Posted April 26, 201014 yr "Paul Calcagno" wrote in message news:uCXLeBN5KHA.6052@TK2MSFTNGP02.phx.gbl... > I'm running Windows Home Premium, SP2. Windows Defender, Spyware Doctor, MBAM, SAS and CCleaner. > MS Office 2007. 2 GB of RAM. All WU's are current. System is running fine. > > I'm having trouble with Win Defender Definitions updates so I'm working via e-mail with MS to > reset my Security Settings and Permissions. One of their suggestions is to create a batch file > using Run==>Cmd==notepad and have this file contain the following: > > @echo off > > subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f > subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f > subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f > subinacl /subdirectories %SystemDrive% /grant=administrators=f > subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f > subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f > subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f > subinacl /subdirectories %SystemDrive% /grant=system=f > > @Echo ========================= > @Echo Finished. > @Echo ========================= > @pause > Now I'm having trouble saving this file as a batch file so that I can double click it to make it > run under a Dos application. If saved correctly, I'm supposed to be able to double left click it > or right click it and select `Run As Administrator'. No matter what I call it (reset.bat, > reset.txt) or no matter what file type I save is as, when I double click it, it won't `run' or > when I right click it, Run as Administrator is not an option. Am I doing something wrong? Paul > C. > > Any help would be greatly appreciated. Do I have a virus and that's why these files are behaving > this way? I've waisted hours on this meaningless problem. > > Paul C. > I suspect that your original problem with Defender updates may be because you have too many security programs running at once. There may be some sort of conflict happening. Try removing Spyware Doctor, SAS and only run Malwarebytes on demand to see if that helps. It seems that whoever gave you the advice to run the batch file didn't realise you were running Vista. Administrators have different privilege levels in XP and Vista. By running the line: 'subinacl /subdirectories %SystemDrive% /grant=administrators=f' you have effectively reduced some of Vista's security. If I understand it correctly that line gives administrators full control of all files on the system drive (C:\) including Windows, System32, Winsxs etc. In Vista only TrustedInstaller should have full control. The standard Vista permissions for system files are: TrustedInstaller: Full Control System: Read and Execute administrators: Read and Execute Users: Read and Execute By giving members of the administrators group full control to system files it is likely that any malware process that manages to run with administrator privileges will now be able to delete, rename or modify etc. Windows system files. I may have got it wrong about subinacl but I don't think so. :-(
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.