There was an accidental deletion of the following directories: "C:\Windows\ServiceProfiles\LocalService" "C:\Windows\ServiceProfiles\NetworkService" Afterwards, administrator privileges stopped being detected by some scripts, such as the scripts made by abbodi1406 (KMS_VL_ALL_AIO, VC++ Redist), but actual privileges remained functional. Administrative privilege application itself was not affected. I continued to be able to execute programs as administrator and as TrustedInstaller via NSudo. Only detection of privileges was affected. For example, attempting to run KMS_VL_ALL_AIO.cmd as administrator or System or TrustedInstaller began displaying the following error: Code: ==== ERROR ==== This script requires administrator privileges. To do so, right-click on this script and select 'Run as administrator' Press any key to exit. Again, only administrative privilege detection was affected. Would it be possible to restore it without restoring contents from "LocalService" and "NetworkService" directories?
You could try to replace Code: reg query HKU\S-1-5-19 with Code: whoami /groups | find /i "S-1-16-12288"
Didn't work - same error... Is it possible to completely remove admin verification from the script or force it to assume admin privileges as default?
That's good for admin level, but he's using system / ti, so it should be: Code: whoami /groups | findstr /i /c:"S-1-16-16384" /c:"S-1-16-12288" >nul or just Code: whoami | findstr /i /c:"nt authority\system" >nul
Works here. 22622.436 Code: C:\Windows\System32>whoami /priv | find /i "SeTakeOwnershipPrivilege" C:\Windows\System32>sudo whoami /priv | find /i "SeTakeOwnershipPrivilege" SeTakeOwnershipPrivilege Take ownership of files or other objects Disabled C:\Windows\System32> The "sudo" is from the "gsudo" package.