Solved Made a mess of C:\users\public security

Kaktussoft

New member
Guru
Gold Member
VIP
Local time
7:08 AM
Messages
10,796
Location
SecretCity
Files within c:\users\public folder have been reset to owner "Administrators" and all security is gone. Inhereted security from c:\users\public is still there on all files and folders. What security is the default on a normal windows 7 machine?

Please send me outpu of follwing commands

dir/q/a c:\users\public
icacls c:\users\public\*.*
------------------------------
sample output of my machine

C:\Users\Public>dir /q/a c:\users\public
De volumenaam van station C is System
Het volumenummer is A0D5-0A47
Map van c:\users\public
28-09-2011 15:48 <DIR> INGEBOUWD\Administrator.
28-09-2011 15:48 <DIR> INGEBOUWD\Administrator..
01-12-2010 11:37 <DIR> INGEBOUWD\AdministratorCyberLink
05-08-2011 22:00 <DIR> INGEBOUWD\AdministratorDesktop
14-07-2009 06:54 174 INGEBOUWD\Administratordesktop.ini
22-09-2011 14:41 <DIR> INGEBOUWD\AdministratorDocuments
28-09-2011 15:45 7.476 LaptopRon\Ron f - kopie.txt
28-09-2011 15:45 7.476 INGEBOUWD\Administratorf.txt
28-01-2011 17:47 <DIR> INGEBOUWD\AdministratorFavorites
28-09-2011 15:51 21.196 INGEBOUWD\Administratorg.txt
26-10-2010 12:22 <DIR> INGEBOUWD\AdministratorLibraries
06-11-2010 22:10 <DIR> INGEBOUWD\AdministratorMusic
08-02-2011 12:35 262.144 INGEBOUWD\AdministratorNTUSER.DAT
25-09-2011 10:26 5.120 INGEBOUWD\AdministratorNTUSER.DAT.LOG1
23-10-2010 17:54 0 INGEBOUWD\AdministratorNTUSER.DAT.LOG2
25-10-2010 18:02 65.536 INGEBOUWD\AdministratorNTUSER.DAT{b0ef8151-e
04a-11df-bd67-88ae1d7dde11}.TM.blf
25-10-2010 18:02 524.288 INGEBOUWD\AdministratorNTUSER.DAT{b0ef8151-e
04a-11df-bd67-88ae1d7dde11}.TMContainer00000000000000000001.regtrans-ms
25-10-2010 18:02 524.288 INGEBOUWD\AdministratorNTUSER.DAT{b0ef8151-e
04a-11df-bd67-88ae1d7dde11}.TMContainer00000000000000000002.regtrans-ms
03-11-2010 11:11 65.536 INGEBOUWD\AdministratorNTUSER.DAT{bacdb18c-e
726-11df-b444-88ae1d7dde11}.TM.blf
03-11-2010 11:11 524.288 INGEBOUWD\AdministratorNTUSER.DAT{bacdb18c-e
726-11df-b444-88ae1d7dde11}.TMContainer00000000000000000001.regtrans-ms
03-11-2010 11:11 524.288 INGEBOUWD\AdministratorNTUSER.DAT{bacdb18c-e
726-11df-b444-88ae1d7dde11}.TMContainer00000000000000000002.regtrans-ms
23-10-2010 17:54 65.536 INGEBOUWD\AdministratorNTUSER.DAT{e1da4eb6-d
eba-11df-8cb0-88ae1d7dde11}.TM.blf
23-10-2010 17:54 524.288 INGEBOUWD\AdministratorNTUSER.DAT{e1da4eb6-d
eba-11df-8cb0-88ae1d7dde11}.TMContainer00000000000000000001.regtrans-ms
23-10-2010 17:54 524.288 INGEBOUWD\AdministratorNTUSER.DAT{e1da4eb6-d
eba-11df-8cb0-88ae1d7dde11}.TMContainer00000000000000000002.regtrans-ms
24-09-2011 02:10 <DIR> INGEBOUWD\AdministratorOEM
24-09-2011 02:04 <DIR> INGEBOUWD\AdministratorPictures
09-11-2010 10:51 <DIR> INGEBOUWD\AdministratorRecorded TV
06-11-2010 22:10 <DIR> INGEBOUWD\AdministratorVideos
.
.
.
------------------------------
C:\Users\Public>icacls c:\users\public\*.*
c:\users\public\CyberLink INGEBOUWD\Administrators:(I)(OI)(CI)(F)
MAKER EIGENAAR:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIEF:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
c:\users\public\Desktop INGEBOUWD\Administrators:(I)(OI)(CI)(F)
MAKER EIGENAAR:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIEF:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
c:\users\public\desktop.ini INGEBOUWD\Administrators:(I)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\INTERACTIEF:(I)(M,DC)
NT AUTHORITY\SERVICE:(I)(M,DC)
NT AUTHORITY\BATCH:(I)(M,DC)
.
.
.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bits 7601...Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz4,00 GBATI Mobility Radeon HD 5400 Series
Computer type
Laptop
Computer Manufacturer/Model Number
ACER ASPIRE 5742G
OS
Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Motherboard
Acer Aspire 5742G
Memory
4,00 GB
Graphics Card(s)
ATI Mobility Radeon HD 5400 Series
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
WDC WD5000BEVT-22ZAT0
Mine hasnt been touched since install.....

C:\Users>dir /q /a c:\users\public
Volume in drive C has no label.
Volume Serial Number is AC1D-F720

Directory of c:\users\public

07/14/2009 03:44 AM <DIR> BUILTIN\Administrators .
07/14/2009 03:44 AM <DIR> BUILTIN\Administrators ..
09/26/2011 09:48 PM <DIR> BUILTIN\Administrators Desktop
07/14/2009 12:54 AM 174 NT AUTHORITY\SYSTEM desktop.ini
06/18/2011 11:06 PM <DIR> BUILTIN\Administrators Documents
07/14/2009 12:54 AM <DIR> BUILTIN\Administrators Downloads
07/13/2009 10:34 PM <DIR> BUILTIN\Administrators Favorites
03/05/2010 09:16 PM <DIR> BUILTIN\Administrators Libraries
07/14/2009 12:54 AM <DIR> BUILTIN\Administrators Music
05/22/2011 12:22 PM <DIR> BUILTIN\Administrators Pictures
03/06/2010 05:55 PM <DIR> BUILTIN\Administrators Recorded TV
09/07/2010 03:59 PM <DIR> BUILTIN\Administrators Videos
1 File(s) 174 bytes
11 Dir(s) 37,845,639,168 bytes free


C:\Users>icacls c:\users\public\*.*
c:\users\public\Desktop BUILTIN\Administrators:(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(OI)(CI)(RX)
NT AUTHORITY\SYSTEM:(OI)(CI)(F)
Ript-2010\Slurp:(OI)(CI)(IO)(DE,DC)

c:\users\public\desktop.ini BUILTIN\Administrators:(I)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\INTERACTIVE:(I)(M,DC)
NT AUTHORITY\SERVICE:(I)(M,DC)
NT AUTHORITY\BATCH:(I)(M,DC)
Everyone:(I)(F)

c:\users\public\Documents BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Downloads BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Favorites BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Libraries NT SERVICE\WMPNetworkSvc:(R)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Music NT SERVICE\WMPNetworkSvc:(R,WD)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR,WD)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Pictures NT SERVICE\WMPNetworkSvc:(R,WD)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR,WD)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Recorded TV No mapping between account names and security IDs was done.
(M,DC)
No mapping between account names and security IDs was done.
(OI)(CI)(IO)(M,GR,GW,GE,DC)
NT AUTHORITY\Authenticated Users:(M,DC)
NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(M,GR,GW,GE,DC)
NT SERVICE\WMPNetworkSvc:(R)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR)
NT SERVICE\ehSched:(OI)(CI)(M,DC)
NT SERVICE\ehRecvr:(OI)(CI)(M,DC)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Videos NT SERVICE\WMPNetworkSvc:(R,WD)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR,WD)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

Successfully processed 10 files; Failed processing 0 files

C:\Users>
 

My Computer My Computer

At a glance

windows sevenPhenom II x2 3.14 gigsNvidia GTS 250
Computer Manufacturer/Model Number
iBuyPower
OS
windows seven
CPU
Phenom II x2 3.1
Motherboard
asus
Memory
4 gigs
Graphics Card(s)
Nvidia GTS 250
Monitor(s) Displays
23in Acre
Mine hasnt been touched since install.....

C:\Users>dir /q /a c:\users\public
Volume in drive C has no label.
Volume Serial Number is AC1D-F720

Directory of c:\users\public

07/14/2009 03:44 AM <DIR> BUILTIN\Administrators .
07/14/2009 03:44 AM <DIR> BUILTIN\Administrators ..
09/26/2011 09:48 PM <DIR> BUILTIN\Administrators Desktop
07/14/2009 12:54 AM 174 NT AUTHORITY\SYSTEM desktop.ini
06/18/2011 11:06 PM <DIR> BUILTIN\Administrators Documents
07/14/2009 12:54 AM <DIR> BUILTIN\Administrators Downloads
07/13/2009 10:34 PM <DIR> BUILTIN\Administrators Favorites
03/05/2010 09:16 PM <DIR> BUILTIN\Administrators Libraries
07/14/2009 12:54 AM <DIR> BUILTIN\Administrators Music
05/22/2011 12:22 PM <DIR> BUILTIN\Administrators Pictures
03/06/2010 05:55 PM <DIR> BUILTIN\Administrators Recorded TV
09/07/2010 03:59 PM <DIR> BUILTIN\Administrators Videos
1 File(s) 174 bytes
11 Dir(s) 37,845,639,168 bytes free


C:\Users>icacls c:\users\public\*.*
c:\users\public\Desktop BUILTIN\Administrators:(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(OI)(CI)(RX)
NT AUTHORITY\SYSTEM:(OI)(CI)(F)
Ript-2010\Slurp:(OI)(CI)(IO)(DE,DC)

c:\users\public\desktop.ini BUILTIN\Administrators:(I)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\INTERACTIVE:(I)(M,DC)
NT AUTHORITY\SERVICE:(I)(M,DC)
NT AUTHORITY\BATCH:(I)(M,DC)
Everyone:(I)(F)

c:\users\public\Documents BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Downloads BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Favorites BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Libraries NT SERVICE\WMPNetworkSvc:(R)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Music NT SERVICE\WMPNetworkSvc:(R,WD)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR,WD)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Pictures NT SERVICE\WMPNetworkSvc:(R,WD)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR,WD)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Recorded TV No mapping between account names and security IDs was done.
(M,DC)
No mapping between account names and security IDs was done.
(OI)(CI)(IO)(M,GR,GW,GE,DC)
NT AUTHORITY\Authenticated Users:(M,DC)
NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(M,GR,GW,GE,DC)
NT SERVICE\WMPNetworkSvc:(R)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR)
NT SERVICE\ehSched:(OI)(CI)(M,DC)
NT SERVICE\ehRecvr:(OI)(CI)(M,DC)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

c:\users\public\Videos NT SERVICE\WMPNetworkSvc:(R,WD)
NT SERVICE\WMPNetworkSvc:(OI)(CI)(IO)(GR,WD)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
NT AUTHORITY\INTERACTIVE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\SERVICE:(I)(OI)(CI)(M,DC)
NT AUTHORITY\BATCH:(I)(OI)(CI)(M,DC)
Everyone:(I)(OI)(CI)(F)

Successfully processed 10 files; Failed processing 0 files

C:\Users>
So no deny acl on any file or folder. Everything is inhereted as well. (I)
I did add everyone full access on c:\users\public and NT SERVICE\WMPNetworkSvc was added automatically when disabling and enabling sharing in windows media player. Everyone has full control so caring about acl is not necessery.

recorded tv folder: also everyone has full control. but also a few explicit acls. I don't use this folder so i don't care.

Only problem left: security of folder c:\users\public\desktop
security is according to you
NT AUTHORITY\INTERACTIVE:(OI)(CI)(RX)=>so read and execute i assume
NT AUTHORITY\SYSTEM:(OI)(CI)(F) =>full control

not inhereted!!
thanx a lot. I'll ask security of c:\users\public\desktop in a seperate thread
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bits 7601...Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz4,00 GBATI Mobility Radeon HD 5400 Series
Computer type
Laptop
Computer Manufacturer/Model Number
ACER ASPIRE 5742G
OS
Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Motherboard
Acer Aspire 5742G
Memory
4,00 GB
Graphics Card(s)
ATI Mobility Radeon HD 5400 Series
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
WDC WD5000BEVT-22ZAT0
Back
Top