Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Fixing a computer with hosed permissions & activation problems?

10 Oct 2012   #31
Keirnoth

Windows 7 Professional 32-bit
 
 

Here you go.

Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>DIR C:\Windows\System32\wbem /AR
 Volume in drive C has no label.
 Volume Serial Number is 6EFF-DD7B

 Directory of C:\Windows\System32\wbem

File Not Found

C:\Windows\system32>
C:\Windows\system32>ICACLS C:\Windows\System32\wbem
C:\Windows\System32\wbem NT SERVICE\TrustedInstaller:(F)
                         NT SERVICE\TrustedInstaller:(CI)(IO)(F)
                         NT AUTHORITY\SYSTEM:(M)
                         NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                         BUILTIN\Administrators:(M)
                         BUILTIN\Administrators:(OI)(CI)(IO)(F)
                         BUILTIN\Users:(RX)
                         BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
                         CREATOR OWNER:(OI)(CI)(IO)(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\MOF
C:\Windows\System32\wbem\MOF NT AUTHORITY\SYSTEM:(F)
                             BUILTIN\Administrators:(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\xml
C:\Windows\System32\wbem\xml NT SERVICE\TrustedInstaller:(F)
                             NT SERVICE\TrustedInstaller:(CI)(IO)(F)
                             NT AUTHORITY\SYSTEM:(M)
                             NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                             BUILTIN\Administrators:(M)
                             BUILTIN\Administrators:(OI)(CI)(IO)(F)
                             BUILTIN\Users:(RX)
                             BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
                             CREATOR OWNER:(OI)(CI)(IO)(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\Logs
C:\Windows\System32\wbem\Logs NT AUTHORITY\SYSTEM:(F)
                              BUILTIN\Administrators:(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\Performance
C:\Windows\System32\wbem\Performance NT SERVICE\TrustedInstaller:(I)(F)
                                     NT SERVICE\TrustedInstaller:(I)(CI)(IO)(F)
                                     NT AUTHORITY\SYSTEM:(I)(F)
                                     NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
                                     BUILTIN\Administrators:(I)(F)
                                     BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
                                     BUILTIN\Users:(I)(RX)
                                     BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)
                                     CREATOR OWNER:(I)(OI)(CI)(IO)(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\Repository
C:\Windows\System32\wbem\Repository BUILTIN\Users:(RX)
                                    BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
                                    NT AUTHORITY\NETWORK SERVICE:(R)
                                    NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(IO)(GR)
                                    No mapping between account names and security IDs was done.
(R,W)
                                    No mapping between account names and security IDs was done.
(OI)(CI)(IO)(GR,GW)
                                    BUILTIN\Administrators:(F)
                                    BUILTIN\Administrators:(OI)(CI)(IO)(F)
                                    NT AUTHORITY\SYSTEM:(F)
                                    NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                                    OWNER RIGHTS:(OI)(CI)(IO)(Rc)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\tmf
C:\Windows\System32\wbem\tmf NT AUTHORITY\SYSTEM:(F)
                             BUILTIN\Administrators:(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>ICACLS C:\Windows\System32\wbem\en-US
C:\Windows\System32\wbem\en-US NT SERVICE\TrustedInstaller:(F)
                               NT SERVICE\TrustedInstaller:(CI)(IO)(F)
                               NT AUTHORITY\SYSTEM:(M)
                               NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                               BUILTIN\Administrators:(M)
                               BUILTIN\Administrators:(OI)(CI)(IO)(F)
                               BUILTIN\Users:(RX)
                               BUILTIN\Users:(OI)(CI)(IO)(GR,GE)
                               CREATOR OWNER:(OI)(CI)(IO)(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>
File not found for the first command? Tried that command on my personal machine - doesn't seem to work either.


My System SpecsSystem Spec
.
10 Oct 2012   #32
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

Thse don't look too bad

SO far, the only serious deviation I can see is in the output from
ICACLS C:\Windows\System32\Logfiles

so let's try fixing that - we'll go the easy route.
Open Windows Explorer
Navigate to the C:\Windows\System32 folder
Find the Logfiles entry
right-click on it - select Properties
Click on the Security tab
Click on the Advanced button, then the Change Permissions button.
Make sure that the tick is in the 'Include inheritable permissions from...' box
and click Apply.
You should end up with 5 entries
TrustedInstaller (Special)
SYSTEM (Full control)
Administrators (Full control)
Users (Read & Execute)
CREATOR OWNER (Special)

(all inherited from C:\Windows\System32)
put a tick in the 'Replace all child....' box
Click OK out

Repeat the process for C:\Windows\Logs
(the results in permissions will be slightly different - don't worry about it for the moment)

click OK out

Reboot, and post a new MGADiag report.
My System SpecsSystem Spec
10 Oct 2012   #33
Keirnoth

Windows 7 Professional 32-bit
 
 

With the Logfiles folder, I got a:

An error occurred while applying security information to:

C:\Windows\System32\LogFiles\Srt\SrtTrail.log

Access is denied

But the rest of it worked.

With the Log folder, I got the same thing, but for
C:\Windows\Logs\CBS\CbsPersist_*.cab where * is some sort of date.
I also got the error for:
C:\Windows\Logs\SystemRestore\restore.*.etl where * was an integer 1 through 3.

And the rest of it worked.

Here's the attached MGADiag.


Attached Files
File Type: txt MGADiag6.txt (7.0 KB, 19 views)
My System SpecsSystem Spec
.

10 Oct 2012   #34
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

Well, no change - but I wonder if the problem is with those files that you couldn't change......
SrtTrail.txt is a simple text file, and shouldn't be locked while the system is running.
Likewise, the CBSpersist files are simple archives, and shouldn't be locked

The SystemRestore files are a slightly different kettle of fish


Please run the following commands....

DIR C:\Windows\System32\Logfiles\Srt\SRT*.*
ATTRIB C:\Windows\System32\Logfiles\Srt\SRT*.*
ICACLS C:\Windows\System32\Logfiles\Srt\SRT*.*
DIR C:\Windows\Logs\CBS\CBSPersist*.*
ATTRIB C:\Windows\Logs\CBS\CBSPersist*.*
ICACLS C:\Windows\Logs\CBS\CBSPersist*.*


post the results.
My System SpecsSystem Spec
10 Oct 2012   #35
Keirnoth

Windows 7 Professional 32-bit
 
 

Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>DIR C:\Windows\System32\Logfiles\Srt\SRT*.*
 Volume in drive C has no label.
 Volume Serial Number is 6EFF-DD7B

 Directory of C:\Windows\System32\Logfiles\Srt

10/06/2012  05:43 PM            34,584 SrtTrail.log
10/06/2012  05:43 PM            11,960 SrtTrail.txt
               2 File(s)         46,544 bytes
               0 Dir(s)  103,963,242,496 bytes free

C:\Windows\system32>ATTRIB C:\Windows\System32\Logfiles\Srt\SRT*.*
A            C:\Windows\System32\Logfiles\Srt\SrtTrail.log
A            C:\Windows\System32\Logfiles\Srt\SrtTrail.txt

C:\Windows\system32>ICACLS C:\Windows\System32\Logfiles\Srt\SRT*.*
C:\Windows\System32\Logfiles\Srt\SrtTrail.log NT AUTHORITY\SYSTEM:(F)
                                              BUILTIN\Administrators:(RX)

C:\Windows\System32\Logfiles\Srt\SrtTrail.txt NT AUTHORITY\SYSTEM:(I)(F)
                                              BUILTIN\Administrators:(I)(F)
                                              BUILTIN\Users:(I)(RX)

Successfully processed 2 files; Failed processing 0 files

C:\Windows\system32>DIR C:\Windows\Logs\CBS\CBSPersist*.*
 Volume in drive C has no label.
 Volume Serial Number is 6EFF-DD7B

 Directory of C:\Windows\Logs\CBS

09/29/2012  04:18 PM           404,252 CbsPersist_20120930231433.cab
10/08/2012  07:52 AM           472,746 CbsPersist_20121008180820.cab
10/09/2012  09:01 AM           600,645 CbsPersist_20121009204721.cab
10/09/2012  02:30 PM           570,580 CbsPersist_20121010034712.cab
10/10/2012  09:18 AM           753,739 CbsPersist_20121010201704.cab
               5 File(s)      2,801,962 bytes
               0 Dir(s)  103,963,254,784 bytes free

C:\Windows\system32>ATTRIB C:\Windows\Logs\CBS\CBSPersist*.*
A            C:\Windows\Logs\CBS\CbsPersist_20120930231433.cab
A            C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab
A            C:\Windows\Logs\CBS\CbsPersist_20121009204721.cab
A            C:\Windows\Logs\CBS\CbsPersist_20121010034712.cab
A            C:\Windows\Logs\CBS\CbsPersist_20121010201704.cab

C:\Windows\system32>ICACLS C:\Windows\Logs\CBS\CBSPersist*.*
C:\Windows\Logs\CBS\CbsPersist_20120930231433.cab NT AUTHORITY\SYSTEM:(I)(F)
                                                  BUILTIN\Administrators:(I)(F)
                                                  BUILTIN\Users:(I)(RX)

C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab: Access is denied.
Successfully processed 1 files; Failed processing 1 files

C:\Windows\system32>
My System SpecsSystem Spec
10 Oct 2012   #36
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

Quote   Quote: Originally Posted by Keirnoth View Post

C:\Windows\system32>ICACLS C:\Windows\Logs\CBS\CBSPersist*.*
C:\Windows\Logs\CBS\CbsPersist_20120930231433.cab NT AUTHORITY\SYSTEMI)(F)
BUILTIN\AdministratorsI)(F)
BUILTIN\UsersI)(RX)

C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab: Access is denied.
Successfully processed 1 files; Failed processing 1 files

C:\Windows\system32>
[/code]
OK - we've found at least one problem file
Please see what the permissions are for it in Windows Explorer - if you can access it at all.

Open Windows Explorer and navigate to the C:\Windows\Logs\CBS folder
right-click on the CbsPersist_20121008180820.cab file, and select Properties
Click on the Security tab
What are the ticked permissions for each entry in the Users box?

Close Windows Explorer, and open an Elevated Command Prompt window.

run the following commands

TAKEOWN /F C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab /A
ICACLS C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab

Post the results.
My System SpecsSystem Spec
10 Oct 2012   #37
Keirnoth

Windows 7 Professional 32-bit
 
 

When I check the permissions, it simply says "You do not have permission to view or edit this object's permission settings."

The same goes for these two cab files:
CbsPersist_20121009204721.cab and
CbsPersist_20121010034712.cab

After running those commands on all three of the affected files:

Code:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\Logs\CBS>TAKEOWN /F C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab /A

SUCCESS: The file (or folder): "C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab" now owned by the administrators group.

C:\Windows\Logs\CBS>TAKEOWN /F C:\Windows\Logs\CBS\CbsPersist_20121009204721.cab /A

SUCCESS: The file (or folder): "C:\Windows\Logs\CBS\CbsPersist_20121009204721.cab" now owned by the administrators group.

C:\Windows\Logs\CBS>TAKEOWN /F C:\Windows\Logs\CBS\CbsPersist_20121010034712.cab /A

SUCCESS: The file (or folder): "C:\Windows\Logs\CBS\CbsPersist_20121010034712.cab" now owned by the administrators group.

C:\Windows\Logs\CBS>ICACLS C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab
C:\Windows\Logs\CBS\CbsPersist_20121008180820.cab NT AUTHORITY\SYSTEM:(F)
                                                  OWNER RIGHTS:(IO)(Rc)
                                                  NT SERVICE\TrustedInstaller:(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\Logs\CBS>ICACLS C:\Windows\Logs\CBS\CbsPersist_20121009204721.cab
C:\Windows\Logs\CBS\CbsPersist_20121009204721.cab NT AUTHORITY\SYSTEM:(F)
                                                  OWNER RIGHTS:(IO)(Rc)
                                                  NT SERVICE\TrustedInstaller:(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\Logs\CBS>ICACLS C:\Windows\Logs\CBS\CbsPersist_20121010034712.cab
C:\Windows\Logs\CBS\CbsPersist_20121010034712.cab NT AUTHORITY\SYSTEM:(F)
                                                  OWNER RIGHTS:(IO)(Rc)
                                                  NT SERVICE\TrustedInstaller:(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\Logs\CBS>
I also attached a new MGADiag log for your convenience after restarting the machine.


Attached Files
File Type: txt MGADiag7.txt (7.6 KB, 4 views)
My System SpecsSystem Spec
10 Oct 2012   #38
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

Odd permissions there - it's as if the filesave got blocked before the permissions could be reset byt the TrustedInstaller service.
You should now be able to reset the permissions properly using the Logs folder as the source again - as in post #32 - let's see if there's any other errors brought up
My System SpecsSystem Spec
11 Oct 2012   #39
Keirnoth

Windows 7 Professional 32-bit
 
 

Alright, I replaced the permissions and didn't get the errors on the CBSPersist files anymore. It still locked me out of the restore0, 1, and 2.etl files. Is this normal?

Let me know what else I need to do - should I enter the CD key on the COA for this machine and see if it activates or is there something still broken that's causing Windows to think the key installed by the OEM is invalid?
My System SpecsSystem Spec
11 Oct 2012   #40
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

Probably the best way to attempt to deal with the Sytem Restore problem is to reset System Restore (and VSS) manually.

Click on teh Start button
in the Search box, type Advanced System Settings
You'll see a list of options come up - one should be 'View Advanced system settings'
click on that.
Click on the System Protection tab in the popup that should appear.
Click on the 'Create' button and follow the instructions.

Assuming that the new System Restore point is properly created.......
close the popup
Click on the Start button
in the Search box, type Disk Cleanup and click on the resulting find
Follow the instructions.
UNCHECK ALL BOXES in the initial page of the popup.
Click on the 'Clean up system files' button and select the C: drive to clean up
When the scan has finished, click on the More Options tab
In the System Restore and Shadow Copies area, click on Clean up.
agree to the warning.
Wait for completion (could take a while!) and then close out the Disk Cleanup window.
reboot.

Now see if
a) the files still exist
b) you can access their permissions.
My System SpecsSystem Spec
Reply

 Fixing a computer with hosed permissions & activation problems?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
sfc /scannow not fixing bad file problems
I have run sfc /scannow multiple times. I have downloaded and run the System Update Readiness Tool and then rerun sfc. My log file continues to show many unfixed errors. The most recent log is attached. Help would be greatly appreciated!
Performance & Maintenance
Finally found a permissions fixing tool that actually works.
Permissions Time Machine. AMYD Projects: Permissions Time Machine v1.4 Install, tell your antivirus it is NOT malware and move the executable out of the virus chest (I'm beginning to dislike Avast) then Run as an administrator. Choose the drive you're having file access issues with then click the...
Performance & Maintenance
Windows update will not run after appare ntly fixing Activation proble
Hi This issue started off when I suddenly got an error sayonjg that I was not using a genuine copy of windows. I fiddled around with various fixes and that error appears to have gone away. However, my windows Update is not working. Initially I was getting an error saying it could not update...
Windows Updates & Activation
my computer seems to die out at random i need help fixing it
sorry about the title, recently i built a computer(yay me) but shortly after i began using it the screen would go black and stop responding to anything, i couldnt even power it down from the on/off button, i had to shut it down from the switch on the battery and sometimes thatll fail before working...
BSOD Help and Support
6 Reasons The Guy Who's Fixing Your Computer Hates You
Some NSFW language, but I had to laugh :) Source A Guy
Chillout Room
Fixing activation on my friend's computer
Long story short, I had to fix my friend's computer that was blue-screening after login, usually even in Safe Mode. She got it a while back and it's an HP that came pre-installed with Windows 7 Home Premium. Since she needed it to be working ASAP, my only solution after testing all the hardware I...
Windows Updates & Activation


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:54.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App