If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Undeletable - Attn Paul - update (more)
On Sun, 08 Jul 2018 09:33:51 -0400, slate_leeper
wrote: Thought occurred to me... when I copied the Program Files directory to the ExFAT formatted drive, I copied it back by replacing the original files. The thought: perhaps I should have deleted the entire directory before copying the files back. So I started over, using the Gandalf PE disk again. Copied entire PF directory to ExFat drive. Deleted entire PF directory on boot drive. Then copied it back from the ExFat drive. Using the PE file explorer,, right clicked on the PF folder name. Under attributes, in addition to the normal Read Only was one labeled SYSTEM. I turned off both R/O and SYSTEM and applied. Then rebooted. Same problem.... -dan z- -- Someone who thinks logically provides a nice contrast to the real world. (Anonymous) |
Ads |
#17
|
|||
|
|||
Undeletable - Attn Paul - update (more)
slate_leeper wrote:
On Sun, 8 Jul 2018 18:21:46 +0100, ? Good Guy ? wrote: There is nothing in Windows that can't be deleted by an Administrator of the machine provided there aren't any APPs still running and using some files in a particular folder. Except on mine. The Program Files directory on mine is completely locked against deleting or modifying any files within. If you had been following this thread you would know that we have tried doing it as "true administrator" and also as SYSTEM. Neither of those were able to do anything with the files. It just keeps saying "access denied." This despite the properties of the directory and of the files shows both SYSTEM and Administrators as having full access. -dan z- Time to go nuclear. You will need three tools. pstools (psexec.exe and psexec64.exe) process explorer (to verify the properties of the Command Prompt created). RunFromToken.exe (a program to copy trustedinstaller token, and run Command Prompt) 1) Start an Administrator Command Prompt. Unpack pstools. From www.sysinternals.com . Grab pxexec64.exe if on a 64 bit system. psexec64 -hsi cmd Another Command Prompt window opens. 2a) Do "whoami" in the new Command Prompt window. ntauthority\system Download RunFromToken http://reboot.pro/files/download/237...-runfromtoken/ http://reboot.pro/files/getdownload/...-runfromtoken/ Unpack the three files. You'll need two of them. RunFromToken.au3 (an autohotkey program) RunFromToken64.exe (the tool for a 64-bit OS) 2b) The next part is a minor issue, a bit of timing is involved. Open services.msc from the run box. Do "Properties" on the "Windows Modules Installer" service. It will be in the stopped state. It has a "Start" button. In the SYSTEM cmd window from 2a, prepare your command to launch yet another cmd window. cd /d C:\users\slate\Downloads # Location of RunFromToken64 RunFromToken64.exe trustedinstaller.exe 1 cmd # *Do not* hit return yet. Now, go back to the "Windows Modules Installer" Properties and click Start. Wait for the timer to disappear and the thing to seem to be running. Now, hit carriage return. OK, first minor snag. The RunFromToken64.exe program needs to fiddle with one of the Administrator privileges. The dialog will tell you that a reboot is required. Repeat the steps to here, and the second time, it should work. 3) Download Process Explorer and unpack it. From www.sysinternals.com . Right click "procexp.exe" and select Run As Administrator. This is needed to get a lot of process properties. In the 2b window, it tells you the PID of the special cmd window. Sort the processes in procexp.exe by the PID column, then scroll down until you find the PID in question. Note that, the window that opens at the end of 2b is still owned by SYSTEM. whoami ntauthority\system But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. https://s22.postimg.cc/jde034snl/tru...ller_maybe.gif 4) Now from that third window, the one you vetted in Process Explorer, cd /d C:\Program Files\7zip del 7zip.exe There is a picture here as a summary. https://s22.postimg.cc/ktpilht29/ele..._installer.gif ******* Note: I tried to modify the ACE (Mandatory) thing with a tool. I modified all of C: to be medium, but that did not achieve any change that I could see. "Program Files" would normally be "High", but I used icacls to make the entire C: drive medium. And I did that, because I got permission denied trying other stuff. https://s22.postimg.cc/9ve92xmcx/mic...o_read_ACE.gif The tool is suitable for viewing the ACE values if you want. It doesn't explain what is going on with your system though. https://www.elevenpaths.com/download...m.exe?agree=on And the ACE doesn't seem to be stored in the icacls output either. You cannot replay the ACLs and fix ACE at the same time. If you mess around as I did with C: and change the integrity level of the entire C: , you'd be screwed. Paul |
#18
|
|||
|
|||
Undeletable - Attn Paul - update (more)
On Sun, 08 Jul 2018 20:01:24 -0400, Paul
wrote: You will need three tools. Hi Paul, It will be two or three days before I can try this. As I told you in the last message, Gandalf PE allowed me to unset the Read Only and System attributes on the program files folder and files before I copied them back down. (What is the SYSTEM attribute? Couldn't find that with Google.) There has been an improvement: Each file now shows four items in the Security Properties. In addition to SYSTEM and Administrators, there is now also "Authenticated Users" and "Users". And, lo and behold, it allowed me to change Authenticated Users to full access. But only for files, not for folders. So now I can delete, replace, etc individual files, but since there are 48,940 files in that directory the improvement is not that much of an improvement. Using the PE boot, I think I may try copying ALL files to the ExFat drive, unsetting those two attributes, and copying them back. What the heck, it's just another 6 hours of backup, verify, restore (if necessary).... -dan z- -- Someone who thinks logically provides a nice contrast to the real world. (Anonymous) |
#19
|
|||
|
|||
Undeletable - Attn Paul - update
On Sun, 8 Jul 2018 18:13:14 +0100, ? Good Guy ?
wrote: On 08/07/2018 14:11, slate_leeper wrote: I think I didn't make the depth of the problem clear. The problem is not with one specific file, it is with the entire Program Files directory. Nothing can be changed. No program can be uninstalled or updated. No program can be installed. No file can be modified or deleted. If this is the case then why don't you boot-up the system using some 3rd party operating System and then you should be able to delete anything from the NTFS file system. That is a good idea. A self booting linux CD should do the job. Did you try deleting from the safe mode? It's worth a try rather than struggling for months trying to find solutions to simp0le problems. You could have made a trip to the moon by now considering you have spent nearly two weeks on this. It might be better to just reinstall windows. Why don't you take your machine to a geek shop? They can do it for you. Alternatively, ask Arlen Holden to come to your house to sort it out. He likes young boys and he is prepared to travel for the right boys. He is even thinking of going to Thailand to rescue those young boys who are trapped for a month in a cave. Dolf already has that job. --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus |
#20
|
|||
|
|||
Undeletable - Attn Paul - 'go nuclear'
On Sun, 08 Jul 2018 20:01:24 -0400, Paul
wrote: Time to go nuclear. You will need three tools. pstools (psexec.exe and psexec64.exe) process explorer (to verify the properties of the Command Prompt created). RunFromToken.exe (a program to copy trustedinstaller token, and run Command Prompt) 1) Start an Administrator Command Prompt. Unpack pstools. From www.sysinternals.com . Grab pxexec64.exe if on a 64 bit system. psexec64 -hsi cmd Another Command Prompt window opens. 2a) Do "whoami" in the new Command Prompt window. ntauthority\system Download RunFromToken http://reboot.pro/files/download/237...-runfromtoken/ http://reboot.pro/files/getdownload/...-runfromtoken/ Unpack the three files. You'll need two of them. RunFromToken.au3 (an autohotkey program) RunFromToken64.exe (the tool for a 64-bit OS) 2b) The next part is a minor issue, a bit of timing is involved. Open services.msc from the run box. Do "Properties" on the "Windows Modules Installer" service. It will be in the stopped state. It has a "Start" button. In the SYSTEM cmd window from 2a, prepare your command to launch yet another cmd window. cd /d C:\users\slate\Downloads # Location of RunFromToken64 RunFromToken64.exe trustedinstaller.exe 1 cmd # *Do not* hit return yet. Now, go back to the "Windows Modules Installer" Properties and click Start. Wait for the timer to disappear and the thing to seem to be running. Now, hit carriage return. OK, first minor snag. The RunFromToken64.exe program needs to fiddle with one of the Administrator privileges. The dialog will tell you that a reboot is required. Repeat the steps to here, and the second time, it should work. 3) Download Process Explorer and unpack it. From www.sysinternals.com . Right click "procexp.exe" and select Run As Administrator. This is needed to get a lot of process properties. In the 2b window, it tells you the PID of the special cmd window. Sort the processes in procexp.exe by the PID column, then scroll down until you find the PID in question. Note that, the window that opens at the end of 2b is still owned by SYSTEM. whoami ntauthority\system But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. https://s22.postimg.cc/jde034snl/tru...ller_maybe.gif 4) Now from that third window, the one you vetted in Process Explorer, cd /d C:\Program Files\7zip del 7zip.exe There is a picture here as a summary. https://s22.postimg.cc/ktpilht29/ele..._installer.gif Success at all steps to: D:\PaulSpecialFilesrunfromtoken64.exe trustedinstaller.exe 1 cmd Now setting privilege: SeDebugPrivilege Now setting privilege: SeAssignPrimaryTokenPrivilege Now setting privilege: SeIncreaseQuotaPrivilege Host PID: 8056 New process created successfully: 2496 D:\PaulSpecialFileswhoami nt authority\system Step 4 - del a file in program files.... (actually I tried rename a folder) ... 'access denied' But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. My properties do not look like yours: https://imgur.com/a/q4d64jW -dan z- -- Someone who thinks logically provides a nice contrast to the real world. (Anonymous) |
#21
|
|||
|
|||
Undeletable - Attn Paul - 'go nuclear'
slate_leeper wrote:
On Sun, 08 Jul 2018 20:01:24 -0400, Paul wrote: Time to go nuclear. You will need three tools. pstools (psexec.exe and psexec64.exe) process explorer (to verify the properties of the Command Prompt created). RunFromToken.exe (a program to copy trustedinstaller token, and run Command Prompt) 1) Start an Administrator Command Prompt. Unpack pstools. From www.sysinternals.com . Grab pxexec64.exe if on a 64 bit system. psexec64 -hsi cmd Another Command Prompt window opens. 2a) Do "whoami" in the new Command Prompt window. ntauthority\system Download RunFromToken http://reboot.pro/files/download/237...-runfromtoken/ http://reboot.pro/files/getdownload/...-runfromtoken/ Unpack the three files. You'll need two of them. RunFromToken.au3 (an autohotkey program) RunFromToken64.exe (the tool for a 64-bit OS) 2b) The next part is a minor issue, a bit of timing is involved. Open services.msc from the run box. Do "Properties" on the "Windows Modules Installer" service. It will be in the stopped state. It has a "Start" button. In the SYSTEM cmd window from 2a, prepare your command to launch yet another cmd window. cd /d C:\users\slate\Downloads # Location of RunFromToken64 RunFromToken64.exe trustedinstaller.exe 1 cmd # *Do not* hit return yet. Now, go back to the "Windows Modules Installer" Properties and click Start. Wait for the timer to disappear and the thing to seem to be running. Now, hit carriage return. OK, first minor snag. The RunFromToken64.exe program needs to fiddle with one of the Administrator privileges. The dialog will tell you that a reboot is required. Repeat the steps to here, and the second time, it should work. 3) Download Process Explorer and unpack it. From www.sysinternals.com . Right click "procexp.exe" and select Run As Administrator. This is needed to get a lot of process properties. In the 2b window, it tells you the PID of the special cmd window. Sort the processes in procexp.exe by the PID column, then scroll down until you find the PID in question. Note that, the window that opens at the end of 2b is still owned by SYSTEM. whoami ntauthority\system But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. https://s22.postimg.cc/jde034snl/tru...ller_maybe.gif 4) Now from that third window, the one you vetted in Process Explorer, cd /d C:\Program Files\7zip del 7zip.exe There is a picture here as a summary. https://s22.postimg.cc/ktpilht29/ele..._installer.gif Success at all steps to: D:\PaulSpecialFilesrunfromtoken64.exe trustedinstaller.exe 1 cmd Now setting privilege: SeDebugPrivilege Now setting privilege: SeAssignPrimaryTokenPrivilege Now setting privilege: SeIncreaseQuotaPrivilege Host PID: 8056 New process created successfully: 2496 D:\PaulSpecialFileswhoami nt authority\system Step 4 - del a file in program files.... (actually I tried rename a folder) ... 'access denied' But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. My properties do not look like yours: https://imgur.com/a/q4d64jW -dan z- In your picture "q4d64jW", you'd want the Security tab. Paul |
#22
|
|||
|
|||
Undeletable - Attn Paul - 'go nuclear'
slate_leeper wrote:
On Sun, 08 Jul 2018 20:01:24 -0400, Paul wrote: Time to go nuclear. You will need three tools. pstools (psexec.exe and psexec64.exe) process explorer (to verify the properties of the Command Prompt created). RunFromToken.exe (a program to copy trustedinstaller token, and run Command Prompt) 1) Start an Administrator Command Prompt. Unpack pstools. From www.sysinternals.com . Grab pxexec64.exe if on a 64 bit system. psexec64 -hsi cmd Another Command Prompt window opens. 2a) Do "whoami" in the new Command Prompt window. ntauthority\system Download RunFromToken http://reboot.pro/files/download/237...-runfromtoken/ http://reboot.pro/files/getdownload/...-runfromtoken/ Unpack the three files. You'll need two of them. RunFromToken.au3 (an autohotkey program) RunFromToken64.exe (the tool for a 64-bit OS) 2b) The next part is a minor issue, a bit of timing is involved. Open services.msc from the run box. Do "Properties" on the "Windows Modules Installer" service. It will be in the stopped state. It has a "Start" button. In the SYSTEM cmd window from 2a, prepare your command to launch yet another cmd window. cd /d C:\users\slate\Downloads # Location of RunFromToken64 RunFromToken64.exe trustedinstaller.exe 1 cmd # *Do not* hit return yet. Now, go back to the "Windows Modules Installer" Properties and click Start. Wait for the timer to disappear and the thing to seem to be running. Now, hit carriage return. OK, first minor snag. The RunFromToken64.exe program needs to fiddle with one of the Administrator privileges. The dialog will tell you that a reboot is required. Repeat the steps to here, and the second time, it should work. 3) Download Process Explorer and unpack it. From www.sysinternals.com . Right click "procexp.exe" and select Run As Administrator. This is needed to get a lot of process properties. In the 2b window, it tells you the PID of the special cmd window. Sort the processes in procexp.exe by the PID column, then scroll down until you find the PID in question. Note that, the window that opens at the end of 2b is still owned by SYSTEM. whoami ntauthority\system But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. https://s22.postimg.cc/jde034snl/tru...ller_maybe.gif 4) Now from that third window, the one you vetted in Process Explorer, cd /d C:\Program Files\7zip del 7zip.exe There is a picture here as a summary. https://s22.postimg.cc/ktpilht29/ele..._installer.gif Success at all steps to: D:\PaulSpecialFilesrunfromtoken64.exe trustedinstaller.exe 1 cmd Now setting privilege: SeDebugPrivilege Now setting privilege: SeAssignPrimaryTokenPrivilege Now setting privilege: SeIncreaseQuotaPrivilege Host PID: 8056 New process created successfully: 2496 D:\PaulSpecialFileswhoami nt authority\system Step 4 - del a file in program files.... (actually I tried rename a folder) ... 'access denied' But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. My properties do not look like yours: https://imgur.com/a/q4d64jW -dan z- And here is a sample file in my Program Files. https://s33.postimg.cc/mumc2tc33/my_test_install.gif What's weird there, is I could have sworn that TrustedInstaller used to be in the Properties : Security tab window, but now it isn't any more. And the properties and the icacls info are a subset of one another. And icacls won't mention the ACE Manditory level unless it deviates from the "expected" value. Since you moved Program Files to a non-NTFS volume and back again, perhaps the Manditory levels are used when the regular ownership and permissions are not present. I wasn't able to apply icacls /setintegritylevel unless I did it to the entire C: (as an experiment). I got lots of permission denied elsewhere. Paul |
#23
|
|||
|
|||
Undeletable - Attn Paul - 'go nuclear'
On Wed, 11 Jul 2018 11:14:23 -0400, slate_leeper
wrote: On Sun, 08 Jul 2018 20:01:24 -0400, Paul wrote: Time to go nuclear. You will need three tools. pstools (psexec.exe and psexec64.exe) process explorer (to verify the properties of the Command Prompt created). RunFromToken.exe (a program to copy trustedinstaller token, and run Command Prompt) 1) Start an Administrator Command Prompt. Unpack pstools. From www.sysinternals.com . Grab pxexec64.exe if on a 64 bit system. psexec64 -hsi cmd Another Command Prompt window opens. 2a) Do "whoami" in the new Command Prompt window. ntauthority\system Download RunFromToken http://reboot.pro/files/download/237...-runfromtoken/ http://reboot.pro/files/getdownload/...-runfromtoken/ Unpack the three files. You'll need two of them. RunFromToken.au3 (an autohotkey program) RunFromToken64.exe (the tool for a 64-bit OS) 2b) The next part is a minor issue, a bit of timing is involved. Open services.msc from the run box. Do "Properties" on the "Windows Modules Installer" service. It will be in the stopped state. It has a "Start" button. In the SYSTEM cmd window from 2a, prepare your command to launch yet another cmd window. cd /d C:\users\slate\Downloads # Location of RunFromToken64 RunFromToken64.exe trustedinstaller.exe 1 cmd # *Do not* hit return yet. Now, go back to the "Windows Modules Installer" Properties and click Start. Wait for the timer to disappear and the thing to seem to be running. Now, hit carriage return. OK, first minor snag. The RunFromToken64.exe program needs to fiddle with one of the Administrator privileges. The dialog will tell you that a reboot is required. Repeat the steps to here, and the second time, it should work. 3) Download Process Explorer and unpack it. From www.sysinternals.com . Right click "procexp.exe" and select Run As Administrator. This is needed to get a lot of process properties. In the 2b window, it tells you the PID of the special cmd window. Sort the processes in procexp.exe by the PID column, then scroll down until you find the PID in question. Note that, the window that opens at the end of 2b is still owned by SYSTEM. whoami ntauthority\system But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. https://s22.postimg.cc/jde034snl/tru...ller_maybe.gif 4) Now from that third window, the one you vetted in Process Explorer, cd /d C:\Program Files\7zip del 7zip.exe There is a picture here as a summary. https://s22.postimg.cc/ktpilht29/ele..._installer.gif Success at all steps to: D:\PaulSpecialFilesrunfromtoken64.exe trustedinstaller.exe 1 cmd Now setting privilege: SeDebugPrivilege Now setting privilege: SeAssignPrimaryTokenPrivilege Now setting privilege: SeIncreaseQuotaPrivilege Host PID: 8056 New process created successfully: 2496 D:\PaulSpecialFileswhoami nt authority\system Step 4 - del a file in program files.... (actually I tried rename a folder) ... 'access denied' But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. My properties do not look like yours: https://imgur.com/a/q4d64jW Would you consider booting from a linux CD? -dan z- |
#24
|
|||
|
|||
Undeletable - Attn Paul - 'go nuclear'
Lucifer Morningstar wrote:
On Wed, 11 Jul 2018 11:14:23 -0400, slate_leeper wrote: On Sun, 08 Jul 2018 20:01:24 -0400, Paul wrote: Time to go nuclear. You will need three tools. pstools (psexec.exe and psexec64.exe) process explorer (to verify the properties of the Command Prompt created). RunFromToken.exe (a program to copy trustedinstaller token, and run Command Prompt) 1) Start an Administrator Command Prompt. Unpack pstools. From www.sysinternals.com . Grab pxexec64.exe if on a 64 bit system. psexec64 -hsi cmd Another Command Prompt window opens. 2a) Do "whoami" in the new Command Prompt window. ntauthority\system Download RunFromToken http://reboot.pro/files/download/237...-runfromtoken/ http://reboot.pro/files/getdownload/...-runfromtoken/ Unpack the three files. You'll need two of them. RunFromToken.au3 (an autohotkey program) RunFromToken64.exe (the tool for a 64-bit OS) 2b) The next part is a minor issue, a bit of timing is involved. Open services.msc from the run box. Do "Properties" on the "Windows Modules Installer" service. It will be in the stopped state. It has a "Start" button. In the SYSTEM cmd window from 2a, prepare your command to launch yet another cmd window. cd /d C:\users\slate\Downloads # Location of RunFromToken64 RunFromToken64.exe trustedinstaller.exe 1 cmd # *Do not* hit return yet. Now, go back to the "Windows Modules Installer" Properties and click Start. Wait for the timer to disappear and the thing to seem to be running. Now, hit carriage return. OK, first minor snag. The RunFromToken64.exe program needs to fiddle with one of the Administrator privileges. The dialog will tell you that a reboot is required. Repeat the steps to here, and the second time, it should work. 3) Download Process Explorer and unpack it. From www.sysinternals.com . Right click "procexp.exe" and select Run As Administrator. This is needed to get a lot of process properties. In the 2b window, it tells you the PID of the special cmd window. Sort the processes in procexp.exe by the PID column, then scroll down until you find the PID in question. Note that, the window that opens at the end of 2b is still owned by SYSTEM. whoami ntauthority\system But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. https://s22.postimg.cc/jde034snl/tru...ller_maybe.gif 4) Now from that third window, the one you vetted in Process Explorer, cd /d C:\Program Files\7zip del 7zip.exe There is a picture here as a summary. https://s22.postimg.cc/ktpilht29/ele..._installer.gif Success at all steps to: D:\PaulSpecialFilesrunfromtoken64.exe trustedinstaller.exe 1 cmd Now setting privilege: SeDebugPrivilege Now setting privilege: SeAssignPrimaryTokenPrivilege Now setting privilege: SeIncreaseQuotaPrivilege Host PID: 8056 New process created successfully: 2496 D:\PaulSpecialFileswhoami nt authority\system Step 4 - del a file in program files.... (actually I tried rename a folder) ... 'access denied' But, when you click that cmd (identified by PID) in Process Explorer and do properties, there's an added item. My properties do not look like yours: https://imgur.com/a/q4d64jW Would you consider booting from a linux CD? That used to work, but in 2018, there are two issues. 1) When Windows 10 makes an NTFS partition, the %MFTMIRR is damaged. Linux won't mount a damaged partition of that type. 2) NTFS has a new type of Reparse Point dealing with Compression. There are two compression representations. The old one set an Attribute on the file and didn't use Reparse points. Linux can handle the compression attribute just fine. There is a second kind of compression which might be marginally more efficient. In order to avoid changing the file system version number from 3.1 to something else, it's implemented as a Reparse Point (custom code). Linux does not have this code. If Linux "touches" a system file with that Reparse Point applied, the Linux terminal shows "I/O Error". Editing Windows C: from Linux, isn't as easy as it used to be. Paul |
#25
|
|||
|
|||
Undeletable - Attn Paul - update (more)
On Sat, 07 Jul 2018 07:46:03 -0400, slate_leeper
wrote: On Fri, 06 Jul 2018 20:41:23 -0400, Paul wrote: http://www.jc-tech.info/2016/05/17/w...ndatory-level/ and the result is: C:\WINDOWS\system32icacls c:\Progra~1 /setintegritylevel medium I've succeeded in adding my specific (administrator) name to the security entries for the Program Files directory. I set it for full access, which it accepted. However I still can not change, delete, etc. most files. Seems like the mandatory-level thing must be the problem, but I can't figure out how to fix it.... I would like to set it to medium. -dan z- -- Someone who thinks logically provides a nice contrast to the real world. (Anonymous) |
#26
|
|||
|
|||
Undeletable - Attn Paul - update (more)
slate_leeper wrote:
On Sat, 07 Jul 2018 07:46:03 -0400, slate_leeper wrote: On Fri, 06 Jul 2018 20:41:23 -0400, Paul wrote: http://www.jc-tech.info/2016/05/17/w...ndatory-level/ and the result is: C:\WINDOWS\system32icacls c:\Progra~1 /setintegritylevel medium I've succeeded in adding my specific (administrator) name to the security entries for the Program Files directory. I set it for full access, which it accepted. However I still can not change, delete, etc. most files. Seems like the mandatory-level thing must be the problem, but I can't figure out how to fix it.... I would like to set it to medium. -dan z- You can try "micenum" to show the Mandatory level. https://www.elevenpaths.com/download...m.exe?agree=on And roughly what it should look like. https://s33.postimg.cc/mumc2tc33/my_test_install.gif In the picture, the Properties dialog is missing the TrustedInstaller entry, which can be seen instead in the Command Prompt check. Paul |
#27
|
|||
|
|||
Undeletable - Attn Paul - update (more)
On Fri, 20 Jul 2018 20:02:00 -0400, Paul
wrote: slate_leeper wrote: On Sat, 07 Jul 2018 07:46:03 -0400, slate_leeper wrote: On Fri, 06 Jul 2018 20:41:23 -0400, Paul wrote: http://www.jc-tech.info/2016/05/17/w...ndatory-level/ and the result is: C:\WINDOWS\system32icacls c:\Progra~1 /setintegritylevel medium I've succeeded in adding my specific (administrator) name to the security entries for the Program Files directory. I set it for full access, which it accepted. However I still can not change, delete, etc. most files. Seems like the mandatory-level thing must be the problem, but I can't figure out how to fix it.... I would like to set it to medium. -dan z- You can try "micenum" to show the Mandatory level. https://www.elevenpaths.com/download...m.exe?agree=on And roughly what it should look like. https://s33.postimg.cc/mumc2tc33/my_test_install.gif In the picture, the Properties dialog is missing the TrustedInstaller entry, which can be seen instead in the Command Prompt check. Paul Well, believe it or not, that program shows the Program Files directory and contents all at level "medium." So I guess that is not the problem. I'm baffled. -dan z- -- Someone who thinks logically provides a nice contrast to the real world. (Anonymous) |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|