DEL /a: /e /z whatever.ext

Apr 2, 2011
1,549
13
54
North Carolina, USA
Code:
[C:\]del /a: /e /z "C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll"
Deleting C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll
     0 files deleted       1 failed

[C:\]attrib "C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll"
___A_____________  C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll

So then I looked at file properties, saved in the 2 attachments. I guess the culprit is "TrustedInstaller". How can I remove that from the association with the DLL above?I'd like to do it on a file by file basis....
 

Attachments

  • TrustedInstaller_1.JPG
    TrustedInstaller_1.JPG
    89 KB · Views: 26
  • TrustedInstaller_2.JPG
    TrustedInstaller_2.JPG
    89.3 KB · Views: 25

Charles Dye

Super Moderator
Staff member
May 20, 2008
4,576
97
Albuquerque, NM
prospero.unm.edu
I think you need to give yourself permissions to delete the file. Write and Modify should do it.

If you don't have sufficient access rights to change permissions, you will need to take ownership of the file first, then give yourself rights to it. And if you're not even allowed to take ownership, you may need to log in as administrator.
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
@Charles Dye - How would I give myself permission, as you suggested? Also - as I assume I also have a:

"C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll"

and want to keep everything with that file untouched. Can I do this still with TCC/TCMD?
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Since this has to do with cmpdir2.btm - here is it's current details:

Code:
setlocal

  on error quit

  set cOut="%userprofile%\OneDrive\Desktop\del_me.btm"

  setdos /x-5

  set origfldr=%_cwds

  cdd %2
  set dir2=%_cwds
  cdd %1
  set dir1=%_cwds
  echo dir1 = %dir1
  echo dir2 = %dir2

  echo :: ************************************************************************************************** >>! %cOut
  echo :: >>! %cOut
  echo :: Dir1: %dir1 >>! %cOut
  echo :: Dir2: %dir2 >>! %cOut
  echo :: >>! %cOut
  echo SETLOCAL >>! %cOut
  echo   :: >>! %cOut
  echo   SETDOS /x-5 >>! %cOut
  echo   :: >>! %cOut
  echo   :: ************************************************* >>! %cOut


  set nSame=0
  set nDiff=0
  set nNoEx=0

  global /h /i /q (if %@files[*,-d] GT 0 gosub comparedirs)

  cdd "%origfldr"

  echo.
  Echo nSame: %nSame  nDiff: %nDiff nNoEx: %nNoEx

  echo   :: ************************************************* >>! %cOut
  echo   :: >>! %cOut
  echo   ::      Same: %nSame >>! %cOut
  echo   :: Different: %nDiff >>! %cOut
  echo   :: Not Exist: %nNoEx >>! %cOut
  echo   :: >>! %cOut
  echo   :: >>! %cOut
  echo   SETDOS /x+5 >>! %cOut
  echo   :: >>! %cOut
  echo ENDLOCAL >>! %cOut
  echo :: ************************************************* >>! %cOut

endlocal

quit

:comparedirs
do file in /a: *
  iff isdir %file then
    echo %file is a folder/dir
  else
    set file1=%_cwd\%file
    set file2=%[dir2]%@right[-%@len[%dir1],%file1]
    echo file1 = %file1
    echo file2 = %file2
    iff exist "%file2" then
      iff %@compare["%file1","%file2"] == 1 then
        echo Files are same
        echo   del /e "%file2" >>! %cOut
        set nSame=%@inc[%nSame]
      else
        echo Files are differnt
        set nDiff=%@inc[%nDiff]
      endiff
    else
      echo %file2 does not exist
      set nNoEx=%@inc[%nNoEx]
    endiff
  endiff
  echo ===========================================================
enddo
return
 

Charles Dye

Super Moderator
Staff member
May 20, 2008
4,576
97
Albuquerque, NM
prospero.unm.edu
@Charles Dye - How would I give myself permission, as you suggested?

That 'Edit' button in the dialog should let you set permissions for the lightlighted user or group. If your username is in the list, select it and click on 'Edit'. If your name isn't in the list, select a group that you belong to. You're almost certainly a member of Users; you may or may not be in Administrators.

The 'Advanced' button will open a more complicated dialog which, among other things, lets you change a file's owner.

Also - as I assume I also have a:

"C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll"

and want to keep everything with that file untouched. Can I do this still with TCC/TCMD?

I'm not sure what "everything with that file" means. Programs which use that .DLL?
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
That 'Edit' button in the dialog should let you set permissions for the lightlighted user or group. If your username is in the list, select it and click on 'Edit'. If your name isn't in the list, select a group that you belong to. You're almost certainly a member of Users; you may or may not be in Administrators.

The 'Advanced' button will open a more complicated dialog which, among other things, lets you change a file's owner.

Is there a way I can change permissions for the highlighted group or user, while using TCC?

I'm not sure what "everything with that file" means. Programs which use that .DLL?

I'd like a way to modify the permissions of a file in C:\backup\windows\filename.dll and if the same file exists in c:\windows\filename.dll have it not change anything about the file in c:\windows\.
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
So here is the help for that command. Not srue what the actual command would need to be for

c:\path.to\filename.ext

??

Code:
[C:\]icacls

ICACLS name /save aclfile [/T] [/C] [/L] [/Q]
    stores the DACLs for the files and folders that match the name
    into aclfile for later use with /restore. Note that SACLs,
    owner, or integrity labels are not saved.

ICACLS directory [/substitute SidOld SidNew [...]] /restore aclfile
                 [/C] [/L] [/Q]
    applies the stored DACLs to files in directory.

ICACLS name /setowner user [/T] [/C] [/L] [/Q]
    changes the owner of all matching names. This option does not
    force a change of ownership; use the takeown.exe utility for
    that purpose.

ICACLS name /findsid Sid [/T] [/C] [/L] [/Q]
    finds all matching names that contain an ACL
    explicitly mentioning Sid.

ICACLS name /verify [/T] [/C] [/L] [/Q]
    finds all files whose ACL is not in canonical form or whose
    lengths are inconsistent with ACE counts.

ICACLS name /reset [/T] [/C] [/L] [/Q]
    replaces ACLs with default inherited ACLs for all matching files.

ICACLS name [/grant[:r] Sid:perm[...]]
       [/deny Sid:perm [...]]
       [/remove[:g|:d]] Sid[...]] [/T] [/C] [/L] [/Q]
       [/setintegritylevel Level:policy[...]]

    /grant[:r] Sid:perm grants the specified user access rights. With :r,
        the permissions replace any previously granted explicit permissions.
        Without :r, the permissions are added to any previously granted
        explicit permissions.

    /deny Sid:perm explicitly denies the specified user access rights.
        An explicit deny ACE is added for the stated permissions and
        the same permissions in any explicit grant are removed.

    /remove[:[g|d]] Sid removes all occurrences of Sid in the ACL. With
        :g, it removes all occurrences of granted rights to that Sid. With
        :d, it removes all occurrences of denied rights to that Sid.

    /setintegritylevel [(CI)(OI)]Level explicitly adds an integrity
        ACE to all matching files.  The level is to be specified as one
        of:
            L[ow]
            M[edium]
            H[igh]
        Inheritance options for the integrity ACE may precede the level
        and are applied only to directories.

    /inheritance:e|d|r
        e - enables inheritance
        d - disables inheritance and copy the ACEs
        r - remove all inherited ACEs


Note:
    Sids may be in either numerical or friendly name form. If a numerical
    form is given, affix a * to the start of the SID.

    /T indicates that this operation is performed on all matching
        files/directories below the directories specified in the name.

    /C indicates that this operation will continue on all file errors.
        Error messages will still be displayed.

    /L indicates that this operation is performed on a symbolic link
       itself versus its target.

    /Q indicates that icacls should suppress success messages.

    ICACLS preserves the canonical ordering of ACE entries:
            Explicit denials
            Explicit grants
            Inherited denials
            Inherited grants

    perm is a permission mask and can be specified in one of two forms:
        a sequence of simple rights:
                N - no access
                F - full access
                M - modify access
                RX - read and execute access
                R - read-only access
                W - write-only access
                D - delete access
        a comma-separated list in parentheses of specific rights:
                DE - delete
                RC - read control
                WDAC - write DAC
                WO - write owner
                S - synchronize
                AS - access system security
                MA - maximum allowed
                GR - generic read
                GW - generic write
                GE - generic execute
                GA - generic all
                RD - read data/list directory
                WD - write data/add file
                AD - append data/add subdirectory
                REA - read extended attributes
                WEA - write extended attributes
                X - execute/traverse
                DC - delete child
                RA - read attributes
                WA - write attributes
        inheritance rights may precede either form and are applied
        only to directories:
                (OI) - object inherit
                (CI) - container inherit
                (IO) - inherit only
                (NP) - don't propagate inherit
                (I) - permission inherited from parent container

Examples:

        icacls c:\windows\* /save AclFile /T
        - Will save the ACLs for all files under c:\windows
          and its subdirectories to AclFile.

        icacls c:\windows\ /restore AclFile
        - Will restore the Acls for every file within
          AclFile that exists in c:\windows and its subdirectories.

        icacls file /grant Administrator:(D,WDAC)
        - Will grant the user Administrator Delete and Write DAC
          permissions to file.

        icacls file /grant *S-1-1-0:(D,WDAC)
        - Will grant the user defined by sid S-1-1-0 Delete and
          Write DAC permissions to file.

[C:\]
 
May 20, 2008
11,840
120
Syracuse, NY, USA
ICACLS is pretty easy to use. When I want to look at the firewall log, I CDD (elevated) to the directory where it is and issue (F= full)

Code:
ICACLS * /grant vefatica:F

In you're case I'd try (elevated)

Code:
ICACLS fully_qualified_file_name /grant user_id:F

or CDD there and don't use a FQ file name.
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Code:
        echo Files are same
        rem    del /e "%file2" >>! %cOut
        echo   gosub Delfile ["%file2"] >>! %cOut
        set nSame=%@inc[%nSame]

then how do I add the following UDP to %cOut ?

Code:
:Delfile [cFile]
  :: try to delete the file
  del /a: /e /z %cFile
  iff not exist %cFile then
    :: file not able to be deleted, se about ownership?
    :: take full ownership of the file
    ICACLS %cFile /grant %USERNAME%:F
    :: try to delete the file one more time
    del /a: /e /z %cFile
  endiff
  return

and since I may call dircmp2.btm several times I would want to check if the routine is not already in %cOut before I add it...?
 
May 20, 2008
11,840
120
Syracuse, NY, USA
Untested:

Code:
ffind /v /t":delfile" %cOut
if %_? NE 0 gosub writedelfile

...

:writedelfile
text >> %cOut
:Delfile [cFile]
  :: try to delete the file
  del /a: /e /z %cFile
  iff not exist %cFile then
    :: file not able to be deleted, se about ownership?
    :: take full ownership of the file
    ICACLS %cFile /grant %USERNAME%:F
    :: try to delete the file one more time
    del /a: /e /z %cFile
  endiff
  return
endtext
 

Charles Dye

Super Moderator
Staff member
May 20, 2008
4,576
97
Albuquerque, NM
prospero.unm.edu
Actually, you probably ought to verify that permissions are the issue before spending too much time with ICACLS. I've been assuming that that's the problem, but you know what they say about assuming....
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Actually, you probably ought to verify that permissions are the issue before spending too much time with ICACLS. I've been assuming that that's the problem, but you know what they say about assuming....
Since the DEL whatever.ext had /a: /Z that should take care of ATTR of R or S files. What other reasons would there be for a DEL not to remove a file, besides permissions?

@vefatica Thank you for your reply last night
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Code:
[C:\Users\csgal\OneDrive\Desktop]del_me.btm
Deleting C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll
     0 files deleted       1 failed
ICACLS "C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll" /grant csgal:F
C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll: Access is denied.
Successfully processed 0 files; Failed processing 1 files
Deleting C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\DAO\dao360.dll
     0 files deleted       1 failed
Deleting C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll
     0 files deleted       1 failed
ICACLS "C:\Backup\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll" /grant csgal:F^C

[C:\Users\csgal\OneDrive\Desktop]

Any idea why this is happening please?
 
May 20, 2008
11,840
120
Syracuse, NY, USA
The ICACLS failed (access denied). Are you trying it elevated?

Who/what made the c:\backup\ directory and backed up files there?
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Code:
GOTO :here
::
:Delfile [cFile]
  :: try to delete the file
  del /a: /e /z %cFile
  iff exist "%cFile" then
    :: file not able to be deleted, se about ownership?
    :: take full ownership of the file
    pause start "" /elevated ICACLS %cFile /grant %USERNAME%:F
    start "" /elevated ICACLS %cFile /grant %USERNAME%:F
    :: try to delete the file one more time
    del /a: /e /z %cFile
  endiff
  return
::
:Here
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Code:
[C:\Users\csgal\OneDrive\Desktop]del_me_1.btm
Deleting C:\Backup\Windows\System32\IntelIHVRouter08.dll
     0 files deleted       1 failed

SUCCESS: The file (or folder): "C:\Backup\Windows\System32\IntelIHVRouter08.dll" now owned by user "DESKTOP-C293QAU\csgal".
processed file: C:\Backup\Windows\System32\IntelIHVRouter08.dll
Successfully processed 1 files; Failed processing 0 files
Deleting C:\Backup\Windows\System32\IntelIHVRouter08.dll
     0 files deleted       1 failed
"C:\Backup\Windows\System32\IntelIHVRouter08.dll" still exists, quitting.....

[C:\Users\csgal\OneDrive\Desktop]

Any ideas?
 
May 20, 2008
11,840
120
Syracuse, NY, USA
This looks peculiar in both places.

1648075083466.png


I'd expect to see your user id ... csgal ... right? What were your TAKEOWN and ICACLS commands?

You could try removing the other ACEs, one by one, trying to delete after each removal. Beyond that, I'm out of ideas.
 
May 20, 2008
11,840
120
Syracuse, NY, USA
Before TAKEOWN:

1648076008841.png


Before ICACLS:

1648076126327.png


After ICACLS:

1648076212422.png


And ...

Code:
Deleting C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll
     1 file deleted

They look like yours except for the strange looking Galloway owner/principal.

I dunno!

I usd this:

Code:
v:\> type big_bad_del.btm
takeown /f %1
pause

ICACLS %1 /grant vefatica:F
pause

del %1

Is this guy a local administrator?

1648076597933.png
 
Apr 2, 2011
1,549
13
54
North Carolina, USA
Before TAKEOWN:

View attachment 3623

Before ICACLS:

View attachment 3624

After ICACLS:

View attachment 3625

And ...

Code:
Deleting C:\Program Files (x86)\Common Files\Microsoft Shared\Filters\tifffilt.dll
     1 file deleted

They look like yours except for the strange looking Galloway owner/principal.

I dunno!

I usd this:

Code:
v:\> type big_bad_del.btm
takeown /f %1
pause

ICACLS %1 /grant vefatica:F
pause

del %1

Is this guy a local administrator?

View attachment 3626

That is me (my email address)
 

Similar threads