Error when trying to run Ancile

Comments (8)

1. 

   Matthew Linton

   Interesting. Ancile should bypass powereshell signing restrictions when it launches PS scripts with the "-executionpolicy remotesigned" option. It could be that there is something on your system that is preventing scripts from changing execution policies. This could be some security software, anti malware, or GPO settings.

   To help debug this, it would be helpful to collect some system information:

   1. Navigate to "Ancile\lib"
   2. Right click on "debuginfo.cmd"
   3. Click on "Run as administrator"
   4. Wait for the script to finish.
   5. post the log file here.

   Double check your execution policy:

   1. open a command prompt as an administrator (Right Click on "Start --> All Programs --> accessories --> Command Prompt" and select "Run as administrator").
   2. Run the command "powershell -executionpolicy remotesigned -Command get-executionpolicy"
   3. Paste the result here.

   • 2017-04-03T23:59:53+00:00
2. 

   sha-265

   Hi, It's too much personal info. If you have specific info you want from this log, tell me and I will provide it. For now I added the PS info from the log:

   [Wed 04/05/2017  0:00:28.76] BEGIN POWERSHELL ############################################################ 
   
   Name                           Value                                                                                                                                               
   ----                           -----                                                                                                                                               
   PSVersion                      5.0.10586.117                                                                                                                                       
   PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                                                                             
   BuildVersion                   10.0.10586.117                                                                                                                                      
   CLRVersion                     4.0.30319.42000                                                                                                                                     
   WSManStackVersion              3.0                                                                                                                                                 
   PSRemotingProtocolVersion      2.3                                                                                                                                                 
   SerializationVersion           1.1.0.1                                                                                                                                             
   
   
   [Wed 04/05/2017  0:00:28.99] END POWERSHELL ############################################################ 
   

   And this is the output of the command you told me to run:

   C:\Windows\system32>powershell -executionpolicy remotesigned -Command get-executionpolicy
   RemoteSigned
   

   • 2017-04-04T21:28:34+00:00
3. 

   Matthew Linton

   I've looked around a bit and didn't manage to find a specific reason this would happen. I've seen similar behavior caused by various Antivirus, security software, and restrictive Active Directory rules.

   Try:

   1. Delete your current copy of Ancile
   2. Download the latest version (currently 1.10)
   3. Enable Debugging in "config.ini" by setting "DEBUG=Y"
   4. Run Ancile as an Administrator
   5. Look through the log for any errors

   • 2017-04-13T03:52:12+00:00
4. 

   sha-265

   I did all those steps, and I still get this error but only once:

   File C:\Users\Bla\Ancile_1.10-1\Ancile_1.10\plugins\uninstall_Updates\UninstallAndHideUpdates.ps1 cannot be loaded. The file 
   C:\Users\Bla\Ancile_1.10-1\Ancile_1.10\plugins\uninstall_Updates\UninstallAndHideUpdates.ps1 is not digitally signed. You cannot run this script on the current system. For more 
   information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170.
       + CategoryInfo          : SecurityError: (:) [], ParentContainsErrorRecordException
       + FullyQualifiedErrorId : UnauthorizedAccess
   

   And I checked the execution policy before, and it was set to RemoteSigned.

   • 2017-04-21T11:14:08+00:00
5. 

   Matthew Linton

   Yeah, this is what I expected to see. Since your system is set o remotesigned you shouldn't be seeing this error. If you feel comfortable modifying Ancile you could change the execution policy in the script.

   open "plugins\uninstall_Updates\uninstall_Updates.cmd" in a text editor and change lines 50 & 52

   FROM:

   46   FOR /F "tokens=*" %%i IN ('DIR /B "%UPDATELISTS%" 2^>^> "%LOGFILE%"') DO (
   47          ECHO %UPDATEDIR%\%%i >> "%LOGFILE%" 2>&1
   48          IF "%DEBUG%"=="Y" (
   49              sc query wuauserv >> "%LOGFILE%" 2>&1
   50              sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy remotesigned -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >> "%LOGFILE%" 2>&1
   51          ) ELSE (
   52              sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy remotesigned -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >nul 2>&1
   53          )
   54      )
   

   TO:

   46   FOR /F "tokens=*" %%i IN ('DIR /B "%UPDATELISTS%" 2^>^> "%LOGFILE%"') DO (
   47          ECHO %UPDATEDIR%\%%i >> "%LOGFILE%" 2>&1
   48          IF "%DEBUG%"=="Y" (
   49              sc query wuauserv >> "%LOGFILE%" 2>&1
   50              sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy Unrestricted -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >> "%LOGFILE%" 2>&1
   51          ) ELSE (
   52              sc query wuauserv 2>&1 | findstr /I RUNNING >nul 2>&1 && powershell -executionpolicy Unrestricted -File "%UPDTDISABLE%" -KBFile "%UPDATEDIR%\%%i" >nul 2>&1
   53          )
   54      )
   

   Although, I don't expect this to actually work. If your system is already set to RemoteSigned then the script should run.

   You could also try setting your global execution policy to unrestricted (Set-ExecutionPolicy Unrestricted), but you'll want to set it back to RemoteSigned after you're done running the script (Set-ExecutionPolicy RemoteSigned).

   • 2017-04-22T12:44:01+00:00
6. 

   sha-265

   It worked, I only got warning and had to confirm the run of the script:

   Security warning
   Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File
   cmdlet to allow the script to run without this warning message. Do you want to run C:\Ancile_1.10\plugins\uninstall_Updates\UninstallAndHideUpdates.ps1?
   [D] Do not run  [R] Run once  [S] Suspend  [?] Help (default is "D"): r
   

   • 2017-04-22T15:41:36+00:00
7. 

   Matthew Linton

   Interesting. It looks like I'll have to experiment with running powershell scripts unrestricted and maybe unblocking files

   Thanks for your help

   • 2017-04-23T13:26:42+00:00
8. 

   Linda Meyer

   As we discussed earlier in another thread https://bitbucket.org/ancile_development/ancile/issues/24/ancile-suddenly-closes-last-words-in-the, everytime I run Ancile (just checked - still happens in 1.11) I get some red lines with error information in the CMD that do NOT appear in the log file afterwards. Seems similar to the issue described in this thread, so I am posting my update here. Thanks a lot for your great efforts, Matthew!!!

   Starting Ancile v1.11

   System error 1376 has occurred.

   The specified local group does not exist.

   Modifying registry key ownership Syncing Windows Time * Create system restore point? (Y/n): n Updating ... modify_Hosts Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... + ~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... + ~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundException

   modify_Routing Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... + ~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... + ~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundException

   modify_WINFirewall Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... + ~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... + ~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundException

   uninstall_Updates Plugin Import-Module : File D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 cannot be loaded. The file D:\Portable\Ancile (block windows spying in win7+8)\Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + Import-Module -Name 'D:\Portable\Ancile (block windows spying in win7 ... + ~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Import-Module], PSSecurityEx ception + FullyQualifiedErrorId : UnauthorizedAccess,Microsoft.PowerShell.Commands .ImportModuleCommand Expand-ZipFile : The term 'Expand-ZipFile' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:121 + ... Ancile_1.11\lib\Synchronous-ZipAndUnzip.psm1'; Expand-ZipFile -ZipFil ... + ~~~~ + CategoryInfo : ObjectNotFound: (Expand-ZipFile:String) [], Comm andNotFoundException + FullyQualifiedErrorId : CommandNotFoundException

   Loading Plugins:

   • Disabling Internet Explorer Update ... Internet Explorer 7 Internet Explorer 8 Internet Explorer 9 Internet Explorer 10 Internet Explorer 11 DONE

   • Disabling MS Application Experience Program ... Removing related tasks DONE

   • Disabling MS Customer Experience Improvement Program ... Removing from system Removing from MS Messenger DONE

   • Disabling MS Diagnostics Tracking ... Stopping diagtrack Stopping dmwap push service Disabling diagnostic data collection Cleaning log files DONE

   • Disable MS Sky Drive ... Modifying Registry DONE

   • Disable MS SpyNet ... Modifying Registry DONE

   • Disable MS Telemetry reporting service ... Modifying Windows Service Modifying MS Office 2013 Modifying MS Office 2016 DONE

   • Disable Microsoft Windows Error Reporting ... Disabling Tasks Modifying Registry DONE

   • Disable Microsoft Wi-Fi Sense ... Modifying Registry DONE

   • Disabling MS Windows Media Ceter Telemetry ... Removing related tasks DONE

   • Disabling Services ... Processing Services DONE

   • Disabling Tasks ... Processing Tasks DONE

   • Disabling Windows 10 Upgrade ... Stopping GWX process Disabling GWX Task Disabling GWX Update Disabling GWX Download DONE

   • Modifying hosts File ... This may take a long time. Please be patient. Generating clean hosts file Adding host entries

   • 2017-07-19T11:38:44+00:00
9. Log in to comment