Anyone tried deleting a registry key in Windows 7? Got "access denied" or "Error while deleting key"?The usual response is, "You need to run regedit as an administrator". but I *AM* logged in as Administrator, and running regedit as administrator, trying to assign administrator full permissions on that registry key in order to delete it!!Am I mistaken, or isn't Administrator supposed to be able to administer and control all the settings on the computer, in order to set it up for the "Average Joe" user?So, under the permissions menu of that key, go to advanced, change the owner from System to Administrator, and try again. It's no longer saying "access denied", but "Cannot delete xxxxxx. Error while deleting key".The scenario: Basically, the wireless has stopped working on a laptop. The device does not show up in Device Manager, but is in the registry, so the normal procedure is to delete the registry entry for the device in HKLM/System/CurrentControlSet (and /ControlSet001) /Enum/PCI ,then attach the device or restart the computer, it finds the "new" hardware and reinstalls it. Easy!...Not with permission restrictions on the administrator account it's not! So I need to give myself permission, to give myself permission, to do a simple task like delete a single registry key! Why, Microsoft, why???!!! Please just make the Administrator account a hidden "God mode" account that can do anything, and make the lives of us techies much easier in the process!/RANTNow, where did I put that XP disc?!....
Regedit, select you key, right-click-->Permissions-->Advanced-->Owner, select Administrators, Apply. Then grand FC to "System", and, if you like, to "Administrators" also.
I doubt deleting the keys helps you at all, since after deleting and restarting, the OS regenerates the keys by default permissions and you end up in the same situation as before, makes you mad, doesn't it?
I had the same problem trying to edit CurrentControlSet/Enum/USB. I tried all sorts of permission and ownership changes without success. I finally got it to work by using the following command
psexec -i -d -s c:\windows\regedit.exe
psexec is available from Microsoft here
This gave me full access to the registry. You should definitely be careful with this sort of access.
For me, my USB to serial device wasn't working any more. I wanted to remove the registry entries for it in Enum/USB. After deleting them with the above method, I plugged in the USB to serial adapter and it started working again. I'm running Win7 PRO.
I had one of my users (Win7 x86) get hit by
It should be pretty easy to get rid of. Stop the task, delete the .exe
But no matter what I can NOT edit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe
No matter if I run as local admin, or a System with use of psexec, I can NOT make any changes to this key, no owner change, no permissions change, absolutely NOTHING
You have to set you as owner of the key first and give you full writing permissions = ACCESS DENIED
Surely if the program can make the changes, I should be able to undo them?
- Edited by scerazy Friday, June 15, 2012 12:48 PM
OMG - 2 days of searching and screwing with solutions. @AAWahoo - Worked perfectly. Thanks!!!!!
 at first glance I could delete subkeys, but overall the stupid Enum\IPEnumRoot entry couldn't be altered/deleted nor could I replace ownership.
I'll keep looking. :(
- Edited by JawsOnt Saturday, October 27, 2012 2:12 PM
My problem is exactly the same but when when I try your solution I get this message.
psexec -i -d -s c:\windows\regedit.exe
Access is denied.
I have tried running CMD as administrator also with the same results.
I've got a simple fix for those who have this problem:
1. Move PsExec.exe (and the other executables) into a folder called PSTools. Locate it under C:\, so it should be C:\PSTools.
2. Create a new text file called "PsExec.bat" (note that the name before the .bat can be up to you). The location of this batch file is up to you.
3. Open the file in Notepad, and enter the following information, and save it:
C:\PSTools\psexec.exe -i -d -s c:\windows\regedit.exe pause
(The pause is so you can read any error messages that may appear).
4. Close Notepad, then right click on the new Batch file, and click "Run as Administrator".
It worked perfectly for me, and makes it much simpler to run in the future, with a simple right click! Hope this works for you. :)
Also note that the folder you put PsExec in doesn't matter, as long as the path in the batch file matches the true path of the file, and that there are no spaces in any of the folders to the file. This is because Administrator Command Prompt seems to read folder names in traditional DOS-like fashion (ie. PS Tools turns into PSTools~1 or something like that).
Thanks TheEDFLegacy. At last a solution that works! I had Symantec Endpoint Client go bad, wouldn't uninstall, and had to use regedit for a tedious manual uninstall. After that the Teeter2 stuff from it remained. Couldn't remove in Device Manager & couldn't remove in Registry Editor because its permissions were set so only SYSTEM user could delete. PSExec gave me hope but even that was no good until it was run through the batch file as you susggested. At last I've removed what I could see of Teeter2 and my wireless adapter is working again! Thanks once again.
Even this didn't work for me, plus all the permutations otherwise. I've made myself owner of the key, inherited/de-inherited permissions, removed other users. Nothing will let me delete the keys. This is a laptop on a Domain, but my user has local admin. Also rebooted, tried in safe mode, etc.
The key is a VMWare Workstation 9 Service, of which there are several - some I could delete, but many not, and it is this that prevented uninstallation of the app... which I wanted to do because I couldn't edit the Virtual Network Properties (possible also due to permissions).
I was having an issue with many of our laptops that we ran the symantec clean wipe on to fix a SEP 12 issue. After running the application we got the 8007000D error and it was saying windows was not genuine. I spent hours looking for fixes, running slmgr every way imaginable. Uninstalling symantec and trying, nothing I did would allow the workstation to get its key from the KMS. I found a MS article about the Enum key related to the 8007000D error and started searching for registry access issues.
After finding this article I found that maybe I had a permissions problem on the enum key. I applied to child objects (permissions were right to start) access denied. Took ownership, access denied as admin, then as LOCAL admin, then as LOCAL admin in safe mode!! no dice.
Then I found this thread. PSEXEC which I just recently started using to push some applications to computers remotely and BINGO! Started up Regedit remotely and was able to apply the permissions to the key. I am assuming that the switch that has the magic is the -s switch which ran the application as a system account.
psexec -i -d -s c:\windows\regedit.exe worked for me.
Finding this article basically saved the day. Thanks!
- Edited by IcezX2K Wednesday, February 05, 2014 7:14 PM
I had a un-deletable key from an old installation of DropBox... I was trying to reinstall, but it would not reinstall because of this stupid prior key: HKEY_CURRENT_USER\Software\Dropbox\ks
I tried many things! I tried:
- every combination of run-as admin
- loggin in as domain admin, etc
- the psexec workaround
I was about to give up and reinstall windows to fix this...
But, the one that finally worked was the 3rd party: Registrar Registry Manager.
I was a little skeptical, because I don't really like to install apps that I have never heard of... But it worked like magic!
I explain you:
Administrator does not mean "you get all rights to do anything." Administrator happens to be an account (or in your case, most likely the Local Administrators group) which by default is given some sensitive privileges like
SeDebugPrivilegeand similar. However, as far as the security subsystem is concerned, it is just an account. (Very much unlike
rootin Unix-like operating systems) If you aren't the owner of the key in question, and your account does not have
WRITE_DACaccess to the registry key in question, then you won't be able to change the access control list on the key in question.
Try taking ownership first. By default, the local administrators group has
SeTakeOwnershipPrivilege, which allows taking ownership of any object even without the
WRITE_OWNERpermission being granted by the object's discretionary access control list. Once you are the owner, you should be implicitly granted
READ_CONTROL(which allows you to read the security descriptor on the object in question), and
WRITE_DAC(which allows you to write to the DACL on the key in question). (Assuming the
OWNER_RIGHTSSID isn't in use; that's extremely unlikely)
I was flailing too, trying to efface ENUM keys for my HID device on Win7. Finally succeeded by opening cmd "as administrator" and running psexec -i -s c:\windows\regedit.exe (note no -d option)
Robbie's solution was the only one that worked for me.Cheers, robbie!