Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - RaveRocks

Pages: 1 [2]
26
General Computer Support / Re: Vista Help Pls - Bad Install (and then some!)
« on: October 01, 2015, 03:07:25 am »
After this afternoon's fixes, I noticed that, when logged in as Larry (me), I have two Downloads folders, two Documents folders as well as two folders each labeled Desktop, Music, Videos, and Pictures.  In each case, one is empty and one contains my old stuff.  The current profile for me points at the empty folder created at 9pm, about 4 hours after my last fix, so this must have happened when either I logged in. or when I ran sfc /scannow.  I scanned through the registry looking at the services that continued to fail and the services that they depend on and came away with no good new clues.  I've created boot log and logged on a couple of time in 'debug' mode and look forward to seeing their contents, but I need sleep so it'll have to wait until tomorrow.

=====edit01=====

I just remembered what process I ran at 9pm-ish last night.  We can blame "Windows Easy Transfer" for creating the new folders and restoring my data into the wrong place.  I couldn't run the utility under my regular logon (dependency service wasn't available) so I let Windows make the move while logged in as Administrator.  Today's task would seem to be finding out why Windows services load under one User and not another. 

=====edit02=====

I think I found the problem.  I found a blank entry in the WinLogin\GPExtensions list that points to Administrative Templates.  AND that starts up Userenv.dll which I do believe is the source of all my issues.

The GUID for the blank entry is 35378EAC-683F-11D2-A89A-00C04FBBCFA2.

I'm hoping someone out there knows how to create a reg file for me that will update the values as they should be for that logon task in Windows Vista. 

I'm not sure how to pull a value out of an old registry backup from a few months ago or if it's even possible. 

At least I see a twinkle of light at the end of this dark tunnel.




27
General Computer Support / Re: Vista Help Pls - Bad Install (and then some!)
« on: September 30, 2015, 08:40:51 pm »
What a day!  This is pure opera drama without the singing and orchestra.  Or maybe a Quentin Tarantino movie with an all cat, dog and monkey cast.  So last night about 3am, I discovered a complete install of Tweaking.com's Windows Repair tool AND IT WORKS.  It was in the C:\Temp directory . . . not where I'd expect to find it. It was there since September 15th, 2015.  I decided I was on the verge of needing toothpicks to keep my eyes open and left the repair attempts until after my daily three cups of coffee and breakfast (details on twitter, HA!).

Windows Vista is a cursed operating system and until mid-September, I had no clue as to why.  As soon as I can, I will abandon it for good.  Safe Mode, for example, does not include support for either a Serial Bus keyboard or a USB keyboard, so when I see the message "Press any key to continue" in a CMD window, I know I'm doomed.  I used the Administrator account for both of this afternoon's repair sessions, mostly because its account does not require a password at sign on.  After the repairs, when I log in to my normal passworded account, I am unable to use any of the Administrator tools, getting an error that 'The dependency service or group failed to start".  When I log in as Administrator, I can use the Admin tools.  Here is a list of errors (Administrative View) in order of their occurrence, after a cold (de-electrified) start and when logging in as Administrator.

-----------------------------------------------

The winlogon notification subscriber <Profiles> was unavailable to handle a critical notification event.

DCOM got error "1083" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

The User Profile Service service failed to start due to the following error:
The executable program that this service is configured to run in does not implement the service.

The Application Information service depends on the User Profile Service service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

The User Profile Service service failed to start due to the following error:
The executable program that this service is configured to run in does not implement the service.

The Application Information service depends on the User Profile Service service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

The User Profile Service service failed to start due to the following error:
The executable program that this service is configured to run in does not implement the service.

The Application Information service depends on the User Profile Service service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

The User Profile Service service failed to start due to the following error:
The executable program that this service is configured to run in does not implement the service.

The Application Information service depends on the User Profile Service service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

---------------------------------

And that pair of errors repeated a few more times.

When logging in as Larry, I get a whole different set of errors which I'll get to later if important. (The majority of the errors include the line: "The executable program that this service is configured to run in does not implement the service." )  Firefox history and the cookies are gone. (No problem because I exported them and hopefully I'll be able to import them when things settle down.)

I looked through the logs that the Windows Repair Tool produces and found 'several' Access Denied occurrences.  I'm attaching 2 Rar files containing the two sets of logs, one for each repair session.  I was hoping to include the Admin Event logs for both of the repair sessions and for log in attempts after the repairs, but Miss Vista is being quite the <you choose> and most uncooperative. I'm not going to attempt any manual changes to the registry and I'll wait until a further study of the situation before I change my user settings. 

I do have the registry backup produced in June of this year by JRT.EXE and if all else fails, I'll go that dangerous route because getting all those ntuser.dat files in the right place and turning off the right services to be able to HAVE file access, is not going to be a task for a tired ex-programmer ex-dj who wishes he hadn't given up on recreational drugs years ago.

28
General Computer Support / Re: Vista Help Pls - Bad Install (and then some!)
« on: September 30, 2015, 04:12:23 am »
Reporting in.  And I made a huge discovery tonight.  A few months back (May), I ran malwarebytes and JRT.EXE after a run-in with some nasty adware that wouldn't disappear from FireFox.  I feel blessed.  Big Time!  JRT ran a Registry Backup before two scans.  I'm sure I will only need to reinstall any software that was installed after the date of the last RegBack.  There are no step by step instructions for running the CMD file in the folder.  I do believe I should run Windows Recovery Console, which I've also found a good copy of and then open a cmd window (as admin) and run the bat file from within the little black box.  I guess I'm a bit chicken to do it, after the past two weeks of near purgatory.  But here goes.  I'll report back.

29
General Computer Support / Re: Vista Help Pls - Bad Install (and then some!)
« on: September 29, 2015, 05:22:12 am »
As you'll see from the stuff I'm posting today, MBam is currently installed.  There currently is no malware detected.  Currently. 

I've just finished a review of the currently running apps and services on my PC from the perspective of their perceived 'Environments'.  One of the most useful tools is Process Explorer.  If you are not using it now, you should be.  One of the most useful debugging tools I've come across in a long time. 

Apologies for the long post, but I thought I should document my woes.  If nothing else, it has taught me lessons I didn't want to learn.  If nothing else, this exercise has shown how easy it is to screw up the registry and to keep the HELL away from it at all costs.  It is nice to have picked up some useful knowledge along the way.  I hope the following assists someone else and perhaps will turn on some light bulbs and more hints as to what to do next.  Lots of data to sift through, I know.  If you take the plunge, thank you for your future insights. 

----------------------------------------------------------------

Here is a list of my defined system variables that the Explorer.exe beast passes on to applications that the user chooses to
start.  The variables that point to data locations provide these applications with places to dump temp data and also a place
for them to store ini and set up data to be retrieved whenever the app or service is called upon.  Watch for the USERDOMAIN
variable that points to classes of tasks and appropriate locations for these classes. 

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\USERS\LARRY\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LARRY-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEPATH=c:\Users\LARRY
LOCALAPPDATA=C:\USERS\LARRY\AppData\LOCAL
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=HPD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 67 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4302
ProgramData=C:\PROGRAMDATA
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=c:\USERS\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp
TMP=C:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp
USERNAME=LARRY
USERPROFILE=C:\USERS\LARRY
windir=C:\Windows

==================================

Using Process Explorer, this is a look at the Environments of the Outer Shell of Windows Vista.

System Process
  said it had 4 Properties, but did not display them and errored when I tried to have Process Explorer move to other tabs.

Interrupts Process
  shows a blank window

smss Process

Path C:\Windows\System32
SystemDrive  C:
SystemRoot   C:\Windows

csrss.exe Process

ComSpec   C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK   NO
NUMBER_OF_PROCESSORS   2
OnlineServices   Online Services
OS   Windows_NT
Path   C:\Windows\System32
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND   Pavilion
PLATFORM   HPD
PROCESSOR_ARCHITECTURE   x86
PROCESSOR_IDENTIFIER   x86 Family 15 Model 67 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL   15
PROCESSOR_REVISION   4302
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERNAME   LARRY
windir   C:\Windows

winlogon.exe

SystemDrive   C:
SystemRoot   C:\Windows
TEMP           C:\Windows\TEMP
TMP           C:\Windows\TEMP
USERNAME   LARRY
USERPROFILE   C:\Windows\system32\config\systemprofile

wininit

USERNAME Larry
USERPROFILE C:\Windows\system32\config\systemprofile
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
Path   C:\Windows\System32
ALLUSERSPROFILE   C:\ProgramData

services.exe

ALLUSERSPROFILE   C:\ProgramData
CommonProgramFiles   C:\Program Files\Common Files
COMPUTERNAME   LARRY-PC
ComSpec   C:\Windows\system32\cmd.exe
Path   C:\Windows\System32
ProgramData   C:\ProgramData
ProgramFiles   C:\Program Files
PUBLIC   C:\Users\Public
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERNAME   LARRY
USERPROFILE   C:\Windows\system32\config\systemprofile
windir   C:\Windows

==========================================

That is the outer shell of Windows Vista, otherwise known as Gates's Folly Number 3.
A setting somewhere is hi-jacking TEMP and TMP Public variables that are being set and 'hard coded' by the user. Also, the
USERPROFILE SYSTEM variable is being set by a call to Systemprofile.  That's all well and good, just as long as it returns the
proper value to whatever process is asking for it. Jumping into another Window's level, here's a look at the Programs running
in Explorer.EXE

Explorer.Exe

ALLUSERSPROFILE   C:\ProgramData
APPDATA   C:\USERS\LARRY\AppData\Roaming
CommonProgramFiles   C:\Program Files\Common Files
COMPUTERNAME   LARRY-PC
ComSpec   C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK   NO
HOMEPATH   c:\Users\LARRY
LOCALAPPDATA   C:\USERS\LARRY\AppData\LOCAL
NUMBER_OF_PROCESSORS   2
OnlineServices   Online Services
OS   Windows_NT
Path   C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

ProgramData   C:\PROGRAMDATA
ProgramFiles   C:\Program Files
PUBLIC   c:\USERS\Public
SESSIONNAME   Console
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   c:\Users\Larry\AppData\Local\Temp
TMP   c:\Users\Larry\AppData\Local\Temp
USERNAME   LARRY
USERPROFILE   C:\USERS\LARRY
windir   C:\Windows


HP Connections.exe

(same as Explorer.EXE, but adds)
bwrootdatapath   C:\Program Files\HP Connections\6811507\Users\Default\


firefox.exe

(same as Explorer.EXE, but adds)
MOZ_CRASHREPORTER_DATA_DIRECTORY   C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Crash Reports
MOZ_CRASHREPORTER_EVENTS_DIRECTORY   C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\nsb978da.LrB\crashes\events
MOZ_CRASHREPORTER_RESTART_ARG_0   C:\Program Files\Mozilla Firefox\firefox.exe
MOZ_CRASHREPORTER_STRINGS_OVERRIDE   C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini


hpwuSchu2.exe
msseces.exe
hpsysdrv.exe
issch.exe
jusched.exe
ehtray.exe
CCleaner.exe
hpfohmr08.exe
hpotdd01.exe
notepad.exe
procexp.exe
kbd.exe


And not too surprisingly, the above EXE files, running 'inside' Explorer, all had identical Environments as Explorer.Exe

MSASCui.exe
This EXE runs piggy-back on Explorer and inherits it's Environment from Explorer.EXE as well and adds a few of it's own.

MpConfig_ProductAppDataPath   C:\ProgramData\Microsoft\Windows Defender
MpConfig_ProductCodeName   AntiSpyware
MpConfig_ProductPath   C:\Program Files\Windows Defender
MpConfig_ProductUserAppDataPath   C:\USERS\LARRY\AppData\Local\Microsoft\Windows Defender
MpConfig_ReportingGUID   0CA2C2EE-C5BE-4E71-8B03-B4603DF77DAB
mydocuments   C:\USERS\LARRY\Desktop


deluged.exe

Weirdly, this Torrent client has the same 4 environment variables addeded by Firefox, but otherwise it's environment
is identical to Explorer.exe. (worth exploring and testing the order of loading after a reboot.)

MOZ_CRASHREPORTER_DATA_DIRECTORY   C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Crash Reports
MOZ_CRASHREPORTER_EVENTS_DIRECTORY   C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\nsb978da.LrB\crashes\events
MOZ_CRASHREPORTER_RESTART_ARG_0   C:\Program Files\Mozilla Firefox\firefox.exe
MOZ_CRASHREPORTER_STRINGS_OVERRIDE   C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini

And this explains why I'm able to call most executables and use computer functions like file copying, DVD burning, USB
support, Internet, etc. because Explorer is providing a safe work space.  It's when one of these applications uses system
calls that refer to another 'level' of Windows Vista, the Services.

=============================================================

Now the fun begins.  Services are really messed up on my HP Pavillion and some of them for quite some time so please do not
use the following as a guideline, because the memory variables at each level seems to be conflicting and that has to be
pointing to settings in an external ini or dat file which are scattered everywhere you look, at least you'll find them if you
turn 'Hidden and System' files ON in your Searches.  I'm hoping that by unravelling a bit of the mystery in words  and print,
I might come up a way out of my conumdrum as my 'NEW' PC may be months away, unless some rich benefactor feels compassion and raises above the ordinary and becomes a Prince or Princess in my life.   For the purposes of this document, I'm going to group them in much the way Explorer has set up an environment for applications to Inherit.  Danger Will Robinson.  Danger!  He who programs system calls outside it's Windows Vista 'layer'  Just a reminder that Services.exe is responsible for this layer of Windows Vista and that it inherits from Wininit.exe and from the outer shell. The main discrepancies that differ from the environment that Explorer.EXE provides include the following memory variables

TEMP  C:\Windows\TEMP
TMP  C:\Windows\TEMP
USERNAME  LARRY
USERPROFILE C:\Windows\system32\config\systemprofile

Get ready. It's going to be a BUMPY night.

svchost.exe [0 instance] - - where it all starts

Just a few words of scorn about this service that has heard every swear word directed at it in every language around the world
ever since some programmer decided this was the name that everyone would curse as long as a PC exists that still runs
XP,Vista,7,8,etc.  It's been called every male and female body part, some of them out of my mouth I'll admit. And it's not
surprising when you lift the hood into this world (at least on my HOOPED HP Pavillion 12 year old PC, sob sob)

svchost.exe [1 instance]

ALLUSERSPROFILE   C:\ProgramData
APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
CommonProgramFiles   C:\Program Files\Common Files
COMPUTERNAME   LARRY-PC
ComSpec   C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK   NO
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
NUMBER_OF_PROCESSORS   2
OnlineServices   Online Services
OS   Windows_NT
PATH   C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND   Pavilion
PLATFORM   HPD
PROCESSOR_ARCHITECTURE   x86
PROCESSOR_IDENTIFIER   x86 Family 15 Model 67 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL   15
PROCESSOR_REVISION   4302
ProgramData   C:\PROGRAMDATA
ProgramFiles   C:\Program Files
PUBLIC   c:\USERS\Public
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$
windir   C:\Windows

At least this instance has same identifiers as the outer shell, such as the values for TMP, TMP, windir, OS, comspec, path,
systemDrive, etc. Where it differs in the USERNAME value that ends up creating (or requiring) access to files that need to
exist in different locations than if an application from within the Explorer.Exe layer would look and expect existence and
values.

This is the first instance of SvcHost.exe that we've opened and it calls ehmas.exe which surprisingly has the following
environment:

ALLUSERSPROFILE   C:\ProgramData
APPDATA   C:\USERS\LARRY\AppData\Roaming
CommonProgramFiles   C:\Program Files\Common Files
COMPUTERNAME   LARRY-PC
ComSpec   C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK   NO
HOMEPATH   c:\Users\LARRY
LOCALAPPDATA   C:\USERS\LARRY\AppData\LOCAL
NUMBER_OF_PROCESSORS   2
OnlineServices   Online Services
OS   Windows_NT
Path   C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND   Pavilion
PLATFORM   HPD
PROCESSOR_ARCHITECTURE   x86
PROCESSOR_IDENTIFIER   x86 Family 15 Model 67 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL   15
PROCESSOR_REVISION   4302
ProgramData   C:\PROGRAMDATA
ProgramFiles   C:\Program Files
PUBLIC   c:\USERS\Public
SESSIONNAME   Console
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   c:\Users\Larry\AppData\Local\Temp
TMP   c:\Users\Larry\AppData\Local\Temp
USERNAME   LARRY
USERPROFILE   C:\USERS\LARRY
windir   C:\Windows

This is a portion of the Media Center Media Status Application that is called into action by Explorer.EXE as required by the
User.  On my machine, it hasn't been called ever since I stopped using the old-style non-HD Video tuner. It might be handy
some day and I turned it on to show the interaction of the multiple layers.

The question: What would happen if this app would call other apps in other layers that have different values for key data
locations and file names and in conversing with the program entity in another layer, is only sent over the Token name and not
the Token value.  ie: sending over '%USERNAME%' rather than the current content of that variable.

svchost.exe [2 instance]

nvvsvc.exe
The next user environment is for an application service that is called directly by services.exe without the need of a 'host'
framework or extra layer.  It's working environment is identical to Services.EXE but it is running so the EXE it calls can
exist in both layers. Each layer has different values for USERNAME, TMP and TEMP

ALLUSERSPROFILE   C:\ProgramData
APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
CommonProgramFiles   C:\Program Files\Common Files
COMPUTERNAME   LARRY-PC
ComSpec   C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK   NO
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
NUMBER_OF_PROCESSORS   2
OnlineServices   Online Services
OS   Windows_NT
Path   C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
ProgramData   C:\PROGRAMDATA
ProgramFiles   C:\Program Files
PUBLIC   c:\USERS\Public
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$
windir   C:\Windows

nvxdsync.exe is the Nvidia User Experience Driver Component and is run directly by Services and therefore inherits that
environment. This exe calls another nVidia process nvTray which has different values for USERPROFILE and USERNAME which means different locations for data and files that are referenced by layer specific values.  Imagine if an application used one
service to find a location to write information to and then uses another Service applicaion that has other locations in mind
when those same referenced names are used. 

USERNAME      Larry
USERPROFILE   C:\Users\Default

And if the internal application would run a process and create a file, the outer process may not be able to find it if each
layer used it's own Inherited naming convention.


svchost.exe [3 instance] and is described as a Host service for Windows Services with references to a Network
Environment, different than either of the other two uses of SvcHost.exe so far.  I've removed the repeated variables that were
inherited from the outer layers of Windows Vista,  The values for TEMP and TMP are interesting and do not appear anywhere in
the registry.

APPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Local
ProgramData   C:\ProgramData
ProgramFiles   C:\Program Files
PUBLIC   C:\Users\Public
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\Windows\ServiceProfiles\NetworkService


MsMpEng.Exe is another service called directly by Services.EXE.  It resembles the Environment that Services.Exe
provided the first three instances of SvcHost.exe and other directly called apps.

ALLUSERSPROFILE   C:\ProgramData
APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
commonfiles   C:\Program Files\Common Files
CommonProgramFiles   C:\Program Files\Common Files
COMPUTERNAME   LARRY-PC
ComSpec   C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK   NO
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
NUMBER_OF_PROCESSORS   2
OnlineServices   Online Services
OS   Windows_NT
PATH   C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
progfiles   C:\Program Files
ProgramData   C:\PROGRAMDATA
ProgramFiles   C:\Program Files
PUBLIC   c:\USERS\Public
systemdir   C:\Windows\system32
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$
windir   C:\Windows

svchost.exe [4 instance] is another instance of this wonderful entity.  This time, however, the USERNAME and
USERPROFILE locations point to different folders.  And if you've noticed, the USERDOMAIN is same as . I've removed variables
from the outer shells such as comspec, COMPUTERNAME, etc.

APPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Local
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
ProgramData   C:\ProgramData
ProgramFiles   C:\Program Files
PUBLIC   C:\Users\Public
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
USERDOMAIN   NT AUTHORITY
USERNAME   LOCAL SERVICE
USERPROFILE   C:\Windows\ServiceProfiles\LocalService
windir   C:\Windows

svchost.exe [5 instance] calls the Desktop Window Manager (DRM.EXE)

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
PATH   C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
ProgramData   C:\PROGRAMDATA
ProgramFiles   C:\Program Files
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$

DRM.EXE

USERNAME   LARRY
USERPROFILE   C:\Users\Default

Note that the USERNAME and USERPROFILE names will point int 'opposite' directions if any use of these token names are
referenced by services or programs from different layers. I guess DOMAINS might be a useful identifier to key in on for the
rest of this diatribe.


svchost [6 instance] labeled as the GPSvcGroup and it sit idle.

HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL

Path   C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$
windir   C:\Windows


SLsvc.exe is the software licensing service and is called directly by Services.EXE and has a recognizable USERNAME and
USERPROFILE value.  The TEMP and TMP variables directing subscribing applications to a file location deep within the bowels of
c:\windows.

ALLUSERSPROFILE   C:\ProgramData
APPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Local

ProgramData   C:\ProgramData
ProgramFiles   C:\Program Files
PUBLIC   C:\Users\Public
SystemDrive   C:
SystemRoot   C:\Windows
TEMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\Windows\ServiceProfiles\NetworkService


svchost.exe [7 instance] is labeled as a 'local' service Host, just waiting to jump into action.

APPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Local

TEMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
USERDOMAIN   NT AUTHORITY
USERNAME   LOCAL SERVICE
USERPROFILE   C:\Windows\ServiceProfiles\LocalService



svchost.exe [8 instance] is labeled as a Network service host, in waiting

APPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Local
TEMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\Windows\ServiceProfiles\NetworkService


spoolv.exe is called the Spooler Sub-system that handles printing chores automatically for the user. This service is
called directly by Services.EXE and has an identical environment.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
PATH   C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


svchost.exe [9 instance] This instance is a non-Network related Host.

APPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Local

TEMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
USERDOMAIN   NT AUTHORITY
USERNAME   LOCAL SERVICE
USERPROFILE   C:\Windows\ServiceProfiles\LocalService

HPSupportSolutionsFramework is called by Services.EXE directly.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


LSSrvc.EXE is the Lightscribe printing service that burns labels directly on specially manufactured CD's and DVD's. I
ran out of such disks months ago, so this service sits and waits for me to replenish.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
Path   C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


mbamscheduler.exe is called directly by Services.Exe with the following environment variables.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


mbamservice.exe is a Host called directly by Services.Exe.  This service then calls mbam.exe which has a couple of
memory variable locations that resemble the environment found inside Explorer.exe.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
Path   C:\Windows\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


mbam.exe is called by the mbamservice.exe and has a different USERNAME and USERPROFILE than the calling host.

TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERNAME   LARRY
USERPROFILE   C:\Users\Default


MSCAm532,exe has the same environment as Services.Exe.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


NBService.EXE is called by Services.Exe as required and shares memory variables.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


daemonu.exe is part of the Nvidia Settings Update Manager and is called directly by Services.Exe

__COMPAT_LAYER   VistaSetUp
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERNAME   LARRY
USERPROFILE   C:\Users\Default



svchost.exe [10 instance] A network service Host in waiting.  I hope you're starting to see a pattern.

APPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Local
TEMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\Windows\ServiceProfiles\NetworkService


locator.exe is another direct call Service.


APPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Local

TEMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\Windows\ServiceProfiles\NetworkService
windir   C:\Windows
 
Svchost.exe [11 Instance] is labeled as a WerSvcGroup Service in waiting.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


SearchIndexer.Exe This is a Hosting service called by Services.Exe.  It calls SearchProtocolHost.Exe and
SearchFilterHost.Exe.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\Local

TEMP   C:\PROGRAMDATA\Microsoft\Search\Data\Temp\usgthrsvc
TMP   C:\PROGRAMDATA\Microsoft\Search\Data\Temp\usgthrsvc
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


SearchProtocolHost.Exe This service is called by SearchIndexer.Exe.  Notice the unique TEMP and TMP values match those
of the calling Service.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\Local

TEMP   C:\PROGRAMDATA\Microsoft\Search\Data\Temp\usgthrsvc
TMP   C:\PROGRAMDATA\Microsoft\Search\Data\Temp\usgthrsvc
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


SearchFilterHost.Exe One of two services called by SearchIndexer.Exe.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\Local
TEMP   C:\PROGRAMDATA\Microsoft\Search\Data\Temp\usgthrsvc
TMP   C:\PROGRAMDATA\Microsoft\Search\Data\Temp\usgthrsvc
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$

The unique TEMP and TMP values are shared by these three services, all within the LARRY_HP domain


xAudio.Exe is probably the most missed service (it's broken...haven't heard a new tune in 10 days or more) on the
system and one that is called directly by Services.Exe

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL

TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


wmpnetwk.exe  A Windows Media Service called directly from Services.Exe.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


ehsched.exe A Windows Media Player Service called directly from Services.Exe

APPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\NetworkService\AppData\Local
TEMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\Windows\ServiceProfiles\NetworkService


ehrecvr.exe A Windows Media Player Service called directly from Services.Exe


APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$


PresentationFontCache.Exe is called directly from Services.Exe

APPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming
LOCALAPPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Local
TEMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
USERDOMAIN   NT AUTHORITY
USERNAME   LOCAL SERVICE
USERPROFILE   C:\Windows\ServiceProfiles\LocalService


svchost.exe [12 instance] is labeled as a Local Service No Impersonation.

APPDATA   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming

TEMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
TMP   C:\Windows\SERVIC~2\LOCALS~1\AppData\Local\Temp
USERDOMAIN   NT AUTHORITY
USERNAME   LOCAL SERVICE
USERPROFILE   C:\Windows\ServiceProfiles\LocalService


svchost.exe [13 instance] is labeled as the secsvcs service and is part of the Window's Defender service.

APPDATA   C:\USERS\LARRY-PC$\AppData\Roaming
HOMEPATH   c:\Users\LARRY-PC$
LOCALAPPDATA   C:\USERS\LARRY-PC$\AppData\LOCAL
MpConfig_ProductAppDataPath   C:\ProgramData\Microsoft\Windows Defender
MpConfig_ProductCodeName   AntiSpyware
MpConfig_ProductPath   c:\program files\windows defender
MpConfig_ProductUserAppDataPath   C:\USERS\LARRY-PC$\AppData\Local\Microsoft\Windows Defender
MpConfig_ReportingGUID   0CA2C2EE-C5BE-4E71-8B03-B4603DF77DAB
TEMP   C:\Windows\TEMP
TMP   C:\Windows\TEMP
USERDOMAIN   LARRY_HP
USERNAME   LARRY-PC$
USERPROFILE   C:\USERS\LARRY-PC$

That completes a list of environment variables for the various Services that ARE running currently on my gimped 12 year old HP
Pavillion PC that is on it's last leg.  I'm going to next try to cover the services that are not running for whatever reason.
For this purpose, I'll be referring to the various errors and warnings that appear in my Event logs that point to broken
services and bad system calls.  More on that next time.

30
General Computer Support / Re: Vista Help Pls - Bad Install (and then some!)
« on: September 28, 2015, 11:30:18 pm »
Thank you for the reply AND for the continued suggestions. 

During my all-nite vigil to get to the 'bottom' of this, I happened to look at the Environment for the systems and applications that were running after a reboot or cold system start.  Many of them have an invalid user name.  My PC's name is Larry-PC and my user name is (who-hoo) Larry.  The system at some time or other during this ordeal, has created a new c:\users\Larry-PC$ folder which is missing many of the needed folders and data sub-folders for programs that need them to run.  The environment (when I check with the SET command in a CMD box), shows the User name to be Larry, but the environment for many of the running apps and services shows a User name of Larry-PC$.   

In the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList contains six entries and none of them contain a user name of Larry-PC$.   The profileimagepath  entries match what I've found to be default (correct) entries, except at the time the environment is set up at system-start, the wrong user name is active.  It looks like a service is unable to pass on the desired settings to a crucial service that crashes when it can't find it's set up files and starts the whole chain of service malfunctions. 

The current definition of TEMP is TEMP=C:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp as shown by the SET command even though I've defined it (hard coded in the Top box where you set System Properties Environment Variables) as c:\Users\Larry\Appdata\Local\Temp and in the bottom System Variables box it shows up as c:\Windows\Temp.   

For some of the running services and apps, the TEMP and TMP variables show up as c:\Windows\Servic~2\LocalS~1\AppData\Local\Temp. and the Username is "LOCAL SERVICE". 

The following gleaned from Process Explorer:

NVTRAY.EXE shows a Username of Larry, a Userprofile listed as C:\Users\Default and TEMP as C:\Windows\Temp. 
Mbamservice.exe shows a Username of LARRY-PC$ and a UserProfile of C:\USERS\LARRY.
DWM.EXE (Desktop Windows Manager) has a Username of Larry  and a UserProfile c:\Users\Default.
XAudio.exe shows a Username of Larry-PC$, Userprofile is c:\users\Larry-PC$, TEMP is c:\windows\temp, LocalAppData is c:\users\Larry-PC$\Appdata\Local and Appdata is c:\windows\temp, LocalAppData is c:\users\Karrt-PC$\Appdata\Roaming.

The more I dig, the more it looks like I've got some corrupted NTUSER.DAT files and that's the topic I'm researching before taking any further steps.  Based on one article I found online, I ended up copying tokens.dat from one SoftwareLicense folder to another and now Windows Vista is telling me that "This copy of Windows is not genuine.".  Guess again, oh great rich white father who drives us crazy with his operating systems that test our patience and drive us fruit-bat bonkers.  I'm hoping the 'genuine' incidence will be easier to fix once the rest of the jumbled corruption is taken care of.  I have hopes that soon, very soon, I'll be getting a substantial settlement from the Canadian tax man and that a new PC will be replacing my current 12 year old HP Pavilliion.   In the meantime, I am regularly making the plants and dust bunnies nervous with my outbursts of anguish.

31
General Computer Support / Re: Vista Help Pls - Bad Install (and then some!)
« on: September 28, 2015, 05:50:11 am »
Quote from: Boggin on September 27, 2015, 03:56:15 am

Run a cmd prompt as an admin by going Start - type cmd then right click on cmd and select Run as administrator - accept the UAC then enter these cmds

net stop sppsvc
(wait until the service has stopped before entering the following lines)
//////// The specified service does not exist as an installed service   <----------Got this error message

Quote
CD %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform

I didn't find SoftwareProtectionPlatform folder, but did find SoftwareLicensing folder which contained the tokens.dat file.  HOWEVER when I tried to rename the file in that folder,

Quote
REN tokens.dat tokens.bar

//////// The process cannot access the file because it is being used by another process.  <-------------Got this error message

That's as far as I got.  I took the hint that you probably know exactly what you are talking about so I created a SoftwareProtectionPlatform folder and copied the tokens.dat file into it and rebooted.  I'll add details of what happened next after the reboot.

After the reboot, I was able to rename the tokens.dat file in the new folder I created. 

Quote
net start sppsvc

//////// The service name is invalid.   <----------Got this error message

I did try to rename the tokens.dat file in the SoftwareLicensing folder but got 'The process cannot access the file because it is being used by another process' error again.  I could not find any reference to either 'SoftwareLicensing' or 'SoftwareProtectionPlatform' in the registry as part of a location address.  ( I remember creating the 'SoftwareLicensing' folder in a couple of User folders when I was getting specific errors that suggested some app or service was looking for the directory to exist, but I do not remember creating a folder in the c:\windows\serviceprofiles folder.  But then again, who knows, as I do believe the medications we programmers and nerds use in Canada are at least 20% stronger than the ones used elsewhere. 

When going through the list of services yesterday, I found one by the name of stllssvr  (it was listed in all lowercase) but it was disabled. 

32
General Computer Support / [SOLVED]Vista Help Pls - Bad Install (and then some!)
« on: September 26, 2015, 06:30:55 pm »
I posted a new thread in Tweaking.comSoftware forum a few days ago with details of a UserProfile service problem.  When trying to run the latest Portable Windows Repair Tool, an "Invalid Picture" error resulted.  The latest main Repair tool also failed to install, with a blink. 

Today, I found some new clues that might help diagnose what the (blank) is going on and what changes should I attempt to rectify the situation. Any assistance would be appreciated.

While looking for something else, I came across two weird folder names  that I don't think should be there.  And in the folder, was a file (see below) containing xml data and a reference to <EXE NAME="Repair_Windows.exe". 

c:\windows\System32\%USERPROFILE%\Appdata\Local\Temp\{7e27814d-610e-4719-b04a-2d66121cfcc9}\appcompat.txt

In the c:\windows\System32\%USERPROFILE%\Appdata\Local\Temp\ folder, there are three other similar sub-folders with identical contents. That would probably be once for each of the four attempts at installing the non-Portable version. 

================

Here is a list of errors and warnings (From the Admin-view Event Log) that I'm getting at each PC startup or reboot:

The winlogon notification subscriber <Profiles> was unavailable to handle a notification event.

SL Token Store 'Initialize' failed with error hr=0x80070005.
Info: C:\Users\Default\AppData\Roaming\Microsoft\SoftwareLicensing\

The Software Licensing service failed to start. hr=0x80070005, [2, 7]

The winlogon notification subscriber <Profiles> was unavailable to handle a critical notification event.

DCOM got error "1053" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-21-2314216272-3108050197-1080286441-1000\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.

The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-21-2314216272-3108050197-1080286441-1000\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.

DCOM got error "1053" attempting to start the service winmgmt with arguments "" in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

More details in the other thread. http://www.tweaking.com/forums/index.php/topic,3672.0.html After a week of searching the web for clues and suggestions, I'm still looking for a solution. If the restore disks/application would work, I would have gone that route three days ago.  Hooped in Vancouver. has been my new middle name this past week and I'm starting to hate the 'me' that's evolved.

33
Tweaking.com Support & Help / Invalid Picture Error (Latest Portable Version)
« on: September 20, 2015, 01:52:09 am »
Before posting this, I did a search of the Forum and found only one previous report of this error.  I was hoping for more reports of this problem and a possible solution.  I've got a seriously messed up PC running Viista Home Premium.  At start-up, I'm seeing the "Failed to connect to a Windows Service: User Profile Service".  All this started when I tried to stop the Task Scheduler from sucking up all the resources.  To be honest, I'm not sure what I did to cause the cascade of errors.  As an ex-programmer I should know better to document my steps.  The worst part of this mess is that I can't even get the original HP System Recovery disk(s) to run as it also starts up with an error and since the operating system was pre-installed on the PC, I have no Install disks to fall back on.   After Tweaking.com's utility failed to work, I looked for other similar tools.  Win Thruster looked promising but from my research, it looks like it's a scam of major proportions and a program to avoid at all costs. 

I did find plenty of reports of the "Invalid Picture" error with VB6 apps but no solutions or workarounds.  So I guess I'm up that famous 'smelly' creek without a paddle.  What a mess! What a mess!

== edit ==
I did try to run the tweaking.com_windows_repair_aio_setup.exe in both Safe and Regular mode (with MSSE turned off) logged in as administrator and nothing happened.  The cursor would flash into 'busy' mode for a brief second and then nothing.  Task Manager showed no activity as did Process Explorer.

== edit 2 ==
This PC has been running weird for the past month or more.  Symptoms include freezing up while showing full-screen videos (nVidia); loosing key-board short cuts in games like Spider Solitaire (pressing F1 would restore shortcuts temporarily); freezing up while compiling videos in Windows Movie Maker; a USB mouse would stop working for seconds at a time.

At the moment, with some of the system's service gimped, I'm not seeing my usual Vista Video enhancements and many programs fail to remember that they are my default browser (Firefox) and the internal Error viewers are unable to display dependencies.  Errors include a lot of entries in the Windows update log with \\?\c:\windows in the intended file address ;

DCOM got error "1053" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

DCOM got error "1053" attempting to start the service winmgmt with arguments "" in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-21-2314216272-3108050197-1080286441-500\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently

DCOM got error "1053" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC

This morning, I gave up trying to look for fixes (it's Sunday after all) and decided to play Spider Solitaire and the short-cut issue isn't happening and the same mouse never once gave up in the hour or more that I goofed off a bit.  I forgot to mention that the sound service is also not working.  USB services are fine.  DVD burning works.  No problems with Firefox except for the default browser forgetfulness thingy.

== edit 3 ==
Here is a list of errors and warnings from the Event Log (Administrator view) after a cold startup:

The winlogon notification subscriber <Profiles> was unavailable to handle a notification event.

SL Token Store 'Initialize' failed with error hr=0x80070005.
Info: C:\Users\Default\AppData\Roaming\Microsoft\SoftwareLicensing\

The Software Licensing service failed to start. hr=0x80070005, [2, 7]

The winlogon notification subscriber <Profiles> was unavailable to handle a critical notification event.

DCOM got error "1053" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-21-2314216272-3108050197-1080286441-1000\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.

The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-21-2314216272-3108050197-1080286441-1000\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.

DCOM got error "1053" attempting to start the service winmgmt with arguments "" in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}




Pages: 1 [2]