Windows 7 permissions issue?

C

cyclone3d

Fully [H]
Joined
Aug 16, 2004
Messages
16,420
So I have a client who has two identical computers that this problem happened to at the same exact time and for the life of me, I can't figure out how to fix it unless I do a clean install of Windows which is not really a very good idea considering that there is shipping and cash drawer software that is a super pain in the rear to get working properly in Windows 7.

Initial problem:
When Windows comes up to the logon screen, it says that explorer.exe cannot load due to it not finding shell32.dll.. and of course the file is there and the correct size, version, etc.

After booting into the repair menu and trying a couple things, we are able to get into safe mode without any errors, but normal mode still does the same thing.

In Event viewer, it looks like there is a lot of "accessed denied" errors with every service that is dependent on the RPC server.

C:\Windows and all directories and files under it basically show no permissions whatsoever for elevated accounts such as CREATOR OWNER, Administrators, and Administrator. Trusted Installer has only "special" permissions, and the regular user account has read/execute permissions.

Any attempt to change permissions in the regular permissions screen is met with a permission denied message. After going into the advanced settings, it is possible to actually grant permissions and most of them will stay.... but upon restarting, most of them are back to no permissions whatsoever.

See reply for more info....
 
We have tried system restore.. which says it fails, but upon a reboot into safe mode, it says it was sucessfull.

I have tried using scripts to restore default permissions, which a lot of the changes fail... first time I have seen this happen.

We have run multiple spyware/malware/trokan scanners as well as verified the permissions in the registry.

Nothing out of the ordinary is loading upon startup and I have even tried disabling all possible services.

chkdsk /f has been run multiple times.

I have scoured the web for anybody else having the same type of problem but have come up with nothing after hours of searching.

A repair install is out of the question since Windows 7 requires it be started in normal mode... whose great idea was that?

Group Policies look to be correct/default.
 
I would say try and sfc /scannow
but that requires the Windows Installer service be running.
and it won't run in Safe Mode :(

but can't you boot up into the recovery console and run it?
I thought there was a way to run it using a path (ie, sfc installfolder=C:\Windows or something along those lines)

edit: found the available switches

sfc [/scannow] [/verifyonly] [/scanfile=file] [/verifyfile=file] [/offwindir=win][/offbootdir=boot]

/scannow = This option instructs sfc to scan all protected operating system files and repair as necessary.

/verifyonly = This sfc command option is the same as /scannow but without repairing.

/scanfile=file = This sfc option is the same as /scannow but the scan and repair is only for the specified file.

/offwindir=win = Used with other sfc options to define the Windows directory (win) when using sfc offline.

/offbootdir=boot = Similar to /offwindir, this sfc option is used to define the boot directory (boot).
Click to expand...

http://pcsupport.about.com/od/termss/p/sfc-command-system-file-checker.htm
 
j-sta said:
I would say try and sfc /scannow
but that requires the Windows Installer service be running.
and it won't run in Safe Mode :(

but can't you boot up into the recovery console and run it?
I thought there was a way to run it using a path (ie, sfc installfolder=C:\Windows or something along those lines)

edit: found the available switches



http://pcsupport.about.com/od/termss/p/sfc-command-system-file-checker.htm
Click to expand...

Forgot to mention that I have already done an sfc /scannow. When it finished, it said it replaced some files, but was not able to replace some other files. Upon looking in the log file, the ones it was not able to replace were because of access denied errors.... grrr.
 
Update... here are the steps that I have done so far with no luck making it work properly.

1. System Restore.. to get it to be able to boot into safe mode... otherwise it comes up with a shell32.dll error when explorer.exe tries to load.

2. Change ownership on all folders and files on drive and then change permissions to default. (For some reason they are all defaulting on bootup to an owner called "Trusted Installer"... I don't think this is normal when going into safe mode.)

3. Ran the CACLS script to restore the ACL on files in the windows directory.

4. Ran the secedit script to restore all permissions, including registry permissions, back to default. - came up with an "extended error" that told me to look in the log file to find out what the problem was... turned out to be permissions related... grrr

5. Went into the regedit and took ownership of everything and then changed permissions to default.

6. Ran the secedit script again which amazingly didn't error out again.

7. Ran the secedit/subinacl script after manually installing subinacl because .msi files can't install under safe mode. Most everything changed properly, with a lot less failures then when I tried it before... but still a lot more failures then when using it on XP or Vista.

8. Rebooted and it came up with the same stupid 0xc0000022 explorer.exe failed to load message. Then rebooting agin to go into safe mode, it comes back with the shell32.dll exploerer.exe error. So I have to start back at the beginning by doing a system restore again..... :mad:
 
Well, after trying everything I could come up with, I am going to have to backup the data and completely wipe both systems and start over.

On a side note, I attached the drive from one of the systems up to my computer and the file/folder permissions show up properly.

Not sure if it was a virus or some update from one of the programs that screwed everything up, but nothing came up on any scans I did I couldn't find anything that looked like it was not correct.
 
Well, after wiping the secondary one and redoing it from scratch, I decided to try one more thing on the main computer before I wiped it....

I decided to uninstall CA Internet Security Suite and see if that would fix it even though I had disabled all the CA services and startup items before with no results.

I restarted the computer and it booted properly.... I now will have VERY SERIOUS reservations about ever using this piece of software ever again, and I am definitely NOT puting it back on these two machines.
 
It wouldn't surprise me that the CA software is causing an issue. It's a piece of crap, plain and simple, and has been for a while. I'd just use MSE, and unless you have a very specific need for a firewall, just use the built-in one, as long as you are behind a router.
 
DeaconFrost said:
It wouldn't surprise me that the CA software is causing an issue. It's a piece of crap, plain and simple, and has been for a while. I'd just use MSE, and unless you have a very specific need for a firewall, just use the built-in one, as long as you are behind a router.
Click to expand...

I know..... I wasn't the one who sold them the software.

And, yep, I did put MSE on it.
 
You must log in or register to reply here.
Back
Top