Ask a new question

Howto Restore the ownership of jscript.dll to the TrustedInstaller?

Hi!

I took the advice from the Trendmicro which they posted on 20th of January to prevent anyone abusing the IE vulnerability (CVE-2020-0674).

This is what I typed in as an adminstrator in a Powershell window:

takeown /f c:\windows\syswow64\jscript.dll

cacls c:\windows\syswow64\jscript.dll /E /P everyone:N

takeown /f c:\windows\system32\jscript.dll

cacls c:\windows\system32\jscript.dll /E /P everyone:N

So far no problem. They also said that the above shown configurations should be reverted before installing the fix that Microsoft would at some point release.

The given commands are:

cacls c:\windows\system32\jscript.dll /E /R everyone

cacls c:\windows\syswow64\jscript.dll /E /R everyone


So before I updated the next time I did just that and thought that everything was fine but I was wrong. Now my VPN couldn't update itself.

I ran:

dism /online /cleanup-image /restorehealth:

Image Version: 10.0.18363.628

The operation completed successfully

Then I ran the:

sfc /scannow

 

The CBS.log:

2020-02-05 09:48:51, Info CSI 00000283 [SR] Cannot repair member file [l:11]'jscript.dll' of Microsoft-Windows-Scripting-JScript, version 11.0.18362.592, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35} in the store, file cannot be checked

2020-02-05 09:48:51, Info CSI 00000284 [SR] Cannot repair member file [l:11]'jscript.dll' of Microsoft-Windows-Scripting-JScript, version 11.0.18362.592, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} in the store, file cannot be checked

2020-02-05 09:48:51, Info CSI 00000285 [SR] Cannot repair member file [l:11]'jscript.dll' of Microsoft-Windows-Scripting-JScript, version 11.0.18362.592, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} in the store, file cannot be checked

2020-02-05 09:48:51, Info CSI 00000286 [SR] This component was referenced by [l:155]'Microsoft-Windows-Client-Features-WOW64-Package0010~31bf3856ad364e35~amd64~~10.0.18362.628.93B44E6BCA89923D4C68258FA93D71DFD88CC960BBA76596A44AE9A768C64E59'

2020-02-05 09:48:51, Info CSI 00000287 [SR] Cannot repair member file [l:11]'jscript.dll' of Microsoft-Windows-Scripting-JScript, version 11.0.18362.592, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35} in the store, file cannot be checked

2020-02-05 09:48:51, Info CSI 00000288 [SR] This component was referenced by [l:149]'Microsoft-Windows-Client-Features-Package0210~31bf3856ad364e35~amd64~~10.0.18362.628.410E952DACD50567AA34BE243F0791E3F092F86153798CE37C72CAC0CA43D597'

2020-02-05 09:48:51, Info CSI 00000289 [SR] Repair complete

2020-02-05 09:48:51, Info CSI 0000028a [SR] Committing transaction

Then I tried to restore the ownership to the TrustedInstaller [1] but I couldn't do it. All goes well untill I try to commit the change and I am told that "If I just had taken the ownership of the object I have to close the properties of the object and open them again before I can examine or change the privileges".

Could you help me to solve this problem?

Yours Sincerely

Jussi Lucander

Ref

[1] https://www.askvg.com/guide-how-to-restore-trustedinstaller-as-default-owner-of-a-file-or-folder-in-windows/

Hi Jussi,
I am Sumit, an Independent Advisor and a 3 year Windows Insider MVP here to help.

SFC is correct in a way - Because the permission is modified it is assuming the file as corrupt. For restoring permission to Trusted Installer, have you tried the following command? Run cmd as admin first.

icacls "path\filename" /setowner "NT Service\TrustedInstaller"


If that doesn't help I am afraid a reinstall is imminent. You would, however, be able to keep files and apps.
Sumit

Always include PC Specs, Make and Model of the device. Ensure all the latest quality updates have been installed. It may take multiple replies to reach a satisfactory answer.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

You can change the owner with the Security dialog window.  But it is true, after you change it, you have to back all the way out and start over to change the permissions..

You could probably check one of the other files to see what the permissions are.

_____________________________________
ASUS Z790 Intel i9 13900K
Fully Win 11 Qualified
Intel Wireless BE200 network adapter

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi!

Thank you for the advice and giving me hope that I can solve this thing with the help of people smarter than me :)

I typed as Administrator in the Powershell:

PS C:\Windows\System32> icacls .\jscript.dll /setowner "NT Service\TrustedInstaller"

.\jscript.dll: Permission denied.

Successfully processed 0 files; Failed processing 1 files

So the problem persists.

I'm still in the process of finding out what the "Security dialog window" is and how to use it, E.g., this situation.

-Yours Sincerely,

Jussi Lucander

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

I get some kind of progress by typing this command as Administrator in the C:\Windows\System32 directory:

takeown /f .\jscript.dll /a

Which gives me "SUCCESS..."

Then I actually can see the permissions when I'm trying to give the ownership back to the TrustedInstaller.

In the picture below the permissions of the jscript.dll and untampered jscript9.dll are shown side by side.

"Käyttöoikeus" is finnish and means "Privilege",

"Täydet oikeudet" means "Full Access",

"Lue ja suorita" means "Read and execute"

I'm slowly accepting the prospect that I might very well have to reinstall the Windows 10 :))

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Your ownership already TrustedInstaller, so you can't change any permissions.  In order to do that, if you need to, you have to take ownership, back out of the options, then go back in to change the permissions.

Once you have it where you want it, change the ownership back to Trusted installer.  Since I can't read you options (language), you will need to verify if they are correct by comparing them to another file..

Be aware of Inherited permissions, if that is involved.  The fact you show the security shield in the second window  next to the owner is a good sign.

There are probably many online sites that describe how to change permissions on a file..

_____________________________________
ASUS Z790 Intel i9 13900K
Fully Win 11 Qualified
Intel Wireless BE200 network adapter

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi Saltgrass!

It seems like the ownership would already be TrustedInstaller but it actually isn't.

Here are the current Advanced Security Settings for C:\Windows\System32\jscript.dll where it says

"Unable to display current owner."

After the command:

> takeown /f .\jscript.dll /a

The owner is the Administrator.

Then I try to change the owner to the TrustedInstaller:

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

After clicking the 'Ok' things look promising:

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

But after applying the change Windows protection kicks in and says:

"If you just took the ownership of this object you have to close it's properties and open them again before you can examine or change the priviledges."

After clicking 'Ok' everything is back to the square one.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi!

Just to be as exhaustive as possible I'll translate the informational text in my previous posting:

"Sinulla ei ole oikeuksia tarkastella tämän objektin suojausominaisuuksia edes järjestelmänvalvojana."

In English it is something like this:

"You  don't have the rights to inspect the protection properties of this object even as the Administrator".

I rest my case. The next thing is to backup everything valuable and try to reinstall the Windows.

Thank You all for the help! 

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated January 5, 2023 Views 1,591 Applies to: