Restoring 'TrustedInstaller' as owner for executable in Windows folder

So the title says restoring TrustedInstaller.

Seems there is a missing part; removing the added Administrators group permissions.

takeown /F "C:\Windows\regedit.exe" /A
/F - file to become owner of
/A - means it will set the users group (ie. Administrators, not userxyz)

icacls "C:\Windows\regedit.exe" /grant Administrators:F
/grant - will add permissions
:F - Full Control

icacls "C:\Windows\regedit.exe" /setowner "NT SERVICE\TrustedInstaller"
/setowner - new owner

icacls "C:\Windows\regedit.exe" /grant:r Administrators:RX
/grant:r - will set permissions (removing higher ones)
:RX - Read and Execute

Reference: https://ss64.com/nt/icacls.html

The command works only after granting full permissions to the Administrators group, i. e.:

icacls c:\Windows\explorer.exe /grant Administrators:f

Even granting 'Modify' doesn't seem to be enough for some reason.

Restoring 'TrustedInstaller' as owner for executable in Windows folder

Tags:

Permissions

Command Line

Windows 7

Related

Recent Posts