Aw dawg, this is just my whateva-whateva site.

Visit Microsoft KB article 921914 for details. It refers to the prerelease-quality version, but Microsoft has stated that it will work the same way with newer versions as well.

A new version of WGA Notifications has been released and it is now being distributed worldwide.

Microsoft has heard that its customers are disappointed with WGA, and Microsoft is taking steps to resolve the issues customers have had with it.

Oh, you didn't know the previous WGA Notifications tool was beta-quality software? It said so in the EULA when it gets installed, but it was pushed out as a High priority update.

TheNotifier is now 0.0.0.33 – its ListViews and registry access functions now support Unicode. (I had to get the framework in general down before I switched to Unicode – it was just easier that way.) That's all that has changed.

Go here first for an update with more precise instructions, or read this article for the backstory.

I've had two Windows 2000 Professional machines in as many days that are unable to download updates. The usual Dial-a-fix Windows Update fix routines changed little about the situation. I found out that BITS couldn't start because SENS couldn't start because EventSystem couldn't start. On the second machine, EventSystem was starting, but then SENS was the final failure point. (NetMan and several other services that usually run under SvcHost were also failing with the Event 700x error listed below.)

The event log gets flooded with Event 7000 (SENS), Event 7001 (BITS), Event 4097 (EventSystem), and DCOM event 10005.

7000:

The System Event Notification service failed to start due to the following error:
The executable program that this service is configured to run in does not implement the service.

7001:

The Background Intelligent Transfer Service service depends on the System Event Notification service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

4097:

The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043B from line 42 of .\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

10005:

DCOM got error "The dependency service or group failed to start. " attempting to start the service BITS with arguments "" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

The fix is to change the "netsvcs" REG_MULTI_SZ in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost. You can save the following block of text as a .reg file and double-click it to import it (it's for Windows 2000 only). Then restart the computer. All of the services that failed before should now work fine, and Windows Update should work again (and/or Dial-a-fix will finally be able to help).

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
"netsvcs"=hex(7):45,00,76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,00,65,00,\
6d,00,00,00,49,00,61,00,73,00,00,00,49,00,70,00,72,00,69,00,70,00,00,00,49,\
00,72,00,6d,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,\
4e,00,77,00,73,00,61,00,70,00,61,00,67,00,65,00,6e,00,74,00,00,00,52,00,61,\
00,73,00,61,00,75,00,74,00,6f,00,00,00,52,00,61,00,73,00,6d,00,61,00,6e,00,\
00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,61,00,63,00,63,00,65,00,73,00,73,\
00,00,00,53,00,45,00,4e,00,53,00,00,00,53,00,68,00,61,00,72,00,65,00,64,00,\
61,00,63,00,63,00,65,00,73,00,73,00,00,00,54,00,61,00,70,00,69,00,73,00,72,\
00,76,00,00,00,4e,00,74,00,6d,00,73,00,73,00,76,00,63,00,00,00,57,00,5a,00,\
43,00,53,00,56,00,43,00,00,00,00,00
"rpcss"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"wugroup"=hex(7):77,00,75,00,61,00,75,00,73,00,65,00,72,00,76,00,00,00,00,00
"BITSgroup"=hex(7):42,00,49,00,54,00,53,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\BITSGroup]
"DefaultRpcStackSize"=dword:00000008

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs]
"CoInitializeSecurityParam"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\wugroup]
"CoInitializeSecurityParam"=dword:00000001

Here is a link to the .reg for right-click-save purposes. (If you single-click on it and it looks funny, that's because it's Unicode).

Also take a look at the update to this article.

I created a wiki entry for this, and the changelog is in there (not many changes this time around), so visit that to find out more/download it/get the MD5sum/etc.

NOTE: Do not redistribute TheNotifier. It is for personal testing only.

Download: TheNotifier v0.0.0.26 (~198KB, *.exe)

As explained previously, this is a prototype app I'm working on which will help me (and eventually you) fight certain malware attacks. At the moment, it just allows you look at what's going on.

As always, comment here, or post at the "Lunarsoft.net DjLizard.net software support forum" (preferred).

Changelog:

* Moved to tabbed interface
* Added more specific filtering functions (None, known, or Microsoft)
* Added AppInit_DLLs tab with basic support (very alpha) – more to come
* 'Jump to key' when on the AppInit_DLLs tab will take you to the 'Windows' key (where AppInit_DLLs is)
* Added the following known-good Notify entries: avldr, Caveo, ckpNotify, Command AntiVirus Download, ComPlusSetup, CwWLEvent, dimsntfy, DPWLN, FolderGuard, GoToMyPC, loginkey, MetaFrame, nwprovau, OPXGina, PCANotify, PFW, ppeclt, PRISMAPI.DLL, PRISMGNA.DLL, psfus, QConGina, RAinit, RegCompact, SABWinLogon, SDNotify, Sebring, T3Notify, TabBtnWL, Timbuktu Pro, tpfnf2, tpgwlnotify, tphotkey, VESWinlogon, WB, WBSrv, Zboard, zsnotify

I have a list of many known-good AppInit_DLLs so you don't have to let me know about those yet.

Also, I have a lot of work left on DAF before I can release another update, so don't worry.

Download: Dial-a-fix 2006-06-22 (md5sum: 6cad3d43cfc69f99d6b702b596aec31b) (and secedit.exe, if you need the repair permissions tool)

Edit: Oops, I had forgotten to give 'Auto-scroll' anchors, so it was floating around when you resize the log pane. This has been fixed and I re-uploaded the file. Please re-download :)

This is unofficially Release Candidate 1. Are there any problems left that I should address before releasing it, or any quick tools I should create at the last minute? I'm about read to start re-writing the wiki entries and prepping for release!

Changelog:

* Added new policies: DoNotAllowXPSP2, UpdatesDisableNotify
* Added Auto-scroll capability to log pane
* Made the text of the "Flush SoftwareDistribution" confirmation dialog clearer
* Fixed some typos
* Cleaned up some internal code structures

Here's a bonus program: TheNotifier. I need everyone who uses Windows 2000 Professional, XP, Server 2003, or Vista to run this program. All it does (for now) is:
* Lists all Winlogon/Notify entries
* Lets you jump to a Winlogon/Notify registry entry
* Allows you to filter out the "known-good" entries

What I need people to do is:
1) Checkmark "Hide known".
2) Comment on this post and let me know the Key and the DLLName of anything that still shows up after hiding known (unless someone already posted yours, or unless it's blank – blank is good).

That's pretty much it. This is going to help me with a future spyware-removal application. Thanks!

Edit: forgot to mention – there is now a DjLizard.net software forum over at Lunarsoft.net.

TheNotifier changelog:
2006-06-23: v0.0.0.22
* Added macdriveitunespatch.dll, mcpstub.dll, lmiinit.dll, navlogon.dll

:)

Download: Dial-a-fix 2006-06-18 (md5sum: 7c08efb8840b9bb451e84ee8fba58ab7)
(and secedit.exe, if you need the repair permissions tool)

Changelog:

* Rewrote policy scanner *again* to address all limitations… now it is very informative – now uses a ListView and can even spot policies that are using the wrong REG_type (such as REG_SZ when REG_DWORD was expected) – it is also extremely optimized – only needs 1680 queries to find everything it knows
* Removed one dumb policy (not really restrictive): NoRecentDocsHistory
* Updated Help dialog to have minimize/maximimize/resize functions
* Updated all version numbers to reflect "v0.60"
* Removed "Debug mode" checkmark, as it is useless now that Dial-a-fix correctly reports DLL registration errors (thanks to native registration capability)
* Added "Suppress errors" in its place, to hide all error dialog boxes that would normally appear, but the code for this is not yet complete, so it remains disabled for now
* Flush SoftwareDistribution button and GO button now disable the Tools dialog pane and its GO button so that you can't run two conflicting tasks at once

The new policy scanner kicks ass. Note: don't be alarmed – it will tell you a policy is present even if its value means it isn't enabled. There's no point in having a policy there with an erroneous value, or one that has its value set to disabled (which is the same thing as not having the value). Might as well remove them.

Dial-a-fix is now being referred to as v0.60, due to the insane amount of changes taking place. :)
Download: Dial-a-fix 2006-06-17 (md5sum: 97fc12c4278d771eed64639bf7dbf831)
(and secedit.exe, if you need the repair permissions tool)

edit: Yeah, I didn't change the titlebar or the "0.58" in any place else but the version area, no big deal. I'll fix it next time :P

Changelog:

* Merged "Repair Windows Firewall" and "Repair networking interfaces" tools
* Erroneously referred to Windows Installer 2.0 as "InstMsiW" in the notes (the file that comes with DAF Full was the correct one, but named incorrectly) – the correct name is "InstMsiA" (W being Unicode (2k/XP) and A being ANSI (Win9x)), but that does not matter now:
x Removed *all* installers
* Added list of installers to the Notes pane of the Help dialog
* Added webvw.dll to the list of IE7 ignores
* Fixed misspelled policy – ForceActiveDesktop to ForceActiveDesktopOn
* Added new Add/Remove programs policies: NoAddRemovePrograms, NoRemovePage, NoAddPage, NoWindowsSetupPage, NoAddFromCDorFloppy, NoAddFromInternet, NoAddFromNetwork, NoServices, NoSupportInfo
* Added new Explorer policies: NoWebView, NoHardwareTab, DisallowRun, RestrictCpl, DisallowCpl, DisableLocalMachineRun, DisableCurrentUserRun, NoFileAssociate
* Added new IE policies: NoBrowserBars, NoBrowserClose, NoBrowserContextMenu, NoBrowserOptions, NoBrowserSaveAs, NoFavorites, NoFileNew, NoFileOpen, NoFindFiles, NoSelectDownloadDir, NoTheaterMode, NoOpeninNewWnd, NoViewSource, NoNavButtons, NoPrinting, AlwaysPromptWhenDownload
* Added new IE CPL policies: Advanced, Autoconfig, Cache, CalendarContact, Check_If_Default, Connection Settings, Certificates, Colors, Fonts, History, Languages, Links, Messaging, Profiles, Proxy, Ratings, Wallet
* Now checks for net.exe, net1.exe, sc.exe, and regsvr32.exe on startup, and lets the user know of missing files (when applicable). Also speeds up usage of these files (except regsvr32.exe, which is not used by DAF)
* Main dialog now highlights the current item being processed
* Added error handler for -2147312566 (TYPE_E_CANTLOADLIBRARY)
* Added check for MSHTML.TLB
* Policy scanner was rewritten (again) and is about twice as fast, but the painting of the new progress bar slows it down a bit

The installers have been removed for several reasons:
* Language problems (most of the packages I had in DAF full were for English only)
* Scripted install problems (a lot of them don't properly silently install)
* Size (most people were downloading DAF full when all they needed was DAF light to begin with – but this was my fault for not making it clear)
* New packages keep coming out (VC2005 redist, for instance)

I've setup a page of links to these installers in case you need them. It's on the Notes pane of the Help dialog. No more DAF full. Just DAF medium (secedit) and light.

edit: oops, beta update 2, not 3. It's beta 3, but update 2. hah.

edit 2: The policy scanner now finds entries that are present, but turned off. I think I'm going to add a checkmark to toggle this functionality on or off in the next update.

It's patch tuesday – a bunch of fixes came out. Visit Windows Update to get them, or wait for them to be downloaded with idle network bandwidth, by BITS.

I haven't been paying attention lately (I've been quite busy) but a new version of MSHTML.DLL is out – 6.00.2900.2912. It can't be registered (at all), thankfully. The previous version, .2838, was not supposed to be registerable either, but Microsoft broke it. This time, it spits out an error code (specifically, hex 0x80029c4a / decimal -2147312566: TYPE_E_CANTLOADLIBRARY). Dial-a-fix v0.58 (which is pretty close to being v0.60) recognizes certain versions of files now, and ignores the ones it knows it can't register. I'll have a new public beta soon, I think. I've got to do some more private testing first (I've made a truckload of changes since the last public beta).

edit: Wait, the one on my dev machine is 6.0.2900.2912, and it DOES register. Something's not right here!

edit 2: Ok, I found out what the problem is. A rogue program removed mshtml.tlb because it thought it was no longer being used. WTF! Ugh, 3rd party software. This post has been rendered invalid. At least I have something to check for with Dial-a-fix now…

Start here.

You can receive up to 2 product keys, each of which is good for 10 computers. They will also be emailed to your live.com profile.

If you are a member of Something Awful and Alluvion.org, then you can latch on to my x86 torrent.
(x64 torrent)