R4D3

Member
  • Content count

    76
  • Joined

  • Last visited

Community Reputation

3 Neutral

About R4D3

  • Birthday

Profile Information

  • OS
    none specified
  • Country

Recent Profile Visitors

957 profile views
  1. update script, and the whole first post...
  2. Hmm, and did you try my batch to fix it ? As i wrote, i made many many tests, with the result that, you only can change the starttype of 21 Services and 1 driver, all other changes breaks the Store, Update, or other functions... - what maybe could helped with that i to remove depending states of the services with sc and the depend flag (i did not try removing all dependencies from all services yet) - please write feedback here if you have success with that...
  3. You can try, making a shortcut to: C:\Windows\System32\cmd.exe /c "net accounts /maxpwage:unlimited" give it adminrights, and place it in Autorun Folder... %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
  4. Sorry, there is one Error in "my Fix.bat"... - Dnscache must stay at Auto - cause it is needed by WindowsStore... (error 0x80072ee7) for some Apps like ADBlock for Edge
  5. REM Reading Variable Service_nAm3s Registry Permissions FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "CDPUserSvc_" ') do set A1=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k DevicesFlow" ^|find "DevicesFlowUserSvc_" ') do set A2=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "MessagingService_" ') do set A3=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "OneSyncSvc_" ') do set A4=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "PimIndexMaintenanceSvc_" ') do set A5=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "UnistoreSvc_" ') do set A6=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "UserDataSvc_" ') do set A7=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "WpnUserService_" ') do set A8=%%a REM II Output the Variable and load Powershellscript to get Full Adminrights Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A1% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A2% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A3% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A4% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A5% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A6% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A7% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A8% powershell.exe -file "%CD%\PhoenixCall.ps1" REM III Config the Services via REGADD - SC dont work here REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A1% /v Start /t REG_DWORD /d 2 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A2% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A3% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A4% /v Start /t REG_DWORD /d 2 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A5% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A6% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A7% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A8% /v Start /t REG_DWORD /d 2 /f 1 Find them 2 Change Reg Permissions via Powershell 3 Change the Starttype $Service=$Env:Dienst $acl=Get-Acl $Service $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.RegistryRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $rule=New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl|Set-Acl
  6. Just a Notize: - Not sure - did my First Script switch all inherits ??? (remove inherit where one is, and make one where no is) - instead removing all of them ???? (if yes, how to fix that `d*** i hate inherits! - Fixed It - see Edit above) - Now i am trying to remove all inherits from Registry (HKEY_USERS and HKEY_LOCAL_MACHINE) - but hell - i am sitting since days on it, without getting it... - maybe someone can help... Note: The Google Key is just for Testing, - it should run at HKU and HKLM as root normally) - Edit: It works with the "Powerrun" Tool Alacran posted - but only for this key - running for whole HKLM, just crash Powershell.... - and destroy windows foreach ($i in Get-ChildItem Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Google -Recurse -Force -Name) { $name=-join("HKLM:\SOFTWARE\Google","\$i") echo $name $acl=Get-Acl $name $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.RegistryRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $acl.SetAccessRuleProtection($True, $True) $rule=New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl.SetAccessRule($rule) Set-Acl $name $acl }
  7. here is what i used in XP (its kind of unfinished and not from me alone) - but it is good enough to extract all resources of a folder, - and change them...
  8. Edit thx - i willi give it a try
  9. After much of tests i was able to write a Powershell Script, that replace, all inherits of all folders and subfolders (even the one with long names), without taking the Ownership ! Reasons: - Taking the Ownership of a Windows Folder can make much Problems ! (I dont like solutions, that can make more problems than they solve, and i even dont like it, if people say, dont change Permissions of systemfolders blabla - Me, the Owner of my Harddrive, like to have R/W Permissions to all Folders, but some folders get there permission inherit from a Top Folder, and so, i wasnt able to set their permissions... so many commands iacls, dir -ad, some powershell commands and ways, just didn´t do it, but i was able to to it (R4 never gives up...) 1) You need to allow Powershellscripts - in a Powershell console (with Adminrights) run: Set-ExecutionPolicy RemoteSigned (maybe "unrestricted could do the job too, you can set it back to restricted later) 2) Then run the script (with Adminrights too) 3) THis could take a while !!! Some really rare folders (probably Symbolic NTFS Links, Junctions or Similar) give Errormessages, - you can ignore it ! cd "C:\" foreach ($i in Get-ChildItem -Recurse -Force| ?{ $_.PSIsContainer}) { echo $i.FullName $acl=Get-ACL $i.FullName $acl.SetAccessRuleProtection($True, $True) Set-Acl $i.FullName -AclObject $acl } (this little success brings me some steps forward, in getting a clean os, - next step is setting r/w permissions for buildIN Admin, and then check the 1355 dll´s i identified, that can be called by regsvr32) - (maybe i could replace reginherits too...) mfg R4D3 Edit: Uhm, sorry my Script seems to switch all folderinherits like 180 degree (good for folders with inherits, but not for folders without - SetAccessRuleProtection($True, $False) seems to be better, and with giving Adminrights this hopefully does it: Edit: Just moved $acl.SetAccessRuleProtection($True, $True) before the new rule (cause, first the existing inherits must be replaced with local one, before the new-Object Rule, took them off and give Built-In Admin permissions.... cd "C:\" foreach ($i in Get-ChildItem -Recurse -Force| ?{$_.PSIsContainer}){ echo $i.FullName $acl=Get-ACL $i.FullName $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.FileSystemRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $acl.SetAccessRuleProtection($True, $True) $rule=New-Object System.Security.AccessControl.FileSystemAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl.SetAccessRule($rule) Set-Acl $i.FullName -AclObject $acl }
  10. i use this from here http://www.alkanesolutions.co.uk/2016/06/29/set-registry-key-permissions-powershell/ (i check so many scripts for my RepairService Script, - with this one, i got "lucky" It just add Permissions for the BuildIn Admin, without breaking something (like Regini does...) but you need to allow PS-Scripts first... - in a Admin Powershell type: Set-ExecutionPolicy RemoteSigned (maybe "unrestricted could do the job too, - restart after change.. standard is: Restricted) Remind to Change the ALC Name to your OS Language, and change VORDEFINIERT\Administratoren to BUILTIN\Administrators First define your Regpath as EnvVariable "Dienst", then Call it: (The HKLM: is correct call for Powershell in this case...) Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\YOURService powershell.exe -file "This Script.ps1" $Service=$Env:Dienst $acl=Get-Acl $Service $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.RegistryRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $rule=New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl|Set-Acl
  11. UPDATE: R4D3_Service_Fix.zip NEW: Grants "Build-In Admin" Permissions with a called PowershellSkript (just a minimal single Entry that allow BuiltIn Admins to change the RegEntry) IMPORTANT: If your Windows is NON-English (like mine) you need to change 1 Entry in the Powershellscript ! - Read the Comment in the Phoenix.bat You need to Run AdminPowershell, and run: Set-ExecutionPolicy RemoteSigned one time (to allow Powershellscripts - dont forget to Restart then !) You can turn it off with Set-ExecutionPolicy Restricted after... Edit: You have, to rightcklick each file, - and click allow (there is a flag on the files, that they are from another computer... - next time i zip them from a Fat32 Filesystem, then this flag shouldn´t be there...) Files: - Phoenix.bat Change All Services to their Original State (Creators Update W10 Home) (Highly Recommend New: Grants Admin Reg Permissions for Protected Services) - R4D3_Service_Fix.bat Yeah Hell MS, i fixed them ! (Change 22 Services & 1 Driver to Disabled, 7 to Demand) New: Grants Admin Reg Permissions for Protected Services) - PhoenixCall.ps1 Powershellscript thats be called from the Batchfiles to Grant Permission Note: you can check all Service acl flags with (even to get names you can place in the PhoenixCall.ps1) this powershell command:
  12. They did it in the German Version.... Exapmle of funny MS Translation: 1) SUBACLS... - Example: The User "Everyone" is translated to "Jeder"... - a English Script, that need to change Rights, just don´t work ! If it is a .cmd i can change it myself, - in an .exefile - no chance... 2) Folders: - I can´t trust Explorer anymore (cause MS used the Dektop.ini files - to call the mui´s) - in a German XP the Path %ProgramFiles% is called "Programme" and this was the real Foldername - in Windows 10 the Explorer shows the Folder as "Programme" but the foldername is "C:\Program Files" - I would wish they did it otherways - (Using Mui´s for SubACLS not a real Translation, and for Folders the real one... - like they did in the past...) P.S. They translated most of the ACL´s not only "Everyone" - they even did mui-files for "Short-Cut-Names" oO & there is no hint, that the desktop.ini files does different things than before... P.P.S On their Auto-Translated Help pages - they even translate Commands and Flags
  13. Nah, its ok - thx (it has a little error at Plug & Play, cause of the & - but i can live with that...) I think about trying to delete some dependency flags, - maybe then i can disable more services, without eventlog errors...
  14. Maybe this error just happens in localized versions, or its a Home/Premium/blabla thing ! If i like to run your script on a "VM Fresh Installed Windows 10 Home" in German with UAC disabled: I end up in System32, if i choose "Als Administrator ausführen" ! Only "CD /D %~dp0" fix this... @Echo Off CD /D %~dp0 Echo Path is %CD% Pause - So if you like to Present your Tool for all people, you have to add CD /D %~dp0 Not a big deal...
  15. Hell YES, (I remember it now... - Lost my Brain somewhere...) - So, I was just able to show the problem, but not to find an elegant solution - good boy