1

Description

One driver left a mess in the registry (even when I uninstalled it from the system). If I check the security setting it will not display anything in “Group or user names”. And when I check the owner it shows only “Unable to display current owner.”. When I want to delete the registry keys I have to:

  1. Take the ownership.

  2. Add group.

  3. Delete the key.

The problem is that each registry has several sub keys and I have to repeat the process on each key. Inherit permission option will not work in Registry Editor. And yes, I am running Registry Editor in administrator mode.

Problem

I wanted to write a simple C# code that would loop and delete all keys. I have found some code samples, but in my case any OpenSubKey call would fail with error: System.Security.SecurityException: Requested registry access is not allowed. How can I change the ownership if any call of OpenSubKey function would fail? Is there any other command where I can claim the ownership and then delete the registry key?

Thank you for the support

UrosP
  • 111
  • 1
  • 2
  • 4
  • 1
    You have to run your application as admin. See this question: http://stackoverflow.com/questions/2818179/how-to-force-my-net-app-to-run-as-administrator-on-windows-7 – Alina B. Mar 10 '13 at 11:09
  • 1
    You've found a good reason to **not** write a program to do this. It is not that you couldn't make it work, it is debugging it that is so dangerous. Happens to the best of us, like [Paul DiLascia](http://www.microsoft.com/msj/1299/comtoys/comtoys.aspx), scroll to "Terrifying Anecdote from Hell". – Hans Passant Mar 10 '13 at 12:08

3 Answers3

2

Just as you knew to run the Registry Editor as an administrator in order to ensure that you would have the appropriate privileges to modify/delete registry keys, you need to do the same thing for your C# application.

Because you forgot to do this, the System.Security.SecurityException is being thrown as a reminder. As the exception message says, you do not have the privileges to modify/delete the registry key(s).

To solve the problem, you must execute your C# application with administrative privileges. You can either do this manually, or add a manifest to your application that will cause it to automatically demand administrative privileges.

Community
  • 1
  • 1
CodeTherapist
  • 2,776
  • 14
  • 24
0

This is half an answer.

This knowledge base article explains how to take ownership of a key that you don't have access to.

In short, you need to enable the "Take Ownership" privilege and open the key with WRITE_OWNER access. You can then set the owner.

Note that this only works when you run your code as an Administrator.

However, I don't know if you can do this in C# using the built in functions, or if you would need to use interop to call the native APIs. If the latter, it would probably be quicker to use C/C++.

Or you could use the SubInAcl tool. It can take ownership of files, registry keys, etc.

arx
  • 16,686
  • 2
  • 44
  • 61
  • This is less than half of an answer. As the KB article you linked notes at the very beginning, you can't obtain a handle to the key unless you have access privileges. And you can't take ownership without a handle. So you're still nowhere. It would be a huge security hole if you could take ownership of something without first having access rights to it. – Cody Gray - on strike Mar 10 '13 at 11:38
  • What? The article says you can't normally obtain a handle and then goes on to say "The solution to this problem is...". Administrators can **always** take ownership, even if they don't have access. This is central to the Windows security model. The KB article describes how to do it. Read it again. – arx Mar 10 '13 at 11:41
  • 1
    Agreed about being an administrator. That's the whole point of admin privileges. The problem is that he's not running the app with administrative privileges. – Cody Gray - on strike Mar 10 '13 at 11:42
  • 1
    He (or she) says that he does not have access to the keys even if he runs regedit as admin. Admin does not have permissions on the keys. So his app won't work as admin either. Unless he takes special steps to take ownership of the keys. Which is what I describe. – arx Mar 10 '13 at 11:45
  • Actually there are many solutions for this. In any case you will have the user prompted or you will run your program with elevated privileges. – Stephan Unrau Mar 31 '14 at 17:57
  • @StephanUnrau: Do tell! – arx Apr 01 '14 at 21:15
0

To be clear you right click and run as administrator when you talk about running it in administrator mode - this is elevated privilege and it wont happen by simply double clicking. Even if you login as admin you must right click and run as administrator to get elevated.

My problem I fixed by writing to CURRENT_USER and not LOCAL_MACHINE now I see that your problem is not actually solved by elevation and granting. Your security descriptors stored in the Registry were probably corrupted by garbage writes from the AWOL driver or whatever happened. This means you wont be able to do much, including fix yourself or a new user.

You may not be able to run CCleaner either until we clear the permissions issue. However you can boot into safe mode and run sfc /scannow and chkdsk - the sfc fixed one persons issue similar however it may be risky so do at own risk but it looks promising and I probably would have already done the scannow before I tried anything else. Safemode +sfc/scannow

I would backup data and wipe it ASAP much faster. I did find instructions for various OS on the matter of corrupt security descriptors - for Win 8 and 7 so you should not have problems and look like they will require Safe Mode

Good Luck!

Stephan Unrau
  • 1,699
  • 1
  • 10
  • 5