Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

File / Registry Permission Problem - Vista SP2


  • Please log in to reply
12 replies to this topic

#1 lmacri

lmacri

    Authentic Member

  • Authentic Member
  • PipPip
  • 37 posts

Posted 18 February 2011 - 12:07 PM

I'm having a problem with what appears to be corrupted file and/or registry permissions on my Vista SP2 laptop where both the SYSTEM and Administrators groups have lost full permissions in several C:\Windows subfolders and multiple Windows registry keys.

I originally posted in the Spyware / Malware / Virus Removal forum at http://forums.whatth...howtopic=116953 when I began having problems with Windows Update (now fixed), creating a new Hosts file in C:\Windows\System32\drivers\etc, and uninstalling software. The Classroom Administrator that was helping me in that thread has asked me to re-post in this Windows forum since I don't appear to have any malware on my system.

The posts at http://forums.whatth...howtopic=116953 starting with February 16 (Post # 21) are likely most relevant to this issue. To summarize, we tried using the SubInALC with the following XP / Server 2003 code to reset the registry permissions, but received several errors related to RegSetKeySecurity (see attached .JPG)

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
subinacl /subdirectories %SystemDrive% /grant=administrators=f
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=system=f

I found the following code in a blog at http://blog.tiensivu.com/aaron/archives/14...sions!.html that is supposed to work for Vista SP1 / Server 2008 (I run Vista SP2) but I am unsure if it's safe to run this code with SubInACL:

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=administrators=f /grant=system=f
subinacl /subdirectories %windir%\*.* /grant=administrators=f /grant=system=f

The Vista SP1 code above might work if this is just a registry/folder permission problem, but if it fails like the XP code then this might indicate that I have a problem with my local security policy that could be blocking these registry permissions changes.
--------
Vista Home Premium 32-bit SP2 * IE 8 * Firefox 3.6.13 NIS 2011 v. 18.5 * NU 14.5 *MBAM v. 1.50
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS

Attached Thumbnails

  • Maximized_SubInACL_Command_Prompt_17_Feb_2011.jpg

Edited by lmacri, 21 February 2011 - 01:24 PM.

    Advertisements

Register to Remove


#2 Lee

Lee

    Occasional Tech

  • Visiting Tech
  • PipPipPipPipPip
  • 2,534 posts

Posted 19 February 2011 - 12:05 AM

Hi lmacri, Have you tried a System Restore to a date before you started having these problems? Cheers, Lee

The free advice, opinions and sentiments expressed here are mine only, so you can safely assume I have no software or OS company patrons or any other benefactors when I post in this forum.


#3 lmacri

lmacri

    Authentic Member

  • Authentic Member
  • PipPip
  • 37 posts

Posted 19 February 2011 - 09:39 AM

Hi Lee:

I tried a System Restore on February 2, 2011 but the oldest restore point I had then was created January 18, 2011, and my problems started before this. I immediately reverted back to my February 2, 2011 restore point after I confirmed the system restore to January 18th hadn't solved my problems.

I'm not certain, but I think this issue started a long time ago after an update to either Vista SP1 (performed by HP at the factory) or SP2.

I have a LanguagePackSetup error (EventID 1003, CBS error 0x800f0825 reported while operating on UI Language Pack for fr-FR) on my system at boot-up that I noticed in my Event Viewer over a year ago that disappears if I disable the LPRemove task in Task Scheduler (Task Scheduler Library | Microsoft | Windows | MUI | LPRemove). LPRemove.exe can't remove a French language pack MUI that probably shouldn't even be installed on a Vista Home Premium machine, and I traced this error all the way back to a date before I even purchased my laptop in August 2008. I now suspect this problem is also caused by a Windows folder or registry key that the SYSTEM or Administrators group does not have delete permissions for.

It never occurred to me that most, if not all, of my problems could be related to Windows file/registry permissions. I've just kept ahead of it by manually deleting orphaned files in my C:\Program Files folder and cleaning my registry with CCleaner every time I uninstalled software. It finally caught up with me when I started getting errors on the Microsoft Update website at www.update.microsoft.com because my temporary Internet files apparently weren't purging properly when I deleted my browser history from within IE 8.
--------
Vista Home Premium 32-bit SP2 * IE 8 * Firefox 3.6.13 * NIS 2011 v. 18.5 * NU 14.5 * MBAM v. 1.50
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS


#4 Lee

Lee

    Occasional Tech

  • Visiting Tech
  • PipPipPipPipPip
  • 2,534 posts

Posted 19 February 2011 - 03:51 PM

I've just kept ahead of it by manually deleting orphaned files in my C:\Program Files folder and cleaning my registry with CCleaner every time I uninstalled software.

Registry cleaners are not a good move. They are regularly the cause of operating system problems and failures.
There is a commonly held misconception that the Windows registry is a large text file that is "searched" and that leftover entries slow this search down or interferes with system stability. This heavily promoted false misconception sells a lot of registry cleaners.
Think of the registry as a Tree. A program or OS component just accesses appropriately needed records from the correct branch and that's all. Invalid entries (dead branches) are just never accessed and nor do they have any effect on system stability or performance. Removing a valid entry will and all reg. cleaners do this from time to time. Along with PC optimizers, auto registry cleaners are the snake-oil of the software industry.

A good program uninstaller like RevoUninstaller http://www.revounins...e_download.html
will remove files in the registry that might interfere with a fresh install of the same or similar program that is being uninstalled. Using a registry cleaner to do so is dangerous to your PC's health.

As your PC problem goes back such a long way, have you considered a clean re-install of Vista? Either from a Vista retail disk or a system repair disk depending on what you have available.
Before doing so though, do a backup of all your important data to a USB hard drive or to disks. Don't forget your Email, passwords and serial numbers etc. If you haven't done so already, It might be a good idea to do a thorough back-up now anyway.

Cheers,
Lee

Edited by Lee, 19 February 2011 - 11:23 PM.

The free advice, opinions and sentiments expressed here are mine only, so you can safely assume I have no software or OS company patrons or any other benefactors when I post in this forum.


#5 lmacri

lmacri

    Authentic Member

  • Authentic Member
  • PipPip
  • 37 posts

Posted 20 February 2011 - 09:51 AM

Hi Lee:

I'm not really sure how to do to a repair install of Vista SP2 on my machine. Here are three possible problems I listed in my previous thread in the WTT Malware forum (see post # 35):
  • My HP laptop did not come with a Windows Vista SP1 DVD. Instead I have a recovery partition on my hard drive (D: drive) and a set of 3 recovery CDs that I created just after I purchased my laptop in Aug 2008.
  • I now have Vista SP2 installed in my PC, which would mean I would either have to create a Vista SP2 slipstream DVD (according to the repair install instructions at the link I was given here, which looks way beyond my technical abilities) or uninstall SP2 and then repair SP1 from my recovery disks.
  • The Vista SP1 files on my recovery disks might also be corrupted if the problem with my registry/folder permissions occurred during the factory install of SP1 prior to Aug 2008.
I called the store where I bought my laptop and asked if they could perform Vista repair for me. The repair tech said that they would likely just wipe my entire hard drive and install a clean Vista SP2 OS, which I really don't want to do at this point.

I know there's a Windows Vista / Server 2008 Service Pack 2 Five Languages Standalone (KB948465) available for download here but I have no idea if I can simply burn this file to a CD or DVD and use it for a repair install of my Vista SP2.

Thanks for the link to the Revo Uninstaller. I'll install it and give it a test run this afternoon.
--------
Vista Home Premium 32-bit SP2 * IE 8 * Firefox 3.6.13 * NIS 2011 v. 18.5 * NU 14.5 * MBAM v. 1.50
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS


#6 Lee

Lee

    Occasional Tech

  • Visiting Tech
  • PipPipPipPipPip
  • 2,534 posts

Posted 20 February 2011 - 04:03 PM

I called the store where I bought my laptop and asked if they could perform Vista repair for me. The repair tech said that they would likely just wipe my entire hard drive and install a clean Vista SP2 OS, which I really don't want to do at this point.

Sounds like a good backup option anyway :)

I have read your other thread where CatByte was trying to solve your issues before finally suggesting you post a thread in Windows WTT section.


I would try an option mentioned here http://www.vistax64....tall-vista.html of removing SP1 and then doing a repair install (not an upgrade repair install), but include the removal of SP2 as well before proceeding with the repair install. Then install SP1 and SP2 again afterwards.

To uninstall Sevice Packs, see: How to uninstall Windows Vista service packs as a troubleshooting step :http://support.microsoft.com/kb/948537

Make sure all important data is backed up as mentioned in my initial post and download these stand alone Service Packs to disk before you do anything else. They do not need to be slipstreamed to a repair or install disk as they can be installed directly to your Vista OS.

SP1 from this link: http://www.microsoft...;displaylang=en

SP2 from this link:
http://www.microsoft...;displaylang=en

Do the Vista repair install from your repair disks and after installing SP1 rebooting and defraging, install SP2, reboot.and then defrag again.

Your other option is to do an image restore back to factory state, remove the possibly corrupted SP1 on it and then install your new SP1 and SP2.

Cheers,
Lee

The free advice, opinions and sentiments expressed here are mine only, so you can safely assume I have no software or OS company patrons or any other benefactors when I post in this forum.


#7 lmacri

lmacri

    Authentic Member

  • Authentic Member
  • PipPip
  • 37 posts

Posted 21 February 2011 - 07:38 AM

Hi Lee:

I looked a bit further into the Windows repair install you suggested and I don't really feel comfortable trying a complex OS repair like this by myself when the SYSTEM and Administrators group don't have modify or write permissions for most of the subfolders in C:\Windows on my system. I'm worried that I might run into the same problem as I did trying to create a new Hosts file in C:\Windows\System32\drivers\etc (see post # 26 in my previous thread) and end up deleting critical system files.

Do you have any experience with the SubInACL permissions reset commands that I mentioned in my original post? I was hoping that giving the SYSTEM and Administrators groups full permissions to the subdirectories in C:\Windows could solve many of my problems. These SubInALC commands seem to appear in several Vista forums and blogs, except that they sometimes include the following additional line at the end of the batch file to reset default group permissions:

secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose

Microsoft has advised that this "secedit /configure” command in the last line of the batch file, which is used to import the default security template dfltbase.inf, might not correctly reset all security defaults for Vista and Win 7 users (see here).
--------
Vista Home Premium 32-bit SP2 * IE 8 * Firefox 3.6.13 * NIS 2011 v. 18.5 * NU 14.5 * MBAM v. 1.50
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS


#8 Lee

Lee

    Occasional Tech

  • Visiting Tech
  • PipPipPipPipPip
  • 2,534 posts

Posted 21 February 2011 - 12:12 PM

SubInACL permissions reset.
Reset default registry permissions
http://www.laptop-ga...tre-par-defaut/

Cheers,
Lee

The free advice, opinions and sentiments expressed here are mine only, so you can safely assume I have no software or OS company patrons or any other benefactors when I post in this forum.


#9 lmacri

lmacri

    Authentic Member

  • Authentic Member
  • PipPip
  • 37 posts

Posted 21 February 2011 - 01:21 PM

Hi Lee:

I'm not fluent en francais, but the SubInACL code in the link you provided looks similar to the English version of the XP code that CatByte found in the MS Support article at http://support.microsoft.com/kb/968003 that didn't fix the permissions in the C:\Windows subfolders on my Vista SP2 machine (see post # 27 in my Malware forum thread).

If you compare it to the Vista SP1 SubInACL code in my first post, the line highlighted in red is missing:

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=administrators=f /grant=system=f
subinacl /subdirectories %windir%\*.* /grant=administrators=f /grant=system=f

I need to know if the above code will work for Vista SP2, and whether I would still need to reset the default security permissions for the user groups from the Microsoft Management Console (MMC) as well, as implied by the secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose command also included in the in the blog posting here.
--------
Vista Home Premium 32-bit SP2 * IE 8 * Firefox 3.6.13 * NIS 2011 v. 18.5 * NU 14.5 * MBAM v. 1.50
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS

Edited by lmacri, 21 February 2011 - 01:40 PM.


#10 Lee

Lee

    Occasional Tech

  • Visiting Tech
  • PipPipPipPipPip
  • 2,534 posts

Posted 21 February 2011 - 03:42 PM

I have revisited your thread in the Melware section and noted CatBytes advice in post #27 for resetting registry permissions.
You were unsuccessful, so something is wrong as those instructions should have worked. SP2 being installed is irrelevant. After reading though to post #32, I find:

The text file of the reset.cmd errors is too large to post (>800 MB!!)

Sections of your Registry are obviously in serious trouble it seems.There are just too many errors and I'm not surprised that everything you tried failed.
.
There are only a couple of options left open to you to fix your Vista OS, as there comes a time when a clean slate is the only sensible course of action.

1. You can uninstall your service packs and do a repair install. If you suspect the SP1 on your recovery disk is corrupted, remove it after it is installed and then install the fresh stand-alone service packs I advised you to download.

2. Return the PC to factory state and then install both service packs if the factory state has none.

Cheers,
Lee

Edited by Lee, 21 February 2011 - 03:48 PM.

The free advice, opinions and sentiments expressed here are mine only, so you can safely assume I have no software or OS company patrons or any other benefactors when I post in this forum.


#11 lmacri

lmacri

    Authentic Member

  • Authentic Member
  • PipPip
  • 37 posts

Posted 28 February 2011 - 09:13 AM

Hi Lee:

I was finally able to use SubInACL to repair my Windows Vista registry and folder permissions, and the SYSTEM and Administrators groups have full permissions again.

I followed the instructions on Aaron Stebner's MSDN blog posted here. SubInACL worked correctly when I created the reset.cmd file exactly as described on Aaron's blog by launching Notepad from within an elevated command prompt and then saving the edited reset.cmd file in C:\Windows\System32 (i.e., in the same directory as the cmd.exe command prompt executable).

I used Aaron's "modified" batch file posted on his server here (see attached .txt file) as a template since it works for both 32- and 64-bit versions of Vista and does not output the SubInALC messages to a text file. If the SubInACL tool has to make multiple changes to your permissions, the text file for this log can become quite large.

Thanks to CatByte for providing the link to Aaron's blog in the WTT Malware Forum (see post # 41 here).
--------
Vista Home Premium 32-bit SP2 * IE 8 * Firefox 3.6.13 * NIS 2011 v. 18.5 * NU 14.5 * MBAM v. 1.50
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS

Attached Files


Edited by lmacri, 28 February 2011 - 09:23 AM.


#12 Lee

Lee

    Occasional Tech

  • Visiting Tech
  • PipPipPipPipPip
  • 2,534 posts

Posted 28 February 2011 - 01:09 PM

Good to hear you had a result and for sharing the final fix :thumbup: Cheers, Lee

The free advice, opinions and sentiments expressed here are mine only, so you can safely assume I have no software or OS company patrons or any other benefactors when I post in this forum.


#13 showbizkid

showbizkid

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 15 May 2013 - 11:01 AM

+1 thanks for getting this info boiled down. I finally got Office 2010 to work properly and stop reinstalling itself everytime a component was launched! One note: the reset.cmd file must also be launched from the elevated command prompt. Running it from the Run line or other non-elevated cmdbox results in security errors. Just FYI.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users