Styris
/
AME-11
0
0
Fork 0
Code Issues 9 Pull Requests 0 Projects 1 Releases 4 Wiki Activity
Windows 11 AME playbook for AME Wizard.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
2 Branches
445 MiB
 
 
 
Tree: 02e68fcd7f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '02e68fcd7f'
${ noResults }
AME-11/Executables/SFCDEPLOY.bat

69 lines
2.1 KiB
Raw Blame History

@echo OFF
:sfcCmdChecks
if not exist "%~dp0\sfc.cmd" (
echo. & echo No supplied sfc.cmd detected
exit /b 2
)
if exist "%SYSTEMROOT%\System32\sfc.cmd" (
echo takeown /f "%SYSTEMROOT%\System32\sfc.cmd" /a
takeown /f "%SYSTEMROOT%\System32\sfc.cmd" /a
echo icacls "%SYSTEMROOT%\System32\sfc.cmd" /grant Administrators:F
icacls "%SYSTEMROOT%\System32\sfc.cmd" /grant Administrators:F
echo del /q /f "%SYSTEMROOT%\System32\sfc.cmd"
del /q /f "%SYSTEMROOT%\System32\sfc.cmd"
goto move
) else (
goto move
)
:move
@echo on
move /y "%~dp0\sfc.cmd" "%SYSTEMROOT%\System32\" 1> NUL
:sfc1ExeCheck
@echo OFF
if exist "%SYSTEMROOT%\System32\sfc1.exe" (
echo sfc1.exe already exists, assigning permissions... & echo.
echo PowerShell -NoP -C "Get-Acl '%SYSTEMROOT%\System32\diskmgmt.msc' | Set-Acl '%SYSTEMROOT%\System32\sfc1.exe'" ^> NUL 2^>^&1
PowerShell -NoP -C "Get-Acl '%SYSTEMROOT%\System32\diskmgmt.msc' | Set-Acl '%SYSTEMROOT%\System32\sfc1.exe'" > NUL 2>&1
echo PowerShell -NoP -C "Get-Acl '%SYSTEMROOT%\System32\diskmgmt.msc' | Set-Acl '%SYSTEMROOT%\System32\sfc.cmd'" ^> NUL 2^>^&1
PowerShell -NoP -C "Get-Acl '%SYSTEMROOT%\System32\diskmgmt.msc' | Set-Acl '%SYSTEMROOT%\System32\sfc.cmd'" > NUL 2>&1
@echo OFF
goto complete
) else (
goto managePermissions
)
:managePermissions
echo Assigning permissions and renaming sfc.exe... & echo.
@echo ON
:: Copies the ACL from diskmgmt.msc to sfc.cmd.
PowerShell -NoP -C "Get-Acl '%SYSTEMROOT%\System32\diskmgmt.msc' | Set-Acl '%SYSTEMROOT%\System32\sfc.cmd'" > NUL 2>&1
:: Gives the Administrator group full access for renaming sfc.exe to sfc1.exe.
takeown /f "%SYSTEMROOT%\System32\sfc.exe" /a > NUL 2>&1
icacls "%SYSTEMROOT%\System32\sfc.exe" /grant Administrators:F > NUL 2>&1
goto renameSFCExe
:renameSFCExe
rename "%SYSTEMROOT%\System32\sfc.exe" "sfc1.exe" > NUL 2>&1
:: Copies the ACL from diskmgmt.msc to sfc1.exe. Essentially resetting its ACL.
PowerShell -NoP -C "Get-Acl '%SYSTEMROOT%\System32\diskmgmt.msc' | Set-Acl '%SYSTEMROOT%\System32\sfc1.exe'" > NUL 2>&1
goto complete
:complete
@echo Successfully deployed sfc modification.
@exit /b 0