If you've found yourself on a machine running K9 Web Protection that no one has a password to, there is a way to remove it.
Create a text file and copy the below batch script into it.
Script to Copy/Paste Below:
@echo off
set keys=^
"HKLM\SOFTWARE\Blue Coat Systems"^
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\k9filter.exe"^
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Blue Coat K9 Web Protection"^
"HKLM\SYSTEM\CurrentControlSet\Services\bckd"^
"HKLM\SYSTEM\CurrentControlSet\Services\bckwfs"
REM remove registry keys
for %%G in (%keys%) do reg delete "%%~G" /f >nul
set folders=^
"%programfiles%\Blue Coat K9 Web Protection"^
"%programdata%\Microsoft\Windows\Start Menu\Programs\Blue Coat K9 Web Protection"
REM remove folders
for %%G in (%folders%) do rd /s /q "%%~G"
set files=^
"%windir%\System32\drivers\bckd.sys"
REM remove files
for %%G in (%files%) do del "%%~G"
pause
exit /b
Make sure, after saving the text file, that you rename it so it has a ".cmd" extension.
Reboot and run Windows in Safe Mode.
Find your .cmd file, right-click it, and run it as an administrator.
Upon .cmd completion, start RegEdit - Start/regedit.exe - and navigate to the below key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentContrlSet\Enum\Root\LEGACY_BCKD
Right-click the LEGACY_BCKD and select Permissions. Then click Advanced and select the Owner tab. Then select Adminsitrators from the owner list, check the Replace owner on subcontainers and objects checkbox, and then click OK. Then, select Everyone and check the Allow checkbox for the Full Control permission. Click OK, right-click the key and finally chose Delete.
Reboot.
No comments:
Post a Comment