Error when trying to run Ancile
Hi, I got error when trying to run Ancile on Windows 7:
Import-Module : File \Ancile\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file
\Ancile\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the
current system. For more information about running scripts and setting execution policy, see about_Execution_Policies
at http://go.microsoft.com/fwlink/?LinkID=135170.
I tried to change the Powershell policy as describe here, but non of the solutions worked.
Any ideas?
Comments (8)
-
-
Hi, It's too much personal info. If you have specific info you want from this log, tell me and I will provide it. For now I added the PS info from the log:
[Wed 04/05/2017 0:00:28.76] BEGIN POWERSHELL ############################################################ Name Value ---- ----- PSVersion 5.0.10586.117 PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...} BuildVersion 10.0.10586.117 CLRVersion 4.0.30319.42000 WSManStackVersion 3.0 PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1 [Wed 04/05/2017 0:00:28.99] END POWERSHELL ############################################################
And this is the output of the command you told me to run:
C:\Windows\system32>powershell -executionpolicy remotesigned -Command get-executionpolicy RemoteSigned
-
I've looked around a bit and didn't manage to find a specific reason this would happen. I've seen similar behavior caused by various Antivirus, security software, and restrictive Active Directory rules.
Try:
- Delete your current copy of Ancile
- Download the latest version (currently 1.10)
- Enable Debugging in "config.ini" by setting "DEBUG=Y"
- Run Ancile as an Administrator
- Look through the log for any errors
-
I did all those steps, and I still get this error but only once:
File C:\Users\Bla\Ancile_1.10-1\Ancile_1.10\plugins\uninstall_Updates\UninstallAndHideUpdates.ps1 cannot be loaded. The file C:\Users\Bla\Ancile_1.10-1\Ancile_1.10\plugins\uninstall_Updates\UninstallAndHideUpdates.ps1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. + CategoryInfo : SecurityError: (:) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : UnauthorizedAccess
And I checked the execution policy before, and it was set to RemoteSigned.
-
Yeah, this is what I expected to see. Since your system is set o remotesigned you shouldn't be seeing this error. If you feel comfortable modifying Ancile you could change the execution policy in the script.
open "plugins\uninstall_Updates\uninstall_Updates.cmd" in a text editor and change lines 50 & 52
FROM:
46 FOR /F "tokens=*" %%i IN ('DIR /B "%UPDATELISTS%" 2^>^> "%LOGFILE%"') DO ( 47 ECHO %UPDATEDIR%\%%i >> "%LOGFILE%" 2>&1 48 IF "%DEBUG%"=="Y" ( 49 sc query wuauserv >> "%LOGFILE%" 2>&1 50 sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy remotesigned -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >> "%LOGFILE%" 2>&1 51 ) ELSE ( 52 sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy remotesigned -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >nul 2>&1 53 ) 54 )
TO:
46 FOR /F "tokens=*" %%i IN ('DIR /B "%UPDATELISTS%" 2^>^> "%LOGFILE%"') DO ( 47 ECHO %UPDATEDIR%\%%i >> "%LOGFILE%" 2>&1 48 IF "%DEBUG%"=="Y" ( 49 sc query wuauserv >> "%LOGFILE%" 2>&1 50 sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy Unrestricted -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >> "%LOGFILE%" 2>&1 51 ) ELSE ( 52 sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy Unrestricted -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >nul 2>&1 53 ) 54 )
Although, I don't expect this to actually work. If your system is already set to RemoteSigned then the script should run.
You could also try setting your global execution policy to unrestricted (Set-ExecutionPolicy Unrestricted), but you'll want to set it back to RemoteSigned after you're done running the script (Set-ExecutionPolicy RemoteSigned).
-
It worked, I only got warning and had to confirm the run of the script:
Security warning Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning message. Do you want to run C:\Ancile_1.10\plugins\uninstall_Updates\UninstallAndHideUpdates.ps1? [D] Do not run [R] Run once [S] Suspend [?] Help (default is "D"): r
-
Interesting. It looks like I'll have to experiment with running powershell scripts unrestricted and maybe unblocking files
Thanks for your help
-
As we discussed earlier in another thread https://bitbucket.org/ancile_development/ancile/issues/24/ancile-suddenly-closes-last-words-in-the, everytime I run Ancile (just checked - still happens in 1.11) I get some red lines with error information in the CMD that do NOT appear in the log file afterwards. Seems similar to the issue described in this thread, so I am posting my update here. Thanks a lot for your great efforts, Matthew!!!
Starting Ancile v1.11
System error 1376 has occurred.
The specified local group does not exist.
Modifying registry key ownership Syncing Windows Time * Create system restore point? (Y/n): n Updating ... modify_Hosts Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... +
~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... +~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundExceptionmodify_Routing Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... +
~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... +~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundExceptionmodify_WINFirewall Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... +
~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... +~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundExceptionuninstall_Updates Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... +
~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... +~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundExceptionLoading Plugins:
-
Disabling Internet Explorer Update ... Internet Explorer 7 Internet Explorer 8 Internet Explorer 9 Internet Explorer 10 Internet Explorer 11 DONE
-
Disabling MS Application Experience Program ... Removing related tasks DONE
-
Disabling MS Customer Experience Improvement Program ... Removing from system Removing from MS Messenger DONE
-
Disabling MS Diagnostics Tracking ... Stopping diagtrack Stopping dmwap push service Disabling diagnostic data collection Cleaning log files DONE
-
Disable MS Sky Drive ... Modifying Registry DONE
-
Disable MS SpyNet ... Modifying Registry DONE
-
Disable MS Telemetry reporting service ... Modifying Windows Service Modifying MS Office 2013 Modifying MS Office 2016 DONE
-
Disable Microsoft Windows Error Reporting ... Disabling Tasks Modifying Registry DONE
-
Disable Microsoft Wi-Fi Sense ... Modifying Registry DONE
-
Disabling MS Windows Media Ceter Telemetry ... Removing related tasks DONE
-
Disabling Services ... Processing Services DONE
-
Disabling Tasks ... Processing Tasks DONE
-
Disabling Windows 10 Upgrade ... Stopping GWX process Disabling GWX Task Disabling GWX Update Disabling GWX Download DONE
-
Modifying hosts File ... This may take a long time. Please be patient. Generating clean hosts file Adding host entries
-
- Log in to comment
Interesting. Ancile should bypass powereshell signing restrictions when it launches PS scripts with the "-executionpolicy remotesigned" option. It could be that there is something on your system that is preventing scripts from changing execution policies. This could be some security software, anti malware, or GPO settings.
To help debug this, it would be helpful to collect some system information:
Double check your execution policy: