gpedit.msc error

[Sp0iLedBrAt]

So I had to reinstall Windows a few days ago, but all I could find was one of my older CDs, so I just used that. While trying to reply to a post related to the Group Policy Editor, I tried to open the one on my PC and discovered it showed an error

So I looked up the CLSID in the registry and got to gpedit.dll in the system32 folder. Tried to register it and I got

So, am I looking at a situation where I would have to find which files I'd need to add back in order to make it work, or it is something slightly more complicated?

Thank you in advance

[submix8c]

Found elsewhere (not giving link because this had proprietary files) explaining how to add to XP Home. Apparently, what's in XP Pro.

• Copy the following files to %WinDir%\System32\ folder :

• appmgmts.dll

• appmgr.dll

• fde.dll

• fdeploy.dll

• gpedit.msc

• gpedit.dll

• gptext.dll

• Create the following folders (if they do not already exist):

• %WinDir%\System32\GroupPolicy

• %WinDir%\System32\GroupPolicy\ADM

• Copy the following files to %WinDir%\System32\GroupPolicy\ADM\ folder :

• system.adm

• inetres.adm

• conf.adm

• Open a command prompt window by opening Start Menu → All Programs → Accessories → Command Prompt. In the command prompt window type the following commands pressing Enter after each line.

regsvr32 %Windir%\System32\gpedit.dll

regsvr32 %Windir%\System32\fde.dll

regsvr32 %Windir%\System32\gptext.dll

regsvr32 %Windir%\System32\appmgr.dll

regsvr32 %Windir%\System32\fdeploy.dll

• That's it. Now you can open Group Policy Editor by opening Start Menu → Run, typing gpedit.msc and pressing Enter.

HTH

[Sp0iLedBrAt]

Thank you very much. I will try searching first, as I know I already have gpedit.msc and gpedit.dll present on the system.

I will report back.

Cheers

[Sp0iLedBrAt]

The GroupPolicy folder (and the ADM sub-folder) did not exist at all. I did as suggested, extracted the three files from a clean XPSP3 and put them in the ADM sub-folder. All the DLLs were already present in system32, with version 5.1.2600.5512, so SP3.

gpedit.dll and appmgr.dll still can't be registered and the same error occurs. I'll see what happens after I restart.

Cheers

[allen2]

Using procmon to monitor the registry access when self registering the .dll might show the thing going wrong.

[Sp0iLedBrAt]

I used procmon.exe and filtered all the entries that contained 'regsvr32'; they are mostly by the process itself and explorer.exe. The log file itself has "only" got 1300 lines, and I'm unleashing it for all you brave men out there

Cheers

[allen2]

Strange: there is nothing going to HKEY_CLASSES_ROOT\CLSID\{0FDE5092-AA2A-11D1-A7D4-0000F87571E3} where it should register gpedit.dll and nothing at all to clsid.

For appmgr.dll there are 4 CLSID et 2 other entries:

HKEY_CLASSES_ROOT\CLSID\{1BC972D6-555C-4FF7-BE2C-C584021A0A6A}
HKEY_CLASSES_ROOT\CLSID\{7E45546F-6D52-4D10-B702-9C2E67232E62}
HKEY_CLASSES_ROOT\CLSID\{942A8E4F-A261-11D1-A760-00C04FB9603F}
HKEY_CLASSES_ROOT\CLSID\{BACF5C8A-A3C7-11D1-A760-00C04FB9603F}
HKEY_CLASSES_ROOT\AppManager
HKEY_CLASSES_ROOT\AppManager.1

You should check if you have those entries and exports those key from a working XP in the same language and SP and import them.

For gpedit.dll, there are 7CLSID:

HKEY_CLASSES_ROOT\CLSID\{0FDE5092-AA2A-11D1-A7D4-0000F87571E3}
HKEY_CLASSES_ROOT\CLSID\{4F637904-2CAB-4F0E-8688-D3717EBD2975}
HKEY_CLASSES_ROOT\CLSID\{63E23168-BFF7-4E87-A246-EF024425E4EC}
HKEY_CLASSES_ROOT\CLSID\{6DC3804B-7212-458D-ADB0-9A07E2AE1FA2}
HKEY_CLASSES_ROOT\CLSID\{8FC0B734-A0E1-11D1-A7D3-0000F87571E3}
HKEY_CLASSES_ROOT\CLSID\{D70A2BEA-A63E-11D1-A7D4-0000F87571E3}
HKEY_CLASSES_ROOT\CLSID\{EA502722-A23D-11D1-A7D3-0000F87571E3}

Those reg entries are localized and might contains the path to the dll so be carefull the both XP aren't installed in the same directory/drive.

Edited April 20, 2011 by allen2

[Sp0iLedBrAt]

For the first, third and fourth value

HKEY_CLASSES_ROOT\CLSID\{1BC972D6-555C-4FF7-BE2C-C584021A0A6A}
HKEY_CLASSES_ROOT\CLSID\{942A8E4F-A261-11D1-A760-00C04FB9603F}
HKEY_CLASSES_ROOT\CLSID\{BACF5C8A-A3C7-11D1-A760-00C04FB9603F}

there is a CLSID where the default value is REG_SZ and it says "Software installation"

The second

HKEY_CLASSES_ROOT\CLSID\{7E45546F-6D52-4D10-B702-9C2E67232E62}

is found in HKEY_CLASSES_ROOT\AppManager\CLSID\

Edit: This is a log file from trying to register gpedit.dll

Edited April 20, 2011 by Sp0iLedBrAt

[GrofLuigi]

I'd like to think of myself as brave.

In line 298 regsvr32 finally takes over. The command line is correct.

Initializes, does what it has to do, but soon after that Avast\snxhk.dll is loaded (line 343, before are just checks). In line 489 it checks its configuration. Soon after that audio is initialized (maybe to play a warning sound?)

After that, all apears as normal, but nothing is ever written to the registry (ignore Cryptography\RNG\Seed and SessionInformation\ProgramCount. They are written all the time and not important).

Conclusion: Kill Avast in any way you can/like.

(This was written about the previous log. Quick peek at logfile2 agrees).

GL

[Sp0iLedBrAt]

Avast! completely (almost brutally) killed and it still doesn't work.

I just remembered most free antivirus programs don't work in Safe Mode, so that's what I'll do next.

Cheers

[GrofLuigi]

Try unregistering then registering the dlls. Search registry for "GPO-Disabled" and check whats around there ( HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy) . Check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions .

Any firewall? They can also block things in-memory so it will not be seen in ProcMon logs.

Post a trace of the actual MMC startup (gpedit.msc).

GL

Edited April 21, 2011 by GrofLuigi

[Sp0iLedBrAt]

The value for "GPO-Disabled" is 0 and it is found in

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\GPO-List\0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions has 3 different sub-folders that refer to gptext.dll, which registers (and unregisters) successfully. I have exported them and attached them here.

No firewall here, even the default one is disabled. As to the actual gpedit.msc trace, I'm afraid I won't be able to do it in the following days. GL, I'm sure you'll understand

Have a nice, looong weekend.

Edited April 21, 2011 by Sp0iLedBrAt

[submix8c]

Well, this may/may not help -

nLit\I386\AU.IN_       Content+Size
nLit\I386\DOSNET.INF   Content+Size
nLit\I386\FONT.IN_     Content+Size
nLit\I386\HIVECLS.INF  Content+Size
nLit\I386\HIVEDEF.INF  Content+Size
nLit\I386\HIVESFT.INF  Content+Size
nLit\I386\HIVESYS.INF  Content+Size
nLit\I386\HIVEUSD.INF  Content+Size
nLit\I386\INTL.INF     Content+Size
nLit\I386\QMGR.IN_     Content+Size
nLit\I386\SFCFILES.DL_ Content+Size
nLit\I386\SYSOC.IN_    Content+Size
nLit\I386\TXTSETUP.SIF Content+Size
nLit\I386\WBEMOC.IN_   Content+Size
nLit\I386\WMP.IN_      Content+Size
Orig\I386\NHELPER.EX_  SourceNotFnd <-Helper
Orig\I386\NLITE.IN_    SourceNotFnd <-Directive
nLit\I386\SYSSETUP.DL_ Content+Size <-Temp for nLite
nLit\I386\SYSSETUP.IN_ Content+Size <-Temp for nLite
Orig\I386\SYSSBCK.DL_  SourceNotFnd <-Backup
Orig\I386\SYSSBCK.IN_  SourceNotFnd <-Backup
nLit\I386\APPMGR.DL_   TargetNotFnd
nLit\I386\CLOCK.AV_    TargetNotFnd <-(ignore)
nLit\I386\CONF.AD_     TargetNotFnd
nLit\I386\GPEDIT.DL_   TargetNotFnd
nLit\I386\GPEDIT.MS_   TargetNotFnd
nLit\I386\GPRSLT.EX_   TargetNotFnd
nLit\I386\GPTEXT.DL_   TargetNotFnd
nLit\I386\GPUPDATE.EX_ TargetNotFnd
nLit\I386\HISECDC.IN_  TargetNotFnd
nLit\I386\HISECWS.IN_  TargetNotFnd
nLit\I386\INETCORP.AD_ TargetNotFnd
nLit\I386\INETRES.AD_  TargetNotFnd
nLit\I386\INETSET.AD_  TargetNotFnd
nLit\I386\RSOP.MF_     TargetNotFnd
nLit\I386\RSOP.MS_     TargetNotFnd
nLit\I386\RSOPPROV.EX_ TargetNotFnd
nLit\I386\RSOPSNPW.CH_ TargetNotFnd
nLit\I386\RSOPW.CH_    TargetNotFnd
nLit\I386\SECPOL.MS_   TargetNotFnd
nLit\I386\SWTCHBRD.BM_ TargetNotFnd
nLit\I386\SYSTEM.AD_   TargetNotFnd
nLit\I386\WMPLAYER.AD_ TargetNotFnd
nLit\I386\WSECEDIT.DL_ TargetNotFnd
nLit\I386\WUAU.AD_     TargetNotFnd
nLit\I386\YAHOO.BM_    TargetNotFnd <-(ignore)

The above is what nLite did when I removed ADM Templates, GP MgmtCons, and:

Lcl Security Settings - Part of Administrative Tools which can be used to easily edit:

- Password Policy

- Account Lockout Policy

- Audit Policy

- User Right Assignment

- Security Options

Needed for:

- Group Policy Management Console

Some differences are obvious based on removal. I could upload the INF's if that would help; don't think just those would violate any rules...

Really stoopid question - What's the Security within the Registry? Allowed to modify (e.g. Admin rights as a Logged-on Admin)? EDIT (to answer myself) Obviously do, since register/reregister a/l one DLL...

Edited April 21, 2011 by submix8c

[GrofLuigi]

The value for "GPO-Disabled" is 0 and it is found in

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\GPO-List\0

That's OK.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions has 3 different sub-folders that refer to gptext.dll, which registers (and unregisters) successfully. I have exported them and attached them here.

Most of the group polices are missing. I also haven't seen them myself for a long time since in my builds I always remove them, so I might not be able to help you in the most direct way - by comparing to my system. What's wierd is that Last Session.ini doesn't indicate any removal.

No firewall here, even the default one is disabled. As to the actual gpedit.msc trace, I'm afraid I won't be able to do it in the following days. GL, I'm sure you'll understand

Have a nice, looong weekend.

Sure, have a nice weekend you too

GL

[Sp0iLedBrAt]

Cheers