Page 1 of 2 12 LastLast
  1.    24 Apr 2017 #1
    Join Date : Apr 2017
    Posts : 5
    Windows 10 Pro

    I can't run Windows PowerShell


    Hey guys, can you help me?
    I can't run WIndows Powershell (even as admin or not),
    it say "C:\Users\ASUS K84L\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk",
    Click image for larger version. 

Name:	Screenshot (2).png 
Views:	13 
Size:	541.2 KB 
ID:	131816i try to run via directory and then windows say "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator."
    Click image for larger version. 

Name:	Screenshot (3).png 
Views:	9 
Size:	65.5 KB 
ID:	131817
    Any idea?
    Any help would be appreciated. Sorry with my bad english
      My ComputerSystem Spec
  2.    24 Apr 2017 #2
    Join Date : Apr 2017
    Posts : 93
    windows

    "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator."
    The message is clear: Restricted access has been set for certain(s) program(s). Do you own the computer? Are you an administrator?

    And of course: Is your machine infected?

    Try to create a new user account and check if the issue persists.

    Since you're running Win10 Pro, you have access to Group Policy. There is an Administrative Template "Don't run specified Windows Applications". Run it.

    See https://www.microsoft.com/en-us/down....aspx?id=48257
    and https://blogs.technet.microsoft.com/...ive-templates/
      My ComputerSystem Spec
  3.    24 Apr 2017 #3
    Join Date : Apr 2017
    Posts : 93
    windows

    Maybe I came up too strong. Forget about Administrative Templates for the moment.

    Instead, using the registry editor, navigate to: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
    and look at what's there, like a key named PowerShell in your case.
      My ComputerSystem Spec
  4.    25 Apr 2017 #4
    Join Date : Oct 2014
    Trnava
    Posts : 2,862
    Windows 10.4 Home 1709 x64

    That message looks similar to what I have, because I have blocked PS from running, like this:

    Code:
    reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisallowRun" /t REG_DWORD /d "1" /f
    reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "1" /t REG_SZ /d "powershell.exe" /f
    reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "2" /t REG_SZ /d "powershell_ise.exe" /f
      My ComputerSystem Spec
  5.    26 Apr 2017 #5
    Join Date : Apr 2017
    Posts : 5
    Windows 10 Pro
    Thread Starter

    yeah, i found it
    Click image for larger version. 

Name:	Screenshot (4).png 
Views:	3 
Size:	123.2 KB 
ID:	132141
    Should I delete that registry key?
      My ComputerSystem Spec
  6.    26 Apr 2017 #6
    Join Date : Oct 2014
    Posts : 920
    Windows 10 Pro

    Quote Originally Posted by TairikuOkami View Post
    That message looks similar to what I have, because I have blocked PS from running, like this:

    Code:
    reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisallowRun" /t REG_DWORD /d "1" /f
    reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "1" /t REG_SZ /d "powershell.exe" /f
    reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "2" /t REG_SZ /d "powershell_ise.exe" /f
    Is there a reason you do not want powershell to be able to run?
      My ComputerSystem Spec
  7.    26 Apr 2017 #7
    Join Date : Oct 2014
    Trnava
    Posts : 2,862
    Windows 10.4 Home 1709 x64

    Quote Originally Posted by vengeance455 View Post
    Should I delete that registry key?
    Yes.


    Quote Originally Posted by pparks1 View Post
    Is there a reason you do not want powershell to be able to run?
    Malware prevention, it is not like PS is required by anything. I actually remove PS as well.

    Lets Unpack: Dridex Loader | MalwareTech
    15 Ways to Bypass the PowerShell Execution Policy
    The rise of .NET and powershell malware - Securelist
    UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
      My ComputerSystem Spec
  8.    26 Apr 2017 #8
    Join Date : Oct 2014
    Posts : 920
    Windows 10 Pro

    Sure, .net tools could be used to craft attacks, but I am pretty sure very few boxes were compromised by people going through weaknesses in powershell. I could see a questionable user, who insists on running as an admin, executing a powershell script which does compromise the system.

    I am a big powershell user, and am going to GUI less Windows server which must be managed by powershell remotely. Different strokes I guess.
      My ComputerSystem Spec
  9.    28 Apr 2017 #9
    Join Date : Apr 2017
    Posts : 5
    Windows 10 Pro
    Thread Starter

    Quote Originally Posted by TairikuOkami View Post
    Yes.
    I have delete that registry, but after I restart my laptop, that registry appear again
    Click image for larger version. 

Name:	2017-04-29_01-23-05.jpg 
Views:	1 
Size:	115.9 KB 
ID:	132413
    i think, maybe the main problem is on Task Scheduler or Services which cause registry re-adding again
      My ComputerSystem Spec
  10.    28 Apr 2017 #10
    Join Date : Oct 2014
    Trnava
    Posts : 2,862
    Windows 10.4 Home 1709 x64

    Check, if it is disabled in group policy:

    Gpedit.msc\User Configuration\Administrative Templates\System\Don't run specified Windows applications

    Don,t Run Specified Windows Application, Run Only Specified Windows Application - YouTube
      My ComputerSystem Spec

 
Page 1 of 2 12 LastLast


Similar Threads
Thread Forum
Installation & Upgrade Update and Upgrade Windows 10 using PowerShell
Since its birth in November 2006 PowerShell has evolved to be the chosen tool of network administrators and advanced users alike. Originally a native Windows tool it has since August 2016 been an open source project, spreading its wings to other...
Tutorials
Solved Windows PowerShell acting weird?
Hello, After updating from insider to 15063 and 15063.11 RTM powershell seems to be showing random symbols, but when I try to copy paste these symbols somewhere else they show up as normal text. In powershell I see this: 127506 After...
General Support
Customization PowerShell - Add to Context Menu in Windows 10
How to Add PowerShell to Context Menu in Windows 10 Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. This tutorial will show you how to add or remove PowerShell from...
Tutorials
BitsTransfer using https on powershell 2.0 and windows 7
Hi, I have a question about using Bitstransfer on powershell in order to download data via https. The following code works well on powershell 5.5 of windows 10 while it does not work on powershell 2.2 of windows 7. In particular, the problem...
Network and Sharing
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 21:27.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums