WindowsApps folder security settings messed up

Discussion in 'Windows 10 Help and Support' started by MrJunky, Feb 8, 2016.

  1. MrJunky

    MrJunky New Member

    Joined:
    Feb 8, 2016
    Messages:
    14
    Likes Received:
    0
    I was trying to access my C:\Program Files\WindowsApps folder and I did by changing the security features in this video but I tried to restore it and now none of my WindowsApp will launch. When I launch a App like my calculator or weather it opens the window and after second it closes the app. Does anyone know the settings to restore the security on this folder?

     
  2. Josephur

    Josephur Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Aug 3, 2010
    Messages:
    1,018
    Likes Received:
    125
    Here's what values I have from PowerShell and Command Prompt (ran as Administrator of course)

    Code:
    PS C:\Program Files> Get-Acl WindowsApps | fl
    
    Path   : Microsoft.PowerShell.Core\FileSystem::C:\Program Files\WindowsApps
    Owner  : NT SERVICE\TrustedInstaller
    Group  : NT SERVICE\TrustedInstaller
    Access : NT AUTHORITY\SYSTEM Allow  Write, ReadAndExecute, Synchronize
             NT AUTHORITY\SYSTEM Allow  268435456
             NT AUTHORITY\LOCAL SERVICE Allow  ExecuteFile, ReadAttributes, ReadPermissions, Synchronize
             NT AUTHORITY\LOCAL SERVICE Allow  ReadAndExecute, Synchronize
             NT AUTHORITY\NETWORK SERVICE Allow  ExecuteFile, ReadAttributes, ReadPermissions, Synchronize
             NT AUTHORITY\NETWORK SERVICE Allow  ReadAndExecute, Synchronize
             BUILTIN\Administrators Allow  ReadAndExecute, Synchronize
             NT SERVICE\TrustedInstaller Allow  268435456
             NT SERVICE\TrustedInstaller Allow  FullControl
             S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204 Allow
             -1610612736
             S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204 Allow
             ReadAndExecute, Synchronize
    Audit  :
    Sddl   : O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464G:S-1-5-80-956008885-3418522649-1831038044-185
             3292631-2271478464D:PAI(A;;0x1201bf;;;SY)(A;OICIIO;GA;;;SY)(A;;FX;;;LS)(A;OICIIO;0x1200a9;;;LS)(A;;FX;;;NS)(A;
             OICIIO;0x1200a9;;;NS)(A;OICI;0x1200a9;;;BA)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-22
             71478464)(A;;FA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;OICIIO;GXGR;;;S-1-15-3-102
             4-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204)(A;;0x1200a9;;;S-1-15-
             3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204)
    

    Code:
    C:\Program Files>icacls WindowsApps
    WindowsApps NT SERVICE\TrustedInstaller:(F)
                NT SERVICE\TrustedInstaller:(CI)(IO)(F)
                S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(RX)
                S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(OI)(CI)(IO)(GR,GE)
                NT AUTHORITY\SYSTEM:(RX,W)
                NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                BUILTIN\Administrators:(RX)
                BUILTIN\Administrators:(OI)(CI)(IO)(RX)
                NT AUTHORITY\LOCAL SERVICE:(Rc,S,X,RA)
                NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(RX)
                NT AUTHORITY\NETWORK SERVICE:(Rc,S,X,RA)
                NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(IO)(RX)
                Mandatory Label\Low Mandatory Level:(OI)(CI)(NW)
    
    Successfully processed 1 files; Failed processing 0 files
    
     
  3. MrJunky

    MrJunky New Member

    Joined:
    Feb 8, 2016
    Messages:
    14
    Likes Received:
    0
    I just ran your code through powershell and command prompt and as you can tell its different.

    Code:
    PS C:\Program Files>  Get-Acl WindowsApps | fl
    
    
    Path   : Microsoft.PowerShell.Core\FileSystem::C:\Program Files\WindowsApps
    Owner  : NT SERVICE\TrustedInstaller
    Group  : NT SERVICE\TrustedInstaller
    Access : NT AUTHORITY\SYSTEM Allow  FullControl
             NT AUTHORITY\SYSTEM Allow  Write, ReadAndExecute, Synchronize
             NT AUTHORITY\LOCAL SERVICE Allow  ExecuteFile, ReadAttributes, ReadPermissions, Synchronize
             NT AUTHORITY\LOCAL SERVICE Allow  ReadAndExecute, Synchronize
             NT AUTHORITY\NETWORK SERVICE Allow  ReadAndExecute, Synchronize
             NT AUTHORITY\NETWORK SERVICE Allow  ExecuteFile, ReadAttributes, ReadPermissions, Synchronize
             BUILTIN\Administrators Allow  ReadAndExecute, Synchronize
             NT SERVICE\TrustedInstaller Allow  FullControl
    Audit  :
    Sddl   : O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464G:S-1-5-80-956008885-3418522649-1831038044-185
             3292631-2271478464D:PAI(A;OICIIO;FA;;;SY)(A;;0x1201bf;;;SY)(A;;FX;;;LS)(A;OICIIO;0x1200a9;;;LS)(A;OICIIO;0x120
             0a9;;;NS)(A;;FX;;;NS)(A;OICI;0x1200a9;;;BA)(A;CI;FA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271
             478464)
    Code:
    C:\Program Files>icacls WindowsApps
    WindowsApps NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
                NT AUTHORITY\SYSTEM:(RX,W)
                NT AUTHORITY\LOCAL SERVICE:(Rc,S,X,RA)
                NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(RX)
                NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(IO)(RX)
                NT AUTHORITY\NETWORK SERVICE:(Rc,S,X,RA)
                BUILTIN\Administrators:(OI)(CI)(RX)
                NT SERVICE\TrustedInstaller:(CI)(F)
                Mandatory Label\Low Mandatory Level:(OI)(CI)(NW)
    
    Successfully processed 1 files; Failed processing 0 files
     
    #3 MrJunky, Feb 9, 2016
    Last edited: Feb 9, 2016
  4. Josephur

    Josephur Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Aug 3, 2010
    Messages:
    1,018
    Likes Received:
    125
    Yes but besides the funky SID's it appears to have the system access it needs, have you checked the event viewer for any corresponding errors when you launch an app?
     
  5. MrJunky

    MrJunky New Member

    Joined:
    Feb 8, 2016
    Messages:
    14
    Likes Received:
    0
    Code:
    Log Name:      System
    Source:        Microsoft-Windows-DistributedCOM
    Date:          2016-02-09 6:09:28 PM
    Event ID:      10010
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          Cam\Cameron
    Computer:      Cam
    Description:
    The server Microsoft.XboxApp did not register with DCOM within the required timeout.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
        <EventID Qualifiers="0">10010</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8080000000000000</Keywords>
        <TimeCreated SystemTime="2016-02-10T00:09:28.443646700Z" />
        <EventRecordID>17703</EventRecordID>
        <Correlation />
        <Execution ProcessID="1004" ThreadID="9140" />
        <Channel>System</Channel>
        <Computer>Cam</Computer>
        <Security UserID="S-1-5-21-557688054-2976859209-346310397-1001" />
      </System>
      <EventData>
        <Data Name="param1">Microsoft.XboxApp</Data>
      </EventData>
    </Event>
    Code:
    Log Name:      Application
    Source:        Microsoft-Windows-Immersive-Shell
    Date:          2016-02-09 6:09:29 PM
    Event ID:      5973
    Task Category: (5973)
    Level:         Error
    Keywords:     
    User:          Cam\Cameron
    Computer:      Cam
    Description:
    Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
        <EventID>5973</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>5973</Task>
        <Opcode>0</Opcode>
        <Keywords>0x2000000000000000</Keywords>
        <TimeCreated SystemTime="2016-02-10T00:09:29.017674300Z" />
        <EventRecordID>12858</EventRecordID>
        <Correlation />
        <Execution ProcessID="2688" ThreadID="4544" />
        <Channel>Application</Channel>
        <Computer>Cam</Computer>
        <Security UserID="S-1-5-21-557688054-2976859209-346310397-1001" />
      </System>
      <EventData>
        <Data Name="AppId">Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp</Data>
        <Data Name="ErrorCode">-2144927141</Data>
      </EventData>
    </Event>



    This is what I get in the Event Viewer. And below is what I got from the Microsoft-Windows-TWinUI/Operational log




    Code:
    Log Name:      Microsoft-Windows-TWinUI/Operational
    Source:        Microsoft-Windows-Immersive-Shell
    Date:          2016-02-09 6:09:29 PM
    Event ID:      5961
    Task Category: (5961)
    Level:         Error
    Keywords:      
    User:          Cam\Cameron
    Computer:      Cam
    Description:
    Activation of the app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp for the Windows.Launch contract failed with error: The app didn't start..
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
        <EventID>5961</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>5961</Task>
        <Opcode>0</Opcode>
        <Keywords>0x4000000000000000</Keywords>
        <TimeCreated SystemTime="2016-02-10T00:09:29.017671500Z" />
        <EventRecordID>6020</EventRecordID>
        <Correlation />
        <Execution ProcessID="2688" ThreadID="4544" />
        <Channel>Microsoft-Windows-TWinUI/Operational</Channel>
        <Computer>Cam</Computer>
        <Security UserID="S-1-5-21-557688054-2976859209-346310397-1001" />
      </System>
      <EventData>
        <Data Name="AppId">Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp</Data>
        <Data Name="ContractId">Windows.Launch</Data>
        <Data Name="ErrorCode">-2144927141</Data>
      </EventData>
    </Event>c
    Code:
    Log Name:      Microsoft-Windows-TWinUI/Operational
    Source:        Microsoft-Windows-Immersive-Shell
    Date:          2016-02-09 6:10:55 PM
    Event ID:      5950
    Task Category: (5950)
    Level:         Information
    Keywords:      
    User:          Cam\Cameron
    Computer:      Cam
    Description:
    The app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI was activated for the Windows.Launch contract successfully.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
        <EventID>5950</EventID>
        <Version>0</Version>
        <Level>4</Level>
        <Task>5950</Task>
        <Opcode>0</Opcode>
        <Keywords>0x4000000000000000</Keywords>
        <TimeCreated SystemTime="2016-02-10T00:10:55.558151500Z" />
        <EventRecordID>6021</EventRecordID>
        <Correlation />
        <Execution ProcessID="2688" ThreadID="4544" />
        <Channel>Microsoft-Windows-TWinUI/Operational</Channel>
        <Computer>Cam</Computer>
        <Security UserID="S-1-5-21-557688054-2976859209-346310397-1001" />
      </System>
      <EventData>
        <Data Name="AppId">Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI</Data>
        <Data Name="ContractId">Windows.Launch</Data>
      </EventData>
    </Event>c
     

Share This Page

Loading...