R4D3

Member
  • Content count

    74
  • Joined

  • Last visited

Community Reputation

3 Neutral

About R4D3

  • Birthday

Profile Information

  • OS
    none specified
  • Country

Recent Profile Visitors

747 profile views
  1. You can try, making a shortcut to: C:\Windows\System32\cmd.exe /c "net accounts /maxpwage:unlimited" give it adminrights, and place it in Autorun Folder... %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
  2. Sorry, there is one Error in "my Fix.bat"... - Dnscache must stay at Auto - cause it is needed by WindowsStore... (error 0x80072ee7) for some Apps like ADBlock for Edge
  3. REM Reading Variable Service_nAm3s Registry Permissions FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "CDPUserSvc_" ') do set A1=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k DevicesFlow" ^|find "DevicesFlowUserSvc_" ') do set A2=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "MessagingService_" ') do set A3=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "OneSyncSvc_" ') do set A4=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "PimIndexMaintenanceSvc_" ') do set A5=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "UnistoreSvc_" ') do set A6=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "UserDataSvc_" ') do set A7=%%a FOR /F "delims=\ tokens=5" %%a in (' reg query "HKLM\SYSTEM\CurrentControlSet\Services" /s /f "C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup" ^|find "WpnUserService_" ') do set A8=%%a REM II Output the Variable and load Powershellscript to get Full Adminrights Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A1% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A2% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A3% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A4% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A5% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A6% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A7% powershell.exe -file "%CD%\PhoenixCall.ps1" Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\%A8% powershell.exe -file "%CD%\PhoenixCall.ps1" REM III Config the Services via REGADD - SC dont work here REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A1% /v Start /t REG_DWORD /d 2 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A2% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A3% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A4% /v Start /t REG_DWORD /d 2 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A5% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A6% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A7% /v Start /t REG_DWORD /d 3 /f REG ADD HKLM\SYSTEM\CurrentControlSet\Services\%A8% /v Start /t REG_DWORD /d 2 /f 1 Find them 2 Change Reg Permissions via Powershell 3 Change the Starttype $Service=$Env:Dienst $acl=Get-Acl $Service $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.RegistryRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $rule=New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl|Set-Acl
  4. Just a Notize: - Not sure - did my First Script switch all inherits ??? (remove inherit where one is, and make one where no is) - instead removing all of them ???? (if yes, how to fix that `d*** i hate inherits! - Fixed It - see Edit above) - Now i am trying to remove all inherits from Registry (HKEY_USERS and HKEY_LOCAL_MACHINE) - but hell - i am sitting since days on it, without getting it... - maybe someone can help... Note: The Google Key is just for Testing, - it should run at HKU and HKLM as root normally) - Edit: It works with the "Powerrun" Tool Alacran posted - but only for this key - running for whole HKLM, just crash Powershell.... - and destroy windows foreach ($i in Get-ChildItem Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Google -Recurse -Force -Name) { $name=-join("HKLM:\SOFTWARE\Google","\$i") echo $name $acl=Get-Acl $name $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.RegistryRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $acl.SetAccessRuleProtection($True, $True) $rule=New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl.SetAccessRule($rule) Set-Acl $name $acl }
  5. here is what i used in XP (its kind of unfinished and not from me alone) - but it is good enough to extract all resources of a folder, - and change them...
  6. Edit thx - i willi give it a try
  7. After much of tests i was able to write a Powershell Script, that replace, all inherits of all folders and subfolders (even the one with long names), without taking the Ownership ! Reasons: - Taking the Ownership of a Windows Folder can make much Problems ! (I dont like solutions, that can make more problems than they solve, and i even dont like it, if people say, dont change Permissions of systemfolders blabla - Me, the Owner of my Harddrive, like to have R/W Permissions to all Folders, but some folders get there permission inherit from a Top Folder, and so, i wasnt able to set their permissions... so many commands iacls, dir -ad, some powershell commands and ways, just didn´t do it, but i was able to to it (R4 never gives up...) 1) You need to allow Powershellscripts - in a Powershell console (with Adminrights) run: Set-ExecutionPolicy RemoteSigned (maybe "unrestricted could do the job too, you can set it back to restricted later) 2) Then run the script (with Adminrights too) 3) THis could take a while !!! Some really rare folders (probably Symbolic NTFS Links, Junctions or Similar) give Errormessages, - you can ignore it ! cd "C:\" foreach ($i in Get-ChildItem -Recurse -Force| ?{ $_.PSIsContainer}) { echo $i.FullName $acl=Get-ACL $i.FullName $acl.SetAccessRuleProtection($True, $True) Set-Acl $i.FullName -AclObject $acl } (this little success brings me some steps forward, in getting a clean os, - next step is setting r/w permissions for buildIN Admin, and then check the 1355 dll´s i identified, that can be called by regsvr32) - (maybe i could replace reginherits too...) mfg R4D3 Edit: Uhm, sorry my Script seems to switch all folderinherits like 180 degree (good for folders with inherits, but not for folders without - SetAccessRuleProtection($True, $False) seems to be better, and with giving Adminrights this hopefully does it: Edit: Just moved $acl.SetAccessRuleProtection($True, $True) before the new rule (cause, first the existing inherits must be replaced with local one, before the new-Object Rule, took them off and give Built-In Admin permissions.... cd "C:\" foreach ($i in Get-ChildItem -Recurse -Force| ?{$_.PSIsContainer}){ echo $i.FullName $acl=Get-ACL $i.FullName $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.FileSystemRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $acl.SetAccessRuleProtection($True, $True) $rule=New-Object System.Security.AccessControl.FileSystemAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl.SetAccessRule($rule) Set-Acl $i.FullName -AclObject $acl }
  8. i use this from here http://www.alkanesolutions.co.uk/2016/06/29/set-registry-key-permissions-powershell/ (i check so many scripts for my RepairService Script, - with this one, i got "lucky" It just add Permissions for the BuildIn Admin, without breaking something (like Regini does...) but you need to allow PS-Scripts first... - in a Admin Powershell type: Set-ExecutionPolicy RemoteSigned (maybe "unrestricted could do the job too, - restart after change.. standard is: Restricted) Remind to Change the ALC Name to your OS Language, and change VORDEFINIERT\Administratoren to BUILTIN\Administrators First define your Regpath as EnvVariable "Dienst", then Call it: (The HKLM: is correct call for Powershell in this case...) Set Dienst=HKLM:\SYSTEM\CurrentControlSet\Services\YOURService powershell.exe -file "This Script.ps1" $Service=$Env:Dienst $acl=Get-Acl $Service $person=[System.Security.Principal.NTAccount]"BUILTIN\Administrators" $access=[System.Security.AccessControl.RegistryRights]"FullControl" $inheritance=[System.Security.AccessControl.InheritanceFlags]"ObjectInherit" $propagation=[System.Security.AccessControl.PropagationFlags]"None" $type=[System.Security.AccessControl.AccessControlType]"Allow" $rule=New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.AddAccessRule($rule) $acl|Set-Acl
  9. UPDATE: R4D3_Service_Fix.zip NEW: Grants "Build-In Admin" Permissions with a called PowershellSkript (just a minimal single Entry that allow BuiltIn Admins to change the RegEntry) IMPORTANT: If your Windows is NON-English (like mine) you need to change 1 Entry in the Powershellscript ! - Read the Comment in the Phoenix.bat You need to Run AdminPowershell, and run: Set-ExecutionPolicy RemoteSigned one time (to allow Powershellscripts - dont forget to Restart then !) You can turn it off with Set-ExecutionPolicy Restricted after... Edit: You have, to rightcklick each file, - and click allow (there is a flag on the files, that they are from another computer... - next time i zip them from a Fat32 Filesystem, then this flag shouldn´t be there...) Files: - Phoenix.bat Change All Services to their Original State (Creators Update W10 Home) (Highly Recommend New: Grants Admin Reg Permissions for Protected Services) - R4D3_Service_Fix.bat Yeah Hell MS, i fixed them ! (Change 22 Services & 1 Driver to Disabled, 7 to Demand) New: Grants Admin Reg Permissions for Protected Services) - PhoenixCall.ps1 Powershellscript thats be called from the Batchfiles to Grant Permission Note: you can check all Service acl flags with (even to get names you can place in the PhoenixCall.ps1) this powershell command:
  10. They did it in the German Version.... Exapmle of funny MS Translation: 1) SUBACLS... - Example: The User "Everyone" is translated to "Jeder"... - a English Script, that need to change Rights, just don´t work ! If it is a .cmd i can change it myself, - in an .exefile - no chance... 2) Folders: - I can´t trust Explorer anymore (cause MS used the Dektop.ini files - to call the mui´s) - in a German XP the Path %ProgramFiles% is called "Programme" and this was the real Foldername - in Windows 10 the Explorer shows the Folder as "Programme" but the foldername is "C:\Program Files" - I would wish they did it otherways - (Using Mui´s for SubACLS not a real Translation, and for Folders the real one... - like they did in the past...) P.S. They translated most of the ACL´s not only "Everyone" - they even did mui-files for "Short-Cut-Names" oO & there is no hint, that the desktop.ini files does different things than before... P.P.S On their Auto-Translated Help pages - they even translate Commands and Flags
  11. Nah, its ok - thx (it has a little error at Plug & Play, cause of the & - but i can live with that...) I think about trying to delete some dependency flags, - maybe then i can disable more services, without eventlog errors...
  12. Maybe this error just happens in localized versions, or its a Home/Premium/blabla thing ! If i like to run your script on a "VM Fresh Installed Windows 10 Home" in German with UAC disabled: I end up in System32, if i choose "Als Administrator ausführen" ! Only "CD /D %~dp0" fix this... @Echo Off CD /D %~dp0 Echo Path is %CD% Pause - So if you like to Present your Tool for all people, you have to add CD /D %~dp0 Not a big deal...
  13. Hell YES, (I remember it now... - Lost my Brain somewhere...) - So, I was just able to show the problem, but not to find an elegant solution - good boy
  14. The "tweaktool" i wrote over, is a bunch of different fles (most batch, some vbs, some dat, some dll, some exe) - i dont write it is malware (its problably not, just looks like...) - but honestly i cant guarantee that it is or is not ! (... i think, a single vbs script can be really dangerous, but it doesn´t has to be...) - Point was: Even without Cortana, Startmenu can work (with some spicey extra work...) that swiftsearch tool your wrote about, i will test it... - i use AgentRansack until now for search (https://www.mythicsoft.com/agentransack)
  15. Call an exefile from a (Admin-Batch), that just lays in the same non-environment folder, doesnt work anymore ! If you run something "as Admin" you end up in System32 directly (not sure when MS did that) (and you can not set the runnig dir, in the batch, cause you are allready in system32 (by noel does it work, cause he propably installed the ADK´s (or wherever they are inside, and this installer add a environment variable, so he can call it from everywhere, - or they was copied to a environmentpath like system32... - just copy the exe files to a path like system32 and you can call them from everywhere.... (or stop working with relative paths, use absolute...) I dont know, why Microsoft try to force users, to copy every crappy tool from the internet to system32, but i am sure, some guys will like that... Run that Batch 1 Time Normal, and 1 Time as Admin @Echo Off Echo ................................... Echo Congratulations You are in %CD% Echo ................................... pause