Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 



glnz

Office 16 Click-to-Run Extensibility Component could not modify 137 protected registry keys during installation or update of Office 365

Recommended Posts

glnz    20

In installing and re-installing Office 365 Home (64-bit install on Win 7 Pro 64-bit), I get approx. 137 Warnings in Event Viewer like the following:

Product: Office 16 Click-to-Run Extensibility Component. The application tried to modify a protected Windows registry key \msinkdiv.InkDivider.1.

I did a deep uninstall and reinstall just to see if this could be avoided, but no.  It happens on each install or repair or reinstall.

Here's all the info for one of these - but keep in mind there are 137 different ones (different keys being named):

Log Name:      Application
Source:        MsiInstaller
Date:          8/13/2016 1:48:06 AM
Event ID:      1039
Task Category: None
Level:         Warning
Keywords:      Classic
User:          SYSTEM
Computer:      WINDOWS-[my PC]
Description:
Product: Office 16 Click-to-Run Extensibility Component. The application tried to modify a protected Windows registry key \msinkdiv.InkDivider.1.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MsiInstaller" />
    <EventID Qualifiers="0">1039</EventID>
    <Level>3</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-08-13T05:48:06.000000000Z" />
    <EventRecordID>30907</EventRecordID>
    <Channel>Application</Channel>
    <Computer>WINDOWS-[my PC]</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data>Office 16 Click-to-Run Extensibility Component</Data>
    <Data>\msinkdiv.InkDivider.1</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>(NULL)</Data>
    <Data>
    </Data>
    <Binary>7B39303136303030302D303038432D303030302D313030302D3030303030303046463143457D</Binary>
  </EventData>
</Event>

-System

-Provider

[ Name]MsiInstaller

-EventID1039

[ Qualifiers]0

Level3

Task0

Keywords0x80000000000000

-TimeCreated

[ SystemTime]2016-08-13T05:48:06.000000000Z

EventRecordID30907

ChannelApplication

ComputerWINDOWS-[my PC]

-Security

[ UserID]S-1-5-18

-EventData

Office 16 Click-to-Run Extensibility Component

\msinkdiv.InkDivider.1

(NULL)

(NULL)

(NULL)

(NULL)

7B39303136303030302D303038432D303030302D313030302D3030303030303046463143457D

Binary data:

In Words

0000: 3130397B 30303036 30302D30 302D4338
0008: 2D303030 30303031 3030302D 30303030
0010: 43314646 7D45

In Bytes

0000: 7B 39 30 31 36 30 30 30 {9016000
0008: 30 2D 30 30 38 43 2D 30 0-008C-0
0010: 30 30 30 2D 31 30 30 30 000-1000
0018: 2D 30 30 30 30 30 30 30 -0000000
0020: 46 46 31 43 45 7D FF1CE}

What do you think?

Edited by glnz

Share this post


Link to post
Share on other sites

Tripredacus    286

I take it that you initiated the install from the Office365 portal? Also do you know what the version of Office is that you are trying to install?

Share this post


Link to post
Share on other sites
glnz    20

Trip - Not sure what you mean by "portal".  We bought Office 365 Home (5 users) and installed it first on my wife's iMac this past May.  Two weekends ago, I finally installed it on the Win 7 Pro 64-bit side of my dual boot Dell 7010 as the second of the five permitted users.  To do that, I followed the instructions in the tiny box (start at www.office.com/setup and enter the 25-character key on the card) and also called in to MS's help line to do the install. 

Unfortunately, the MS guy first did the 32-bit install.  I asked him to re-do as 64-bit, so he did.

Later, I noticed the many warnings mentioned above.

Last weekend, I did my own very thorough UNinstall (using the MS tool available online) and reinstalled, but same Warnings recurred.

It works!  I'm doing tax work now on Excel.  But I'm still a bit concerned about the Warnings.

The version it installed is Office 16.

The install program that's still in my Download folder is Setup.X64.en-US_O365HomePremRetail_[many numbers]_TX_PR_.exe.  When I run that, it starts a big download over the internet that takes a while and which obviously runs in the background.

The deep UNinstall program that's also still in my Download folder is o15-ctrremove.diagcab.

Since I posted above, I found one of the many keys.  Its Permission is read only, and its Owner is TrustedInstaller.  There are too many different keys in the Warnings to change Permissions or Owners.

Open to suggestions.

Edited by glnz

Share this post


Link to post
Share on other sites
glnz    20

More -

I went to one of the registry keys in the Warnings and found that its Permissions are Read Only and its Owner is TrustedInstaller.
There are way too many of these keys for me to try to change Owner and Permissions (and then change Owner back).
Is there a generic script for taking a list of keys, changing their owners and permissions, then changing their owners back?
What is MS doing if its own installation program doesn't deal with this?

Edited by glnz

Share this post


Link to post
Share on other sites
glnz    20

jaclaz - PowerRun v1.0 (Run as TrustedInstaller) looks interesting.  The O365 installation program Setup.X64.en-US_O365HomePremRetail_[many numbers]_TX_PR_.exe starts a big download over the internet that takes a while and which obviously runs a lot of stuff or something big in the background that I don't see.  Would everything be run as TrustedInstaller?

Share this post


Link to post
Share on other sites
jaclaz    943

I have no idea of what the Office 365 program (or its installer) does.

It should normally - being from MS, digitally signed, whadda/whadda, etc. - have already the appropriate permissions/whatever.

What I was telling you was that if have 10 (or 100, or 1000, it's the same) Registry keys that have TrustedInstaller ownership/permissions and you *need* to modify them, you will need to:

1) change the ownership/permission of each key, modify the key, then optionally restore the ownership/permission to what it was before <- this is what you asked a script for

2) impersonate TrustedInstaller, modify the key <- this is an alternative, simpler way I suggested

I am not in any way suggesting to run the installer through an "elevated to Trustedinstaller" prompt, only pointing you to "previous art" on the matter, so that you can write yourself the script.

jaclaz
 

Share this post


Link to post
Share on other sites
glnz    20

jaclaz - you flatter me.  The only code I know is a few pieces of the NYC Building Code and the Internal Revenue Code.

When I was in high school in 1967-1971, I also learned Basic's b=b+1, which is why my bills are so high today. 

And the travails of Fortran IV on punch cards -- made law school less frightening in comparison.

But you're certainly right that MS should have given its own installation program permission to change those 137 registry keys.  (Unless there was a reason not to do so?)

Edited by glnz

Share this post


Link to post
Share on other sites
glnz    20

To readers - I have a clue how to a fix this problem with non-modificable registry keys, but need your suggestions.  I am now looking for "Scrub" that will truly UNinstall Office and O365 from my PC, including the registry keys that cannot be modified during the REinstall process.  A MS tech suggested this "Scrub" but only if he runs it on my machine - not something he'll send me.

Do you know what he means by "Scrub"?  Do you believe what he tells me, that it will actually delete those 60 - 70 non-modifiable registry keys?  Where can I get this on my own (or at least research it before he wrecks my PC and kills two of my work days)? 

After the call with the tech, I found something on the web about "Offscrub", and it might be helpful.  It also might be very helpful when you are UNinstalling Office from many PCs.  Go to the following great article and then please come back here to comment:

https://www.deploymentmadscientist.com/2016/02/08/deploying-microsoft-office-2016-removing-old-versions/

After you read the above, here are my questions:

If I open cmd as administrator, what would be the single command line (from that article) to run either O15CTRRemove.diagcab (easier for me) or offscrub?.vbs (more work for me) in the strongest flavor?  (I assume I would first have to create the CScriptNative.cmd described in that article.)

I am hoping this approach will delete those 60 - 70 registry keys as well, so I can then do a REinstall without the Warnings.

(By the way, before I got to the article above, an MS office tech called me this morning.  His first recommendation was to Repair or Reset my operating system, Win 7 Pro 64-bit.  Instead of telling him what I thought about that (and him), I bit my tongue and asked him (a) whether he'd read my txt files with copies of the Event Viewer Warnings and (b) whether an OS Repair or Reset would focus on those keys.  I continued to ask questions, and he eventually mentioned "Scrub" as the answer, which later inspired me to the link above.  Anyway, I asked him to call me back in two weeks when I would have time to do this, and he promised to do so.   I don't trust this guy's knowledge, and I would prefer to find a more reliable solution.)

Thanks, and I hope you all find this link helpful in your work.

Share this post


Link to post
Share on other sites
glnz    20

Alas, my "scrub" idea above didn't work any better than anything else, and again on UN and REinstall of O365 I have 70+ Warnings that protected registry keys could not be modified.

The MS tech person sees some .dll errors in netdll.dll and KernelBase.dll and so is recommending I do a non-destructive repair of my Win 7 Pro 64-bit via an "inplace upgrade" off a Win 7 Pro 64-bit iso.

Comment?  Thanks.

Share this post


Link to post
Share on other sites
glnz    20

Trip - I am assuming that very few people have this problem, so who knows maybe it WAS tested by MS.

Or very few people first installed O365 32-bit by mistake and then uninstalled and reinstalled with 64-bit.

Or nobody checks their Event Viewer.

Problem is - the MS tech 2 who is "helping" me insists it's my OS and he wants me to repair my Win 7 Pro 64-bit OS by doing an "inplace upgrade".  But my sfc /scannows are 100% pristine clean.  I just want help with these "cannot change protected registry key" Warnings in Event Viewer.

Edited by glnz

Share this post


Link to post
Share on other sites
glnz    20

I am going to manually change Permissions in every one of the 67 ± keys that throw up a Warning that such key is protected, to permit changes by SYSTEM (I think), and then reinstall O365 Home 64-bit.  However, the Event Viewer Warnings don't give the complete key names, so I am using nirsoft's Regscanner to find each key by searching for the part of the key shown in the Event Viewer Warning.

Problem is that for each key name-fragment shown in Event Viewer, there can be many keys. 

Another problem is that Regscanner sometimes lists the same key twice - once showing type REG_EXPAND_SZ with no Name, and second showing type REG_SZ and Name ThreadingModel.  But it's the same key with two pieces of data in it.  So, when I change its permissions, is this one key or somehow two keys?

Now, a dumber question:  If I change First ownership and Second permissions and Third change ownership back in a key that starts with HKEY_CLASSES_ROOT or HKCR, will that automatically change the ownership and permissions in the matching key that starts with HKEY_LOCAL_MACHINE or HKLM ?

Finally, take a look at my post in TenForums >HERE< , which has links to an interesting powershell program higher in that thread that might help me and to my two posts in MS forums - would love to have your thoughts.

Thanks.

Edited by glnz

Share this post


Link to post
Share on other sites
dencorso    542

Do it as the Trusted Installer, and you won't have to change any permission manually. See <link> and <link>. Do read them.
This is the batch I use to just make it happen... call it, say, TIdo.cmd:
 

net.exe start trustedinstaller
runassystem64.exe "runfromtoken64.exe trustedinstaller.exe 1 cmd.exe"
exit

It'll give you a cmd box with TI credentials... simply run the installer from there. You have to run TIdo.cmd as an Administrator and say yes to the ensuing UAC prompt... But life's like that, you know. :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×