Member
Today i did a registry scan and came across some suspicious entries. Currently i am trying to delete those entries using regedit but i am getting an error message saying "Unable to delete all specified values". In my case that registry entry is located at HKEY_Local_Machine->System- ControlSet002->Enum->ROOT->LEGACY_xxx (Where xxx is the name of program) . Is there any other workaround that i can try to delete the suspicious registry???
Member
I think that the registry you are trying to delete might be in use by operating system. That's why you are getting that error, as far as i am aware regedit sometime leaves behind stuffs related to MS. Anyways you can download and install hijackthis or ccleaner for getting rid of that registry entry. I dont think that you will be able to delete it by some other workaround. Just try out any of the program that Ive suggested and post back the result you get.
Member
Can you just let me know the name of the program???HKEY_Local_Machine->System- ControlSet002->Enum->ROOT->LEGACY_xxx (Where xxx is the name of program)
I have found that above error occurs in below situation:
The Registry key might be based upon a legitimate process which might be running and/or
is protected.
- The Registry key might be based upon malicious code which might be present in your system protecting the key from removal.
- The Registry key might be based malicious code which might have changed permissions on the key.
- The Registry key might be using invalid characters like NUL character.
In case the issue is due to permission than you can try below steps for getting it back.
- Right-Click on "LEGACY_xxx" > choose "Permissions" > Highlight "Everyone" or "Administrator" or your account > checkmark the box for Allow "Full Control" > click on "Advanced" > un-check box for "Inherit from parent..." and "Replace permission entries on all child objects..."
- Once you have made these changed click on aooly, click on ok and try deleting LEGACY_xxx" again.
Posting Permissions
Reply With Quote
Bookmarks