Deleting a file in use without rebooting
 

Anybody knows how to programatically delete a file currently in use without resorting to deleting it on the next reboot?

One idea is to enumerate all open handles of all processes and force them to close the handle to your target file, then deleting it afterwards. Unfortunately, it's too messy.

I'm looking for some undocumented or easier way to do this. Anyone? :confused:

Well, I know a way but dont know how much messy its to you:

1. Click Start > Run > type in taskman > OK, this will open a task manager
2. Look in process "explorer.exe", and finish the task, without closing the task manager
3. In the task manager click on File > New Task(Run) > type in cmd > OK
4. Go to the command line interface, find the file and delete it.
5. Go back to the Windows Task Manager, click File > select New Task (Run) > type in explorer.exe > click OK. And you should be back into explorer and without the file.

Now to do it programmatically you can improve this way in a batch file (I mean .bat)

#include <windows.h>

int main(int argc, char **argv)
{
HMODULE module = GetModuleHandle(0);
CHAR buf[MAX_PATH];

GetModuleFileName(module, buf, sizeof(buf));
CloseHandle(HANDLE(4));

__asm {
lea eax, buf
push 0
push 0
push eax
push ExitProcess
push module
push DeleteFile
push UnmapViewOfFile
ret
}

return 0;
}

----------------------------------------------------
Something like this may do what you are wanting with some modifications. Caveat, I have used this for self-deleting executables as they run in memory.

Shub-Nigurrath has released his ForceDel with sources sometimes ago , maybe it can helps

regards

Can you help
*http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/inuse-o.asp

you can also use process explorer by sysinternals, it can close handles... if it is a loaded dll you can try the prog called "undll"

Some years ago I' ve written small program for win 95 /98 /[maybe Me].
It was a dynamically loaded vxd which enabled deleting working files, including working programs. The main patch of the system was in VFAT.vxd, and the other two patches in shell32.dll.
When vxd is loaded, there are no limitations in file sharing - for example it is possible to delete all files on system drive under working Windows :).
Windows DON'T HANG of course, because necessary ring3 and ring0 files are loaded in RAM so the files on disk are not necessary. Only strange "sharing files" rules in Windows are responsible for not-permitted deleting of working programs or exclusively open files. There are not "internal" or "systemic" causes for this.
So, it's possible to delete all open files under 9x after patching virtual FAT, WITHOUT closing handles.
I'm sure it's possible under NTFS, when I'll have more time may be I'll look for proper patch in (probably) NTFS.sys .
Regards
amigo

thanks for the info xobor. i tried to search for forcedel, and found it. unfortunately, it uses the same technique i described in my initial post.

:eek: this seems dangerous! i just want someway to clear the handle count of a file in a windows system so that it'll permit a DeleteFile call.
something like finding the structure containing the handle counts and the file they point to, and setting it to zero (meaning no one's using the file), so i can delete it. anyone ever done this before?

the forcedel suggested ad the beginning exactly does this before deleting a file..you can also with an option to only close or list all the open handle of a file