Tweaking.com Support Forums
Main Forum => General Computer Support => Topic started by: RaveRocks on October 02, 2015, 09:21:06 pm
-
I think I found what ails my PC. I found a blank entry in Winlogon\GPExtensions list. And from the online research the entry that's blank has the GUID that should run the Administrative Templates that start the user services and group policies via userenv.dll
I'm running Windows Vista Home Premium 32bit. Could someone running the same version please extract the contents of that key for me and post the results so that I can populate the key?
The GUID I'm needing is: 35378EAC-683F-11D2-A89A-00C04FBBCFA2 (that's the only blank one)
The full location is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\GPExtensions\
By the way, I've checked a couple of old backup's made by JRT back in April and May of this year and the value of that key was blank way back then. I remember I needed to get jiggy with some nasty malware around that time. Life's lessons are tedious at best.
=====edit01======
I've been searching for an online reg file solution the past few hours and the thought occurred that others are having similar errors and that this is more than likely caused by malware of some sort. In almost every case that I've come across, services in the GPExtensions stack have not been deleted but more often all of the subfolders/attributes have been deleted.
I'm not sure if the Windows Repair tool checks this 'Run Once at StartUp' command list for blanked out or invalid entries because this is a clever way of killing a bunch of security services while leaving other services running that the malware needs. It's actually quite silly that Windows has no built in fall-back procedure if one of it's key systems isn't where it's supposed to be. A cascade of errors can be caused by one blanked out registry entry. In the old DOS world, if you wanted to mess with the operating system at the level we're talking about, you'd have to mess with assembler or compiled code. Gates has given us a system full of back doors and loop holes. By exposing the registry, Windows makes all of us vulnerable to having our high-speed internet connections used by nefarious nerds of various ages. Now I ask you, how much code would it take to ensure such key systems are running and available?
While I'm asking questions that I don't expect answers to, I was looking at the logs and noticed one system (MCIupdate) that was running twice a minute, with the obligatory log entry each time. The spooler service is sending one error a second to a log file. It's pointing at a registry address that does not exist. I found the only existence of that particular location in an xml file. I renamed it to *.old, only to have it appear again a few seconds later. Now that's good management of resources. It's absolutely no wonder that svchost is eating up such a huge volume of cpu clicks. With the help of Process Explorer, I've had more of a look at the innards of Windows Vista than I really wanted, but the closer I look, the quicker I want to dump it.
-
Well, there's no guarantee that upgrading to Win 10 would resolve that missing key.
Do you think that key could be the same in Vista 64 bit ?
The reason I ask is because I have a Vista x64 SP2 ISO from which I could send you a couple of disks.
-
Thank you for the offer, but I have a couple of friends with computers and I'm going to bring a USB stick with me when I visit them this weekend. Hopefully by Sunday I'll have the fix I need. Perhaps some kind soul still running Vista SP2 32bit can take a couple of minutes to export the key to a reg file for me.
Again, thank you very much for the offer, but I'd hate to put you to that level of trouble over what amounts to less than 1K worth of data.
-
It wouldn't be a problem - I've already sent Win 7 ISOs to people for repair purposes.
-
I found this in the hklm.txt file that gets installed with Windows Repair. Except for the GUID, it's all solid insoluble goop to me, but methinks one of your utilities might make some sense of it.
"machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464G:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAIAR(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)"t
That's in the hklm text file it looks like something manageacl uses to set registry permissions.
-
I hope that query was directed to Shane :smiley:
-
Today's search has brought me to the following information about the registry object I'm wanting to rebuild.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}]
"Status"=dword:00000000
"RsopStatus"=dword:00000000
"LastPolicyTime"=dword:01088622
"PrevSlowLink"=dword:00000000
"PrevRsopLogging"=dword:00000001
"ForceRefreshFG"=dword:00000000
lists the data structure that I need to implement. I've tried to use regedit to add the data fields but I'm getting an "Error writing to the Registry". Suggestions please.
====edit01====
I got past the Permissions barrier and was able to make the additions to the entry and guess what, it didn't make a tinker's cuss of difference. What I'm wondering if Windows innards ask for and replace data by name or number. If by number, I may be screwed. I entered them in the order displayed in my message above, however regedit is now displaying them in alphabetical order. Did I mess something up ?
-
You don't appear to have run a sfc /scannow or chkdsk /r to see what they report.
Download the 32 bit ISO from http://getintopc.com/softwares/operating-systems/windows-vista-home-basic-download-iso-32-bit-64-bit/ and then use https://www.microsoft.com/en-us/download/windows-usb-dvd-download-tool to create a bootable Vista x32 SP2 install disk.
If sfc /scannow reports that it cannot repair some files, then you can boot up with the disk and perform an offboot sfc /scannow but you can view the CBS log by entering -
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt
This will put an icon onto the Desktop which will open the CBS log in Notepad.
This is for an offboot sfc /scannow in Win 7, but I would think it would be similar in Vista http://www.sevenforums.com/tutorials/139810-sfc-scannow-run-command-prompt-boot.html
When booting up with the install disk, instead of the splash screen as is shown in the tutorial, it may first take you to an inverse window with the top item - Windows Set up (EMS Enabled)
If that is the case, then just press enter and it will take you on from there.
I think the only other alternative would be a factory reset.
-
Yes I did run the entire batch of repairs from beginning to end - - twice. I've run sfc /scannow at least daily and it comes up clean. I ran chkdsk tonight as well and it also had no errors. I am less than a half inch away from a Factory Reset. I am less than 6 inches away from throwing the entire computer off the balcony. I bought a 1 TB external hard drive less than two weeks before all hell broke loose and 99% of my important data has been off the main hard drive for the past 20 days. I've prepared all the install files for my key applications and I no longer fear the inevitable. I guess I was hoping for a miracle and instead I'll have to settle for a tootsie roll.
-
As you have everything backed up safe then it would probably be best to go that half inch - otherwise you'll end up with grey or no hair and ulcers :D
-
Monday afternoon blues have set in. I downloaded the HP Vista Install Disks as suggested, burned them and when run I get the message: "This PC is not supported by the System Recover Discs. You will not be able to continue to recover this system with these discs." Minor setback. Also, I can't get out of Safe Mode. It seems the registry that regedit is having me view and edit is NOT the registry that the system is using.
Side comment. The expression "L00py" when applied to the human brain, describes the mental state we often get into when tackling a problem or bad memory, a sad loss or other PTSD like experience. It's the inability to stop thinking about something. It's the loop-tape repetitive thought that just won't go away. Computer programmers often get into that state of mind. It's one of the reasons I forced myself to quit the profession. The past few weeks have been that kind of L00py experience for my brain. (It's funny my spell-checker isn't catching the spelling of loopy with the embedded zeros, hehe.) And I'm waiting to get out of this conundrum so I can get back to the relaxed brain of a semi-retired person.
When I quit my career as a coder, I tried to clear my long-term memory of all the rules I had embedded there. I'm here to report that the knowledge is still there after 15 years of trying to forget. I guess we should be thankful there is no regedit for the brain.
-
Monday afternoon blues have set in. I downloaded the HP Vista Install Disks as suggested, burned them and when run I get the message: "This PC is not supported by the System Recover Discs. You will not be able to continue to recover this system with these discs." Minor setback. Also, I can't get out of Safe Mode. It seems the registry that regedit is having me view and edit is NOT the registry that the system is using.
Side comment. The expression "L00py" when applied to the human brain, describes the mental state we often get into when tackling a problem or bad memory, a sad loss or other PTSD like experience. It's the inability to stop thinking about something. It's the loop-tape repetitive thought that just won't go away. Computer programmers often get into that state of mind. It's one of the reasons I forced myself to quit the profession. The past few weeks have been that kind of L00py experience for my brain. (It's funny my spell-checker isn't catching the spelling of loopy with the embedded zeros, hehe.) And I'm waiting to get out of this conundrum so I can get back to the relaxed brain of a semi-retired person.
When I quit my career as a coder, I tried to clear my long-term memory of all the rules I had embedded there. I'm here to report that the knowledge is still there after 15 years of trying to forget. I guess we should be thankful there is no regedit for the brain.
Well, what you could do is boot up your OS as a secondary hard drive. Using "hirens boot cd" as a mini xp.
Go into "C:\Windows\System32\config"
back up your current "SOFTWARE" file. To some where.
Then replace "SOFTWARE" with an older backup. Although you said your older back ups were missing the keys?
But what you could do is just for fun, is reinstall windows vista 32bit on other drive on the same computer with the same setup. And take that SOFTWARE file from a fresh install and replace it with your current OS (But not before you make a backup). Just to see what happens. If something goes wrong, you can always revert to the back up.
-
Ok, the latest twist. Ready? I get a link from HP Support to buy a disk set for my exact model - - price tag $27.00, which is not the problem. The only payment methods are an HP gift card number or PayPal. Not just any gift card, but one I have to buy from I don't know who or use PayPal. For me to send via PayPal will require me to open a US$fund account at my bank and then open a PayPal account and link them to my new bank account.
Another HP twisted tale to add. I do have the original Repair disks for this machine, but every time I attempt to use them, I get a 1012 error, to which I am told to update the firmware for my DVD burner, which happens to be another HP product. HP's website details how to find out the current firmware version, but their screen shots and menu choices are for Windows 7 and don't work on Vista. I go search online and find the test program to find out my current firmware version, etc. and then search the HP site for firmware updates and get a 'nothing found' error.
I'm sure I'll never get another HP product after this ordeal and I'm very amazed they can't provide a download solution for a 9 year old operating system.
Speaking of Microsoft, I tried to join their tech forum only to get a form to fill out, listing the last three people I sent emails to and the last three people I spoke to on the telephone. I was too amazed to respond.
-
You wouldn't be able to repair or custom install with the downloaded ISO disk unless you had a valid retail key with yours being an OEM install.
However, you would be able to extract the file you are looking for.
http://www.vistax64.com/tutorials/261616-extract-files-vista-installation-dvd.html
As a workaround to the disk drive firmware problem, perhaps buying an external disk player would be feasible.
I'm not sure if going into Device Manager, right clicking on the CD/DVD drive and selecting Update Driver Software would get you the firmware, but a disk player requiring a firmware update to function sounds crazy.
-
The set of ISO's I downloaded were for HP Vista Home Premium 64 bit with the description on the website suggesting that the disks probably would work for 32 bit installations as well.
And my DVD burner is an external model HP Dvd-Writer 1270e. Windows Vista doesn't have screens that display the firmware of the burner.
-
Oh, thought the DVD drive was built in.
As it is an external drive then you would need to go to the device's support site for any updates.
You can't use a 64 bit ISO on a 32 bit system or vice - versa so you'll need to download the 32 bit ISO for your system.
If you booted up with the 64 bit disk, Windows would tell you that you couldn't use it.
-
You can't use a 64 bit ISO on a 32 bit system or vice - versa so you'll need to download the 32 bit ISO for your system.
There is no download available for the 32 bit system ISO's. HP has two options: either buy the disk set or download an upgrade module that updates the installed recovery system on drive D:. I've tried option number 2 and it doesn't detect the recovery files already installed there and the application has the nerve to accuse me of interrupting the creation of a recovery partition. Pretty lame programming if you ask me.
This may be repeat information, but I already have original System Recovery disks (HP5013-8477 & HP5013-8478) which result in a 1012 Error. HP support says to update the DVD writer firmware to get rid of that error, except there is no update that I can find.
I'm not sure who is responsible for the ads that appear on your site, but I'm looking at one now for www.driverupdate.net which is reported to be another one of those scam sites.
=== edit01 ===
I just saw that same ad while at another site. In this ongoing ordeal, I have learned to look for site reviews before allowing any site to have access to my machine. Scammers are numerous.
-
I'm in the process now of downloading and saving the 32 bit ISO from the link I had posted - it says it will take about 54mins so will get back later to see if the Windows program can create a bootable disk from it.
Did you go to the external disk drive support site to see if they had any updates ?
Should the machine be detecting problems with an internal CD/DVD player, then go into Device Manager, right click on the drive and select Uninstall and without rebooting, see if the recovery disk will work then in the external drive.
I use AdblockPlus in IE because my ISP's home page and e-mail is crapped out with adverts which slows up their availability to do anything with them, but Shane has no control over which adverts appear on this website.
-
UPDATE - For some reason the Windows Burner Tool doesn't recognise the 32 bit ISO as an ISO and yet I have been able to create a bootable disk with the 64 bit one - albeit a little while ago.
It's in excess of 2GB so it looks to be about the right size to include the bits required to make it an ISO, but as MS have been issuing Desist orders for Win 7, wonder if this has also been affected, although with a Desist order the file download link probably would no longer have worked.
Puzzled about this.
Did you try uninstalling the internal DVD drive to see if the recovery disk would work in the external one ?
-
The internal DVD drive became unusable a couple of years ago and I removed it from the PC.
I will try the uninstall of the external drive and see if that works.
In a message yesterday on the HP support site, I found out that HP has absolutely no support people monitoring or responding to problems. The only people who do respond are volunteers. That's a bit short sighted, in my opinion. That means FOR SURE no more HP products will ever get purchased again for any of my systems.
-
I've noticed that HP have a pretty decent online Diagnostic setup for desktops and laptops, but someone to speak to for the more obscure problems would have helped.
I wonder if the computer still thinks you have the internal disk drive installed - is there anything in Device Manager ?
Also wondering if removing the Upper and Lower Filters with the external drive disconnected would stop the error message ?
https://support.microsoft.com/en-us/kb/929461
-
I checked out that registry key and there was no upper and lower filter entries as the article suggested. And if there is a firmware update for my DVD Burner, HP is doing a damn good job of hiding it.
-
I found this in the hklm.txt file that gets installed with Windows Repair. Except for the GUID, it's all solid insoluble goop to me, but methinks one of your utilities might make some sense of it.
"machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464G:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAIAR(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)"t
That's in the hklm text file it looks like something manageacl uses to set registry permissions.
That doesnt install the key, that is simply the permission information for the manageacl program to apply. It only applies the permissions it does add or change any registry key data or info :-)
I have been gone for the last 3 weeks programming like mad and just got back to the forums, I have gone through over 100+ threads and so forgive me for not reading every post in this thread as it is a little long.
What is the current situation? How are things? Also in the first post, did you confirm if that fixed you up? i am always open to any info that i can safely automate and add to the repairs :cheesy:
Shane
-
I checked out that registry key and there was no upper and lower filter entries as the article suggested. And if there is a firmware update for my DVD Burner, HP is doing a damn good job of hiding it.
If it is a non-HP external disk drive then HP wouldn't have any updates for it.
What is the make and model of the disk drive ?
-
My DVD burner is an external model HP Dvd-Writer 1270e. I've got boot order set to Floppy, DVD, Hard=drive.
-
If this method doesn't find an update for you http://support.hp.com/gb-en/document/lpg40607 then you could try the workaround in http://h30434.www3.hp.com/t5/Desktop-CD-DVD-Read-Only/Hp-DVD-1270/td-p/188235/page/3 of using the XP 1270e HH22 200 firmware which you may want to "punch in" into the HP support site.
The only other Google link I've found for that firmware is http://burners.burn4free.com/hewlett-packard/hp-1270e-driver.htm which Norton said was unsafe and kicked it out.
If you can't get the firmware update through official means, I don't know what else to suggest for that.
-
The first link I'd already seen and yelled (typed very hard on the keyboard) at HP for screen shots and menu choices that were not applicable to Windows Vista. I had to find a third party tool to find out the burner's current firmware version. The results showed only HH which is also the first two characters of the supposed available upgrade which I cannot find. (I did find a post that the firmware had to be updated so the burner would work properly with Windows 8.) The burn4free link gets an instant red flag from my security software and when I over-rode the warnings and went further into the links at the site to try to start the offered firmware update, more intense red flags appeared so it does look like burn4free is another scam to be avoided. Too bad.
And since the other link you provided has a long standing cuss word embedded (XP), I left that until last. Vista is the newest addition to my cuss list and I've been using it often and loud. I live a mile or two from the US-Canada border and I'm sure some of the more colorful shouts from my roof-top balcony have been heard in Redmond Washington. It's no wonder so many Americans need stress and ED pills. It's all the fault of Bill Gates.
-
I used to use the free version of Slimdrivers but found it came with a built in PuP which I think the free version of MBAM or SuperAntiSpyware would remove, but dumped it when it said it had updated a Network driver just to find I still had the same dated driver afterwards.
http://www.driverupdate.net/
I suppose you could give it a try to see if it snags the disk drive as needing updating and then uninstall Slimdrivers after, using a 3rd party uninstaller as it's a persistent Bd.
While I've never used it, IObit's driver updater is another free program you could use, but look for any PuP boxes during its install - here are some others you could try - but it depends upon what they have in their Database of drivers whether any will find what you need.
http://pcsupport.about.com/od/driversites/tp/free-driver-updater-tools.htm
-
A sidenote to uninstalling a DVD burner within a gimped Windows Vista system (at least in MY gimped Windows Vista system). Nero 9 (it came with the burner) stopped working after a recent reboot, coming up with an "Invalid Parameter" error when attempting to burn any DVD. My burner is 'Lightscribe' compatible and when the background system automatically reinstalled the drivers for the burner after the aforementioned reboot, the subsystem missed linking in the appropriate Lightscribe plug-in for Nero. The fix was to re-install Nero. I did not have to uninstall Nero as Nero's install program recognized the re-install as a repair and quickly offered the plug-n and no more "Invalid Parameter" error message from Nero. (This did not fix the 1012 error from the Recovery disks.)
-
Any luck with either of the driver updater programs ?