Skip to main content

Windows XP - Reset Registry Permissions & Reset NTFS Permissions

When repairing a computer after a virus, it is always wise to Reset Registry Permissions to factory defaults using the following process:

  1. Click Start - Run.

  2. Type: cmd

  3. Hit Enter.

  4. Type: secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose

  5. Hit Enter.

  6. Upon completion, reboot.
On very rare occasions, this command may produce the error: "Extended error."  It will then direct you to review the log file located at: %windir%\security\logs\scesrv.log

Upon review the log file, you may see an entry related to RemoteRegistry.  If you are working on a Windows XP Home computer, the RemoteRegistry Service is not included with this edition of Windows.  Therefore, this error can be ignored.

But then you may see the following error within the log file:

----Configure File Security...

Configure c:\.

File Security configuration was completed with one or more errors.

This may simple be the fact that there are directories in the root of C that cannot be enumerated by secedit.  To resolve this issue, view hidden files and folders and delete extraneous folders that do not contain personal data.  Secedit may now run properly.

This may also occur because the NTFS Permissions of the C Drive have been changed by (a) the computer user, (b) a program or (c) a virus.  To resolve this problem, you need only Reset NTFS Permissions to factory defaults using the following steps:
  1. Click Start - Run.

  2. Type: cmd

  3. Hit Enter.

  4. Type: secedit /configure /cfg "%systemroot%\security\templates\setup security.inf" /db waisaw.sdb /verbose

  5. Hit Enter.

  6. Reboot.

  7. Click Start - Run.

  8. Type: cmd

  9. Hit Enter.

  10. You can now Reset Registry Permissions by typing: secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose

  11. Hit Enter.

  12. Upon completion, reboot.

http://www.smartnetadmin.com
Labels:

Comments

Post a Comment

Popular posts from this blog

Access Denied (policy_denied). Your system policy has denied access to the requested URL. For assistance, contact your network support team.

While browsing the internet, you may encounter the message: "Access Denied (policy_denied).  Your system policy has denied access to the requested URL.  For assistance, contact your network support team."   This message indicates the internet traffic is being filtered.  The most common source of an internet traffic filter is in corporate environments that use a proxy server or a firewall appliance designed to filter web traffic.  Some businesses are configured as satellite locations using a VPN tunnel.  In these configurations, the VPN may be configured to filter internet traffic.  In rare instances, the Internet Service Provider is filtering internet traffic.  Typically though, your IT Department or a Network Management Team has configured your internet traffic to be filtered.  Isolating Source of Web Filtering In an environment that is unmanaged and the source of the filtering is unknown, following are some steps you may wish to peform: Th...
3 comments
Read more

Event ID: 7001 - Source: VSS - Unable to create a shadow copy

When using Microsoft Windows Server, you may encounter the error message: "Unable to create a shadow copy."  In the Event Viewer, you may find the following Event: "Event ID: 7001 - Source: VSS - Unable to create a shadow copy."  This event involves the Volume Shadow Copy Service (VSS).  Most likely the Server was rebooted while creating a Shadow Copy.  Many websites describe deleting or renaming the C:\WINDOWS\SYSTEM32\WBEM directory used by Windows Management Instrumentation to resolve this issue.  This is not correct.  Following are the steps to resolve this issue: Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Click the Shadow Copies tab. Select the appropriate Volume. Click Disable. Click OK. Click Start - Control Panel - Administrative Tools - Scheduled Tasks. Delete all tasks related to the Volume Shadow Copy Service. Reboot the Server. Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Cl...
Post a Comment
Read more

How do you stop an unstoppable Windows Service?

You may encounter a Windows Service in Services that has the buttons for Start, Stop, Pause and Resume greyed out.  If you attempt to stop the Service using sc stop [servicename], you encounter the error message: "The requested control is not valid for this service."  To resolve this issue, please perform the following steps: Click Start - Control Panel - Administrative Tools - Services. Double-click the relevant Service. Change the Service Start-Up Type to Disabled. Click Apply. Click OK. Hit CTRL-ALT-DEL on your keyboard. Select Task Manger. Perform an End Task on the relevant Service. This issue has been resolved. http://www.smartnetadmin.com
Post a Comment
Read more