# How do I delete undeletable registry keys?



## I Hate Vista (Dec 29, 2010)

Hi. I was unable to open any .jar files and while trying to fix it with registries on Regedit I found myself unable to make new keys called .jar and jarfile. This was because these keys already existed. I attempted to delete .jar and it seemed to go away but it came straight back. I am unable to read it, rename it, export it, delete it or anything! Same for jarfile! When I tried to change the permissions it said I did not have permission. I attempted to change it using the root key also but it did not work. So I got very suspicious of course and I am quite sure these keys are the reason I was unable to run .jar files. They seem to be impossible to delete. I tried using a different program to delete them but it was unable to. I also tried safe mode but that didn't work.

My account is an admin but it is not the original admin account. Does that matter?

Please! I need help!


----------



## I Hate Vista (Dec 29, 2010)

its really important I get this fixed.


----------



## I Hate Vista (Dec 29, 2010)

bump this is urgent to me somebody please helP!


----------



## jcgriff2 (Sep 30, 2007)

Try hidden admin user account - http://sysnative.com/0x1/Hidden_Admin_Acct.html

Add "Take Ownership" to your context (right-click) menu. 

Download the *.reg* file and save to Documents/ other folder. 2x-click on the *.reg* file and permit the Registry merge to occur.

http://jcgriff2.com/0x2/takeown_icacls_jcgriff2_Windows7_Vista.reg

Go to the key in question, RIGHT-click on it, select "Take Ownership"

Regards. . .

jcgriff2

`


----------



## jenae (Jun 17, 2008)

Hi, Big Fred wrote this some time ago he is a computer scientist from QLD,(and a good friend) it is all over the net by now this is it:-


It is a frequent tactic of cybercriminals' malicious software to encode modifications to the permissions of associated registry keys. This can prevent security software from being able to remove the infected registry keys from the system registry. The procedure herein provides a step-by-step procedure for manually removing "locked" registry keys. 

Warning: Manually editing the system registry can be dangerous to the proper operation of your computer. An incorrect modification can render the computer non-bootable. Always backup your registry prior to manually editing it. 

For the purpose of example, the following registry key is used. It is assumed that this registry key has been maliciously altered such that the infected key cannot be removed by security software such as TrojanHunter. 

HKEY_CLASSES_ROOT\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} 

The procedure below will change the permissions for registry key {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}, changing its permissions to your user account and providing you full control of this specific registry key. You should then be able to delete the key. 

- The procedure steps described are for a Windows Vista operating system; however, the steps are very similiar for Windows XP. 

- You must be signed on with a user account that has full administrative privileges. 

- To open Regedit on a Vista system: 

a. Go to START>RUN and type in Regedit. Regedit.exe will appear in the Start window. 

b. Right click on Regedit.exe and select "Run as administrator". 

- To open Regedit on a XP system: 

a. Go to START>RUN and type in Regedit.exe. 

b. Click on OK to open Regedit. 

Removal Procedure: 

1. Open Regedit. 
2. Expand HKEY_CLASSES_ROOT by clicking on the + sign next to HKEY_CLASSES_ROOT. 
3. Scroll down the registry keys until you find the registry key named CLSID. 
4. Expand registry key CLSID by clicking on the + sign next to CLSID. 
5. Scroll down the registry keys under CLSID until you find the registry key named{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}. 

6. Right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}and select Permissions from the menu. 
7. Click on Advanced. 
8. Select the Owner tab. 
9. In the "Change owner to" window, highlight the one that is your personal user account. 
10. Checkmark "Replace owner on subcontainers and objects". 
11. Click on Apply. Your personal user account should now be in the Current Owner box. 
12. Click on OK. You should now be back to the Security tab. 
13. Click on OK. 

14. Again, right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Permissions from the menu. 
15. In the "Group or user names:" window, highlight the one that is your personal user account. 
16. In the Permissions for (your user name), the Full Control and Read boxes should be checked under Allow. IF NOT, skip to step 22. 
17. Click on OK to close the Permissions window. 
18. Right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Delete. Confirm the Delete. The registy key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} should disappear. 
19. The registry key should now disappear and you are done with the deletion. Close Regedit. 
20. Reboot your computer. 
21. Rescan your computer with your security software to ensure the registry key is no longer present. 

22. If your user account does not have Full Control, click on Advanced. 
23. In the Permissions entries window, highlight the entry with your user account name. 
24. Checkmark the box "Include inheritable permissions from this object's parent.". 
25. Click on Edit 
26. In the Permissions window, check mark all the boxes under Allow. 
27. Check mark the box "Apply these permissions to objects and/or containers within this container only.". 
28. In the Apply to: window, it should be "This key and subkeys". 
29. Click on OK. 
30. Click on Apply and OK. 
31. Click on Apply and OK. 
32. Right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Delete. Confirm the Delete. the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} should disappear. 
33. The registry key should now disappear and you are done with the deletion. Close Regedit. 
34. Reboot your computer. 
35. Rescan your computer with your security software to ensure the registry key is no longer present. 

NOTE 1: If the registry key that you are attempting to remove has one or more subkeys under it, you may have to change permissions, obtain full control, and delete each of the subkeys prior to deleting the main registry key.


----------



## I Hate Vista (Dec 29, 2010)

Guys, I logged in on the original admin account and tried to change the permission on the key and got something like "You can't change the owner of this key" and gave myself full owner and control on the root key and all its subkeys and it said "Some of the keys or subkeys could not be changed" or something similar. 

Is this very suspicious? Do you think this is the reason I am unable to launch .jar files even through command prompt and with the latest java? I need to know if this is the reason and whether theres another way to remove it before I reformat the pc.


----------



## I Hate Vista (Dec 29, 2010)

Wow. I tried again on safe mode and I sucessfully deleted the subkey .jar. But I have been unable to delete jarfile or its subkeys! Please help! What do I do!


----------



## sandman_1 (Dec 27, 2010)

This guy here had a similar problem and said this



> I was finally able to delete the keys. Taking ownership was not sufficient.
> I then had to add myself as a user. Once I did that, I was able to change
> permissions and delete the keys.


Thread here [url]http://forums.techarena.in/vista-help/865121.htm[/URL]


----------

