this key and all child keys--the intruder had given my user read-only access when it installed itself.

Why can't I still delete this? And, on a related note--the files in question can't be deleted while they're in use--and they dont' show up in task mgr or Process Explorer so I can't kill the process.

I think there must be a way--no matter how 'dangerous'--for a machine admin to delete a file even though it's in use. Damn the torpedos--I don't care if the machine crashes--I just want that file deleted and I'm willing to deal with any corruption that may follow--the worst it can do is misallocate the file. Big deal. I want it gone and I can't log on in Safe Mode to do it (for other reasons). Can this be done? Thanks.
--T
 
Sort by date Sort by votes
Try booting into savemode then deleting the registry entry. Hit F8 during startup to access the safemode menu.
 
Upvote 0 Downvote
How To Use the Windows XP and Windows Server 2003 Registry Editor Features

HOW TO: Take Ownership of a File or Folder in Windows XP (Q308421)

The above is also available for Registry Keys, also look at the Inheritance (coming from above) from the beginning of the Hive in question.

Removing adware & spyware
faq608-4650

There is some nasty stuff out there, for example -

 
Upvote 0 Downvote
gwc,
As I'd said, I can't log in in safe mode, so that's not an option right now.

linney,
Thanks, I'll read through those. The faq looks good, and it looks like I'll have to install some of those programs to supplement the ad-aware that I've been using.

The file deletion issue does not appear to be a permissions issue--it's that the windows has the file in use. And I know that windows locks files from being deleted so you're not pulling the rug out from under a running process, but this is really what I want to do.
--T
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question
Deleting a file 1
Replies
13
Views
101
dik
dik
BloodFeastMan
  • Locked
  • Question
Running a "dir" command from "Scheduled Tasks" returns entire registry
Replies
3
Views
71
strongm
strongm
Shimmy613
  • Locked
  • Question
Systematically and safely deleting folder shortcuts seemingly to itself 1
Replies
6
Views
85
Mike Lewis
Mike Lewis
xarzu
  • Locked
  • Question
How is remote debugging allowed on Microsoft SQL Management studio?
Replies
2
Views
97
xarzu
xarzu
dan2229
  • Locked
  • Question
Chrome won't launch in most recent version of Windows 10
Replies
2
Views
39
MakeItSo
MakeItSo

Part and Inventory Search

Sponsor

Back
Top