From 07c4fcdc7466aca2c3d62a9c3f741f5d89d1606b Mon Sep 17 00:00:00 2001
From: WindowsAddict <windowsaddict@protonmail.com>
Date: Thu, 18 Jul 2024 04:36:50 +0530
Subject: [PATCH] Improve error check of SPP in HKU\S-1-5-20

---
 .../Activators/HWID_Activation.cmd            | 31 ++++++++++---------
 .../Activators/KMS38_Activation.cmd           | 31 ++++++++++---------
 .../Activators/Ohook_Activation_AIO.cmd       | 31 ++++++++++---------
 .../Activators/Online_KMS_Activation.cmd      | 31 ++++++++++---------
 4 files changed, 68 insertions(+), 56 deletions(-)

diff --git a/MAS/Separate-Files-Version/Activators/HWID_Activation.cmd b/MAS/Separate-Files-Version/Activators/HWID_Activation.cmd
index 862099d..71b0653 100644
--- a/MAS/Separate-Files-Version/Activators/HWID_Activation.cmd
+++ b/MAS/Separate-Files-Version/Activators/HWID_Activation.cmd
@@ -1327,14 +1327,7 @@ echo Checking Eval WLMS Service              [Found]
 )
 
 
-reg query "HKU\S-1-5-20" %nul% && (
-if %winbuild% GEQ 15063 reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform" %nul% || (
-set error=1
-call :dk_color %Red% "Checking S-1-5-20 SPP Reg               [Not Found]"
-set fixes=%fixes% %mas%troubleshoot
-call :dk_color2 %Blue% "Help - " %_Yellow% " %mas%troubleshoot"
-)
-) || (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% || (
 set error=1
 call :dk_color %Red% "Checking HKU\S-1-5-20 Reg               [Not Found]"
 set fixes=%fixes% %mas%troubleshoot
@@ -1431,25 +1424,35 @@ call :dk_color %Red% "Checking SvcRestartTask Status          [!taskinfo!]"
 )
 
 
-::  This code checks if NT SERVICE\sppsvc has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers. 
+::  This code checks if SPP has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers.
 
 set permerror=
-if not exist "%tokenstore%\" set permerror=1
-if %winbuild% GEQ 9200 for %%# in (
+if %winbuild% GEQ 9200 (
+for %%# in (
 "%tokenstore%+FullControl"
 "HKLM:\SYSTEM\WPA+QueryValues, EnumerateSubKeys, WriteKey"
 "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform+SetValue"
 ) do for /f "tokens=1,2 delims=+" %%A in (%%#) do if not defined permerror (
 %psc% "$acl = (Get-Acl '%%A' | fl | Out-String); if (-not ($acl -match 'NT SERVICE\\sppsvc Allow  %%B') -or ($acl -match 'NT SERVICE\\sppsvc Deny')) {Exit 2}" %nul%
-if !errorlevel!==2 set permerror=1
+if !errorlevel!==2 set permerror=Error_Found
 )
 
-if %winbuild% GEQ 9200 if defined permerror (
+if not defined permerror (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% && (
+set "pol=HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies"
+reg query "!pol!" %nul% || reg add "!pol!" %nul%
+%psc% "$acl = (Get-Acl 'Registry::!pol!' | fl | Out-String); if (-not ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Allow  FullControl') -or ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Deny')) {Exit 3}" %nul%
+if !errorlevel!==3 set "permerror=Error Found In S-1-5-20 SPP"
+)
+)
+
+if defined permerror (
 set error=1
-call :dk_color %Red% "Checking SPP Permissions                [Error Found]"
+call :dk_color %Red% "Checking SPP Permissions                [!permerror!]"
 if not defined showfix call :dk_color %Blue% "%_fixmsg%"
 set showfix=1
 )
+)
 
 
 ::  If required services are not disabled or corrupted + if there is any error + SoftwareLicensingService errorlevel is not Zero + no fix was shown before
diff --git a/MAS/Separate-Files-Version/Activators/KMS38_Activation.cmd b/MAS/Separate-Files-Version/Activators/KMS38_Activation.cmd
index 846e657..d89e2b5 100644
--- a/MAS/Separate-Files-Version/Activators/KMS38_Activation.cmd
+++ b/MAS/Separate-Files-Version/Activators/KMS38_Activation.cmd
@@ -1465,14 +1465,7 @@ echo Checking Eval WLMS Service              [Found]
 )
 
 
-reg query "HKU\S-1-5-20" %nul% && (
-if %winbuild% GEQ 15063 reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform" %nul% || (
-set error=1
-call :dk_color %Red% "Checking S-1-5-20 SPP Reg               [Not Found]"
-set fixes=%fixes% %mas%troubleshoot
-call :dk_color2 %Blue% "Help - " %_Yellow% " %mas%troubleshoot"
-)
-) || (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% || (
 set error=1
 call :dk_color %Red% "Checking HKU\S-1-5-20 Reg               [Not Found]"
 set fixes=%fixes% %mas%troubleshoot
@@ -1569,25 +1562,35 @@ call :dk_color %Red% "Checking SvcRestartTask Status          [!taskinfo!]"
 )
 
 
-::  This code checks if NT SERVICE\sppsvc has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers. 
+::  This code checks if SPP has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers.
 
 set permerror=
-if not exist "%tokenstore%\" set permerror=1
-if %winbuild% GEQ 9200 for %%# in (
+if %winbuild% GEQ 9200 (
+for %%# in (
 "%tokenstore%+FullControl"
 "HKLM:\SYSTEM\WPA+QueryValues, EnumerateSubKeys, WriteKey"
 "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform+SetValue"
 ) do for /f "tokens=1,2 delims=+" %%A in (%%#) do if not defined permerror (
 %psc% "$acl = (Get-Acl '%%A' | fl | Out-String); if (-not ($acl -match 'NT SERVICE\\sppsvc Allow  %%B') -or ($acl -match 'NT SERVICE\\sppsvc Deny')) {Exit 2}" %nul%
-if !errorlevel!==2 set permerror=1
+if !errorlevel!==2 set permerror=Error_Found
 )
 
-if %winbuild% GEQ 9200 if defined permerror (
+if not defined permerror (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% && (
+set "pol=HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies"
+reg query "!pol!" %nul% || reg add "!pol!" %nul%
+%psc% "$acl = (Get-Acl 'Registry::!pol!' | fl | Out-String); if (-not ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Allow  FullControl') -or ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Deny')) {Exit 3}" %nul%
+if !errorlevel!==3 set "permerror=Error Found In S-1-5-20 SPP"
+)
+)
+
+if defined permerror (
 set error=1
-call :dk_color %Red% "Checking SPP Permissions                [Error Found]"
+call :dk_color %Red% "Checking SPP Permissions                [!permerror!]"
 if not defined showfix call :dk_color %Blue% "%_fixmsg%"
 set showfix=1
 )
+)
 
 
 ::  If required services are not disabled or corrupted + if there is any error + SoftwareLicensingService errorlevel is not Zero + no fix was shown before
diff --git a/MAS/Separate-Files-Version/Activators/Ohook_Activation_AIO.cmd b/MAS/Separate-Files-Version/Activators/Ohook_Activation_AIO.cmd
index b6843b3..2f090f5 100644
--- a/MAS/Separate-Files-Version/Activators/Ohook_Activation_AIO.cmd
+++ b/MAS/Separate-Files-Version/Activators/Ohook_Activation_AIO.cmd
@@ -1777,14 +1777,7 @@ echo Checking Eval WLMS Service              [Found]
 )
 
 
-reg query "HKU\S-1-5-20" %nul% && (
-if %winbuild% GEQ 15063 reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform" %nul% || (
-set error=1
-call :dk_color %Red% "Checking S-1-5-20 SPP Reg               [Not Found]"
-set fixes=%fixes% %mas%troubleshoot
-call :dk_color2 %Blue% "Help - " %_Yellow% " %mas%troubleshoot"
-)
-) || (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% || (
 set error=1
 call :dk_color %Red% "Checking HKU\S-1-5-20 Reg               [Not Found]"
 set fixes=%fixes% %mas%troubleshoot
@@ -1881,25 +1874,35 @@ call :dk_color %Red% "Checking SvcRestartTask Status          [!taskinfo!]"
 )
 
 
-::  This code checks if NT SERVICE\sppsvc has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers. 
+::  This code checks if SPP has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers.
 
 set permerror=
-if not exist "%tokenstore%\" set permerror=1
-if %winbuild% GEQ 9200 for %%# in (
+if %winbuild% GEQ 9200 (
+for %%# in (
 "%tokenstore%+FullControl"
 "HKLM:\SYSTEM\WPA+QueryValues, EnumerateSubKeys, WriteKey"
 "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform+SetValue"
 ) do for /f "tokens=1,2 delims=+" %%A in (%%#) do if not defined permerror (
 %psc% "$acl = (Get-Acl '%%A' | fl | Out-String); if (-not ($acl -match 'NT SERVICE\\sppsvc Allow  %%B') -or ($acl -match 'NT SERVICE\\sppsvc Deny')) {Exit 2}" %nul%
-if !errorlevel!==2 set permerror=1
+if !errorlevel!==2 set permerror=Error_Found
 )
 
-if %winbuild% GEQ 9200 if defined permerror (
+if not defined permerror (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% && (
+set "pol=HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies"
+reg query "!pol!" %nul% || reg add "!pol!" %nul%
+%psc% "$acl = (Get-Acl 'Registry::!pol!' | fl | Out-String); if (-not ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Allow  FullControl') -or ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Deny')) {Exit 3}" %nul%
+if !errorlevel!==3 set "permerror=Error Found In S-1-5-20 SPP"
+)
+)
+
+if defined permerror (
 set error=1
-call :dk_color %Red% "Checking SPP Permissions                [Error Found]"
+call :dk_color %Red% "Checking SPP Permissions                [!permerror!]"
 if not defined showfix call :dk_color %Blue% "%_fixmsg%"
 set showfix=1
 )
+)
 
 
 ::  If required services are not disabled or corrupted + if there is any error + SoftwareLicensingService errorlevel is not Zero + no fix was shown before
diff --git a/MAS/Separate-Files-Version/Activators/Online_KMS_Activation.cmd b/MAS/Separate-Files-Version/Activators/Online_KMS_Activation.cmd
index 401d812..aae5e2a 100644
--- a/MAS/Separate-Files-Version/Activators/Online_KMS_Activation.cmd
+++ b/MAS/Separate-Files-Version/Activators/Online_KMS_Activation.cmd
@@ -2778,14 +2778,7 @@ echo Checking Eval WLMS Service              [Found]
 )
 
 
-reg query "HKU\S-1-5-20" %nul% && (
-if %winbuild% GEQ 15063 reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform" %nul% || (
-set error=1
-call :dk_color %Red% "Checking S-1-5-20 SPP Reg               [Not Found]"
-set fixes=%fixes% %mas%troubleshoot
-call :dk_color2 %Blue% "Help - " %_Yellow% " %mas%troubleshoot"
-)
-) || (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% || (
 set error=1
 call :dk_color %Red% "Checking HKU\S-1-5-20 Reg               [Not Found]"
 set fixes=%fixes% %mas%troubleshoot
@@ -2882,25 +2875,35 @@ call :dk_color %Red% "Checking SvcRestartTask Status          [!taskinfo!]"
 )
 
 
-::  This code checks if NT SERVICE\sppsvc has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers. 
+::  This code checks if SPP has permission access to tokens folder and required registry keys. It's often caused by gaming spoofers.
 
 set permerror=
-if not exist "%tokenstore%\" set permerror=1
-if %winbuild% GEQ 9200 for %%# in (
+if %winbuild% GEQ 9200 (
+for %%# in (
 "%tokenstore%+FullControl"
 "HKLM:\SYSTEM\WPA+QueryValues, EnumerateSubKeys, WriteKey"
 "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform+SetValue"
 ) do for /f "tokens=1,2 delims=+" %%A in (%%#) do if not defined permerror (
 %psc% "$acl = (Get-Acl '%%A' | fl | Out-String); if (-not ($acl -match 'NT SERVICE\\sppsvc Allow  %%B') -or ($acl -match 'NT SERVICE\\sppsvc Deny')) {Exit 2}" %nul%
-if !errorlevel!==2 set permerror=1
+if !errorlevel!==2 set permerror=Error_Found
 )
 
-if %winbuild% GEQ 9200 if defined permerror (
+if not defined permerror (
+reg query "HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion" %nul% && (
+set "pol=HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies"
+reg query "!pol!" %nul% || reg add "!pol!" %nul%
+%psc% "$acl = (Get-Acl 'Registry::!pol!' | fl | Out-String); if (-not ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Allow  FullControl') -or ($acl -match 'NT AUTHORITY\\NETWORK SERVICE Deny')) {Exit 3}" %nul%
+if !errorlevel!==3 set "permerror=Error Found In S-1-5-20 SPP"
+)
+)
+
+if defined permerror (
 set error=1
-call :dk_color %Red% "Checking SPP Permissions                [Error Found]"
+call :dk_color %Red% "Checking SPP Permissions                [!permerror!]"
 if not defined showfix call :dk_color %Blue% "%_fixmsg%"
 set showfix=1
 )
+)
 
 
 ::  If required services are not disabled or corrupted + if there is any error + SoftwareLicensingService errorlevel is not Zero + no fix was shown before