locked
Office 16 Click-to-Run Extensibility Component could not modify 137 protected registry keys during installation or update of Office 365 RRS feed

  • Question

  • LATE EDIT - For all IT folks, I left a very useful link way below about UNinstalling Office on many machines.  Please keep reading for that goody.  But your suggestions for my problem will be much appreciated.

    __________________________

    In installing and re-installing Office 365 Home (64-bit install on Win 7 Pro 64-bit), I get approx. 137 Warnings in Event Viewer like the following:

    Product: Office 16 Click-to-Run Extensibility Component. The application tried to modify a protected Windows registry key \msinkdiv.InkDivider.1.

    I did a deep uninstall and reinstall just to see if this could be avoided, but no.  It happens on each install or repair or reinstall.

    Here's all the info for one of these - but keep in mind there are 137 different ones (different keys being named):

    Log Name:      Application
    Source:        MsiInstaller
    Date:          8/13/2016 1:48:06 AM
    Event ID:      1039
    Task Category: None
    Level:         Warning
    Keywords:      Classic
    User:          SYSTEM
    Computer:      WINDOWS-[my PC]
    Description:
    Product: Office 16 Click-to-Run Extensibility Component. The application tried to modify a protected Windows registry key \msinkdiv.InkDivider.1.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="MsiInstaller" />
        <EventID Qualifiers="0">1039</EventID>
        <Level>3</Level>
        <Task>0</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2016-08-13T05:48:06.000000000Z" />
        <EventRecordID>30907</EventRecordID>
        <Channel>Application</Channel>
        <Computer>WINDOWS-[my PC]</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data>Office 16 Click-to-Run Extensibility Component</Data>
        <Data>\msinkdiv.InkDivider.1</Data>
        <Data>(NULL)</Data>
        <Data>(NULL)</Data>
        <Data>(NULL)</Data>
        <Data>(NULL)</Data>
        <Data>
        </Data>
        <Binary>7B39303136303030302D303038432D303030302D313030302D3030303030303046463143457D</Binary>
      </EventData>
    </Event>

    - System
    - Provider
    [ Name] MsiInstaller
    - EventID 1039
    [ Qualifiers] 0
    Level 3
    Task 0
    Keywords 0x80000000000000
    - TimeCreated
    [ SystemTime] 2016-08-13T05:48:06.000000000Z
    EventRecordID 30907
    Channel Application
    Computer WINDOWS-[my PC]
    - Security
    [ UserID] S-1-5-18
    - EventData
    Office 16 Click-to-Run Extensibility Component
    \msinkdiv.InkDivider.1
    (NULL)
    (NULL)
    (NULL)
    (NULL)
    7B39303136303030302D303038432D303030302D313030302D3030303030303046463143457D

    Binary data:

    In Words

    0000: 3130397B 30303036 30302D30 302D4338
    0008: 2D303030 30303031 3030302D 30303030
    0010: 43314646 7D45

    In Bytes

    0000: 7B 39 30 31 36 30 30 30 {9016000
    0008: 30 2D 30 30 38 43 2D 30 0-008C-0
    0010: 30 30 30 2D 31 30 30 30 000-1000
    0018: 2D 30 30 30 30 30 30 30 -0000000
    0020: 46 46 31 43 45 7D FF1CE}

    What do you think?


    glnzglnz ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit and Win 10 Pro 64-bit. ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.













    • Edited by glnzglnz Friday, July 6, 2018 1:38 AM
    Saturday, August 13, 2016 2:54 PM

All replies

  • Update from OP:

    I also posted this problem in answers.microsoft.com and got one response that's sort of interesting, but it seems a bit risky to try unless there are no other ideas.

    From that response, take a look at  
    https://lennytech.wordpress.com/2013/08/10/uninstalling-the-office-15-click-to-run-extensibility-component/ 
    and please return here and tell me what you think.

    That page at lennytech is interesting, but I have NOT had the worse error-blocked-install issues described there.  As far as I can tell, my Office 365 Home (which gave me Office 16) is working.  But I certainly don't like the numerous Warnings in Event Viewer I describe above.

    What's also interesting about the lennytech page is that when I first installed the O365 with the help of the MS call-in team, the MS tech installed the 32-bit version of O365.  I asked him to uninstall and re-install the 64-bit version, and he did.  Maybe that first install set up those registry keys and locked them somehow.  They have apparently remained locked even though I ran the DEEP O365 uninstall twice. 

    Not yet ready to try the regedit and uninstall surgery described at lennytech.  But it might be an experiment next weekend if no luck elsewhere.

    Please do comment more if anything occurs.

    And I hope others comment also!

    Thanks.


    glnzglnz ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit and Win 10 Pro 64-bit. ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.



    • Edited by glnzglnz Sunday, August 14, 2016 4:44 PM
    Sunday, August 14, 2016 4:42 PM

  • Again from OP:

    And one more idea.

    Take a look at

    https://msdn.microsoft.com/en-us/library/dd744761(v=vs.85).aspx

    Again, please come back here to post your thoughts.

    Comments, please !!!


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Sunday, August 14, 2016 5:34 PM
  • Hi,

    Basically, warnings can be ignored if they are caused by a trusted program. Does this issue continue if we run the Office setup.exe file as administrator?

    How did you do a deep uninstallation of your Office? Have you tried uninstalling using the easy fix tool here:

    https://support.office.com/en-gb/article/Uninstall-Office-2016-Office-2013-or-Office-365-from-a-PC-9dd49b83-264a-477a-8fcc-2fdf5dbf61d8?ui=en-US&rs=en-GB&ad=GB

    Regards,

    Steve Fan
    TechNet Community Support


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 16, 2016 9:32 AM
  • Steve - Thanks for post.

    Yes, I ran exactly that uninstall easy fix tool.  Not just once but twice.  It provides and saves a file called o15-ctrremove.diagcab, which I can run more than once.

    But I have not yet re-installed O365 Home with "Run as administrator".   (By the way, my user account on the Win 7 Pro 64-bit machine is an administrator account.)

    Also, there's no "setup.exe" file.  There is a single file called

    Setup.X64.en-US_O365HomePremRetail_[numbers deleted]_TX_PR_.exe

    When I run that, it starts by downloading quite a bit from MS which then runs itself.  (Its "Properties" indicate it was once called bootstrap.exe.)

    Is there another way to install O365 Home?

    Now I'm busy using Excel for tax season for small family business.  When I get a break, I'll uninstall again and try a re-install with "Run as administrator".


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Tuesday, August 16, 2016 10:10 AM
  • Steve - ALSO, FYI, even when Office is not running, there is a process always running called OfficeClickToRun.exe., and it is related to a running service called ClickToRunSvc

    OfficeClickToRun.exe. has the following properties:
    Description:  Microsoft Office Click-to-Run (PreSxS)
    Location:  C:\Program Files\Common Files\Microsoft Shared\ClickToRun
    File and Product version: 16.0.7070.1325

    But why is this always running?  There's not much that describes this feature, but it seems to be related to the initial installation of O365.  If so, why does it continue to run days later?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Tuesday, August 16, 2016 10:25 AM
  •  

    Since I posted above, I looked at one of the many keys.  Its Permission is read only, and its Owner is TrustedInstaller.  There are too many different keys in the Warnings to change Permissions or Owners.

    Why doesn't MS give the desired reg changes TrustedInstaller status??

    Is there a generic script for taking a list of keys, changing their owners and permissions, and then changing their owners back?

    Still open to suggestions.

     

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.



    • Edited by glnzglnz Thursday, August 18, 2016 11:19 AM
    Thursday, August 18, 2016 1:22 AM
  • I was on the phone today with Office 365 Help line for FOUR  HOURS before they finally let me email them my txt file of the error messages and then promised to have a Level 2 tech call me.

    Four hours to get what I suggested in the first three minutes.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Sunday, August 21, 2016 10:54 PM
  •  

    To readers - I have a clue how to a fix, but need your suggestions.  I am now looking for "Scrub" that will truly UNinstall Office and O365 from my PC, including the registry keys that cannot be modified during the REinstall process.  A MS tech suggested this "Scrub" but only if he runs it on my machine - not something he'll send me.

    Do you know what he means?  Do you believe what he tells me, that it will actually delete those 60 - 70 non-modifiable registry keys?  Where can I get this on my own (or at least research it before he wrecks my PC and kills two of my work days)? 

    After the call with the tech, I found something on the web about "Offscrub", and it might be helpful.  It also might be very helpful when you are UNinstalling Office from many PCs.  Go to the following great article and then please come back here to comment:

    https://www.deploymentmadscientist.com/2016/02/08/deploying-microsoft-office-2016-removing-old-versions/

    After you read the above, here are my questions:

    If I open cmd as administrator, what would be the single command line (from that article) to run either O15CTRRemove.diagcab (easier for me) or offscrub?.vbs (more work for me) in the strongest flavor?  (I assume I would first have to create the CScriptNative.cmd described in that article.)

    I am hoping this approach will delete those 60 - 70 registry keys as well, so I can then do a REinstall without the Warnings.

    (By the way, before I got to the article above, the MS office tech called me this morning.  His first recommendation was to Repair or Reset my operating system, Win 7 Pro 64-bit.  Instead of telling him what I thought about that (and him), I bit my tongue and asked him (a) whether he'd read my txt files with copies of the Event Viewer Warnings and (b) whether an OS Repair or Reset would focus on those keys.  I continued to ask questions, and he eventually mentioned "Scrub" as the answer, which later inspired me to the link above.  Anyway, I asked him to call me back in two weeks when I would have time to do this, and he promised to do so.   I don't trust this guy's knowledge, and I would prefer to find a more reliable solution.)

    Thanks, and I hope you all find this link helpful in your work.



    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.




    • Edited by glnzglnz Monday, August 22, 2016 3:59 PM
    Monday, August 22, 2016 3:49 PM
  • From the www.deploymentmadscientist.com link in my preceding post, I have "expanded" O15CTRRemove.diagcab into a folder and taken a look at the code in OffScrubC2R.vbs, which is one of the files in that diagcab.

    When I look at OffScrubC2R.vbs in “edit”, I see that
    fForce = False
    What might happen if I set it to True?
    Do you think that might help me uninstall or modify the 60-70 protected registry keys on my next UNinstall and REinstall of 0365 64-bit?

    Come on, readers.  My link above will be helpful to you in the future.  Please lend a hand here.

    Thanks.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Saturday, August 27, 2016 3:04 PM
  • I will be on the phone tomorrow morning with a MS tech who had said he has a "scrub" program.  Any suggestions before we start?

    Also, I am now downloading the OFFLINE installation img file (more than 2GB) for the re-installation.  Any comments?

    Thanks.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Saturday, September 17, 2016 9:38 PM
  • By the way, the procedures at www.deploymentmadscientist.com (link above) didn't help with this problem, even after setting fForce to True.  And I re-installed O365 Home this time with the offline 2.6GB installation .img file (choosing the buried Setup64.exe and running as Administrator).  But again got the 70+ Warnings in Event Viewer that protected registry keys could not be modified.

    Dang it!  Speaking with MS tech in two hours, but any ideas?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.




    • Edited by glnzglnz Sunday, September 18, 2016 1:10 PM
    Sunday, September 18, 2016 12:34 PM
  • The MS tech insists the problem is with two bad dlls in my OS - ntdll.dll and kernelbase.dll.  However, another sfc /scannow and a chkdsk show no errors at all - 100% clean.  And the copies of those two dlls in System32 are the same size and date as the source dlls in the AMD64... folders.

    (But do you think he's right?)

    Meantime, I have also posted about this problem in another forum and received this reply:

    Reply

    I am running Win 10 on a 64bit OS (upgraded from Win 7) and Office 2010 which operates without any problem from a purchased DVD installed while on Win 7 OS. 

    It looks like we are wasting our time trying to fix the error issue which has only recently reared it's ugly head. I have uninstalled 'Office 16 Click-To-Run Extensibility Component' together with Licensing and Localisation Components and cleaned up the registry and all that happens is Windows simply re-installs them with the resultant list of errors. 

    Office Click-To-Run is not shown as an installed component on my machine but it can be uninstalled through, Run, type in"installer" and run, under 'View' and 'add columns' add Subject to the headline and under 'subject' filter for I-P to find Office 16 installed components. From there you can uninstall as I have done. You may have better results than I had.

    This is an issue which Windows  or Microsoft Office needs to correct!



    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Monday, September 19, 2016 6:17 PM
    Monday, September 19, 2016 6:13 PM
  • Still an issue, and MS might call me again this weekend.  Any thoughts?

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Friday, September 23, 2016 4:08 PM
  • To all - my many weekend days with MS O365 Help has gotten nowhere.  With the help of a MS tech2 in India, an unbelievably thorough UNinstall and REinstall of O365 home still generated my 70± Warnings that something "tried to modify protected registry keys", many of which are about msinkdiv.InkDivider.

    The tech2 insisted this is normal.  What total garbage.

    Has anyone had better luck?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Sunday, September 25, 2016 8:27 PM
  • Bump.  No ideas for this weekend?  Thanks.

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Saturday, October 1, 2016 12:34 AM
  • Still not fixed.

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Monday, October 3, 2016 12:52 PM
  • And still not fixed.

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Friday, October 14, 2016 2:04 AM
  • Another attempt to get the MS front-line people to help failed.  They want me to use their paid "Pro" help line.

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Monday, October 17, 2016 12:59 AM
  • The link below will take you to a Word .docx into which I've pasted the Event Viewer info for the last set of 67 Warnings I got when I again UN-installed and RE-installed O365 Home.  There's a short list first, then many pages showing detail for each Warning - more than 100 pages total.

    Is there enough info in the .docx to create a script that will change the ownership and/or permissions on the related Registry keys so that the next UN- and RE-install will make whatever changes it wants to make?  (And ideally to first record what the current ownerships and permissions are so I could go back after?)

    My problem so far is that Event Viewer seems NOT to be giving me the full Registry Key name for each of the 67 protected keys.  Does the info in the .docx at my link below somehow give me that?  If not, how can I get that without spending a week literally searching through the Registry?

    LINK TO INFO RE 67 WARNINGS 

    Thanks.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Thursday, November 10, 2016 4:17 PM
    Thursday, November 10, 2016 4:14 PM
  • Bump - anyone have any thoughts?  Thanks.

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Saturday, December 3, 2016 5:53 PM
  • Just noticed my Event Log has the same MSI Installer errors (Event ID 1039)  that started in August.  More recently I noticed Office updates had repeatedly failed, so I reinstalled (O365 ProPlus in my case) and that got me to the current version. 

    I'm wondering if you changed the ownership on the reg keys from TrustedInstaller to something else?  You can use the AccessChk tool to perform the mass maintenance but I'm hesitant to change anything since my system works.  I haven't checked my other machine to see if the same errors are occurring but the most recent update occurred normally.

    Monday, December 12, 2016 6:52 AM
  • LAX - Thanks for thought. 

    TWO POINTS IN THIS EMAIL --

    FIRST -- I would love to try to change ownership and permissions
    but ...
    (a) the 70 ± Warning messages do not give me the entire key names, just the ends of the keys and the values - please see my link a few posts above to the OneDrive Word document that shows all,
    (b) I'm not sure what I should change ownership to,
    (c) I'm not sure what to do with the Permissions, and
    (d) how can I do this efficiently without manually changing 70 ± keys, with the likelihood of making a mistake I might not be able to find?

    (By the way, if I could do the above, after changing permissions, I would probably change ownership back to Trusted Installer.  My past experience with a DCOM error is that if permissions are OK, then updates can change what is necessary.)

    But in the meantime, please point me to any info on AccessChk you think might be helpful, including past examples of changing more than one key.  I'm not an experienced coder like most here.

    SECOND -- Following the theory behind the lennytech link in my second post in this thread (above at August 14, 2016 4:42 PM), I did a search in all files on my hard drive for c2r in the file name (which MS seems to use for Click-to-Run).  I found two, and each has an Uninstall option if I right-click on it:

    C2RInt.16.msi
    and
    C2RIntLoc.en-us.16.msi
       both in C:\Program Files\Microsoft Office\root\Integration

    So, what do you think would happen if I Uninstalled one of them?  And which one should I try first?

    Thanks.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.





    • Edited by glnzglnz Monday, December 12, 2016 3:47 PM
    • Proposed as answer by EDELC Thursday, January 12, 2017 10:23 PM
    • Unproposed as answer by glnzglnz Thursday, January 12, 2017 11:53 PM
    Monday, December 12, 2016 12:48 PM
  • Bump. 

    EDELC proposed my preceding post as answer, but it's not an answer as far as I can see.

    Does anyone have any thoughts?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Friday, January 13, 2017 1:29 PM
    Thursday, January 12, 2017 11:54 PM
  • Update - UNinstalling C2RInt.16.msi and C2RIntLoc.en-us.16.msi has not helped with the protected registry key problem.

    I am manually making a list of the Registry keys that won't let themselves be changed when I re-install O365 or when I update O365.  I wish there were a batch file that would look at my list, go to each key, change its Owner from TrustedInstaller to Administrators, change its Permissions for System to Full Control, and then change its Owner back to TrustedInstaller.

    There IS a batch file that a smart fellow wrote to deal with a different problem. It has two keys manually coded in but dances these three steps with each of those keys.  It's in this thread

    - 10FORUMS POST WITH BATCH FILE  

    Can anyone here modify that batch to read my list of keys off a txt file?

    Thanks.




    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Sunday, January 29, 2017 4:14 AM
  • New update -

    I have now run a brute force set of changes to all 67± registry keys and gave Full Control permission to System in each key so that a re-install of O365 (or any update) could change those protected keys.  However, NO LUCK again.  I continue to get the Warnings.  (How exactly are these keys protected?)

    For details, please see a very interesting post at MSFN at MSFN LINK HERE

    Among other things, the folks there introduced a useful tool for running anything as Trusted Installer.  This helped me avoid the step of changing Owner on each key before changing Permissions.

    Any ideas?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Sunday, March 5, 2017 4:09 PM
  • Further update -

    I have re-run the O365 removal tool O15CTRRemove.diagcab  (and its internal vbs's) and re-installed, all as Trusted Installer using the tool at the MSFN link above.  But no luck.

    Still got 41 Warnings about not changing protected registry keys, on each of the re-install and the subsequent manual update.  (82 Warnings total.)

    Something is really protecting those keys !!  But only 41 this time, not 67.

    Question - There's something that runs during the install and the update called Office Software Protection Platform.  Could that be the culprit?

    I wonder WHAT is protecting those keys!  I'd like to bring it into the bomb shelter with me.



    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Wednesday, March 8, 2017 1:57 AM
  • With no luck at all so far, I am tempted (a) to UNinstall O365 (again), (b) to use the Run-as-TrustedInstaller tool to DELETE the 41± "protected" registry keys and (c) to REinstall O365.

    Thoughts?

    Detail:  The first person to install this O365 Home was my partner on her iMac.  She is the initial (master?) licensee.  The problem I'm having here is with the installation of this same 5-use O365 Home on the next device, a Win 7 Pro 64-bit Dell Optiplex 7010.  This has always been the second use of this 5-use O365 Home.
    So, if I do another UNinstall and DELETE THESE "PROTECTED" KEYS, will the license(s) get screwed up?  Will MS now think that the REinstall is the THIRD use???


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Tuesday, March 14, 2017 3:15 PM
    Tuesday, March 14, 2017 3:13 PM
  • Update - So 41± "protected" registry keys have been showing up in Event Viewer Warnings when I run any update of Word or Excel (from this second O365 Home installation).

    NOW, in regedit, I have given "Full Control" permission to Administrators in each of these 41± keys.  (I run regedit and regscanner64 as TrustedInstaller.  So I don't have to change Ownership to change Permissions.  Goes much faster.)

    Result - in yesterday's normal "Update Now" of Word, which ran some updates, I did NOT get the 41± Warnings.  Progress ??  Risks ??

    I might go back to my earlier lists of "protected" keys (which were more than 41), do the same, and then run a "Repair" of O365.  (Or a total UNinstall and REinstall.)  What do you think?  Will a Repair or UN+REinstall create different keys and so progress will be lost?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.




    • Edited by glnzglnz Tuesday, March 28, 2017 3:08 PM
    Tuesday, March 28, 2017 3:02 PM
  • No luck --

    I thought I'd try a "lesser" repair by right-click-repairing C:\Program Files\Microsoft Office\root\Integration\C2RInt.16.msi , which is an installer (maybe the installer) for the Office 16 Click-to-Run Extensibility Component that is generating the warnings.

    The repair ran very briefly and that created again the same 41 Warnings as an "Update Now" of Word.  

    Back to square one.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Thursday, March 30, 2017 11:55 AM
  • I'm back from my reply in December.  I actually forgot about this problem and noticed my own reply earlier and was just about to address it as a new problem.  Suffice to say I've had a lot of problems with Windows 10.  Is there any chance you upgraded from Win 8.1 to 10 on this machine?  Did you have Office 2013 before upgrading to 2016?  Those two apply in my situation.

    I'm using Office 365 ProPlus (64-bit)  installed from the enterprise site w/the OneClick and also have the Power BI app installed as well. And while I do get the errors, I  also discovered last week that I'm not able to update (either using the in-application update or Add/Remove Repair.  I think I get Error 30088-something.  Looking that up it claims to be a network issue, but even turning firewall off I'm unable to update and other machines update fine (Windows 8.1 and earlier). 

    The first time I tried using the online repair it actually removed and wouldn't reinstall office at all, rendering it completely useless.  I take daily image backups for I rolled back to early February and couldn't update that either.  I do believe it could be permission-driver because I've noticed some illogical permissions on C:\Windows and other directories with invalid users.  Other than this I haven't had time to look into this further but now must because I'm unable to update.

    There are tools like AccessChk to check and modify permissions but it isn't a simple tool.  I had to use it to fix a CAPI issue related to backups that's been a bug since Windows 7.  I'll let you know what I find but wanted to advise there is definitely someone else having the same issue.

    Monday, April 3, 2017 6:41 AM
  • LAX - thanks for posting.  Getting lonely here.  Unfortunately, I don't think we're having the same issues.

    - My O365 Home 64-bit install is on a Win 7 Pro SP1 64-bit desktop.** Yours is O365 ProPlus on Win 10.
    - I did NOT have ANY Office on my Win 7 before I installed the O365 Home.
    - I have not had any general problems updating. Word and Excel still seem to update and work although I've not done much yet with them on this machine. It's just that updating (or re-installing) creates these 41± Warnings about specific registry keys that are protected and cannot be modified. And those keys seem to be related to the C2R Extensibility Component or "ink" although I can't be 100% sure.
    - I haven't had your more severye unexpected removal problems.

    Other than that, you and I are twins !!

    ** My desktop actually dual-boots Win 7 Pro 64-bit and Win 10 Pro 64-bit. But the O365 is only on the Win 7. And I installed the O365 after I had already had the dual-booting for some time. I don't think Win 10 has anything to do with it. Thanks.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Monday, April 3, 2017 5:05 PM
    Monday, April 3, 2017 5:04 PM
  • Do you have any policies being pushed to your PC or via GPEdit by chance?

    I've seen the ink thing somewhere but can't recall where.  As for removing/reinstalling...after I completely removed using the supposed full removal tool, I was unable to install at all.

    I'll let you know if I have any breakthroughs and please do the same.   Thx

    Tuesday, April 4, 2017 5:40 AM
  • No policies other than CryptoPrevent, which I set to "None" and reboot before updating or re-installing.

    Deal!


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Tuesday, April 4, 2017 10:33 AM

  • New update on April 16, 2017 -

    Nothing has ever worked to stop the "cannot modify the protected key" warnings.  The new Update Now yesterday to this O365 Home generated the same 41 Warnings.

    So, today, after first creating a restore point, I DELETED the 41 keys, then went to Control Panel -- Programs and Features -- right-clicked Microsoft Office 365-en us and did a Repair - Online.

    No help.  In fact, it caused new problems, so I Restored from the restore point and went back to where I was.

    What in tarnation is "protecting" those keys? 

    Ideas?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.




    • Edited by glnzglnz Sunday, April 16, 2017 11:23 PM
    Sunday, April 16, 2017 11:21 PM
  • Bump.

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Saturday, April 22, 2017 8:08 PM
  • Have you considered using subinacl.exe to change ownership and permissions on the registry keys with which you are having the problems?  I've found that once I change registry keys from Trusted Installer to Administrators as owner and give System and Administrators full rights, I do not have to change ownership back to Trusted Installer.  Trusted Installer should already have full rights.  If not, then give full rights.

    to achieve the status listed above, you can do each registry key as a single line in a batch file.  I routinely change many registry keys to Administrators ownership with single subinacl lines without problems.  For example I change the registry key and all subkeys for HKEY_CLASSES_ROOT\CLSID to Administrators as owner and give full control to Administrators and System as well as trusted Installer.  I do this so that I can edit the properties of DCOM entries without having to search for and change the properties of each CLSID that is the subject of a 10010 errors.  If your 41 registry keys are found in one section of the registry, it should make it fairly easy to come up with a batch file to change all the keys with only a few batch file lines.

    If you are concerned about leaving ownership as Administrators, you can always change ownership back to Trusted Installer with a second subinacl command key.  If you are not familiar with Microsoft's subinacl.exe program, you can Google it.  The program has an extensive onscreen detailed help display.  The subinacl.exe program works with all windows versions.

    Friday, May 5, 2017 2:32 PM
  • Richard - many thanks for your suggestion.

    I have previously added Full Control Permissions for Administrator to each of these keys but with no luck.  Please go up a bit in this thread to Tuesday, March 28, 2017 3:02 PM and read that post and a few following.

    (MSFN gave me a tool to run anything as TrustedInstaller.  So I ran regscanner64 and regedit as TrustedInstaller and added Full Control Permissions to Administrator without changing Ownership - so Ownership stays with TrustedInstaller.)

    And you write "Administrators", but do you mean "Administrators" or "Administrator" ?

    But please let me know if you think I'm missing something or doing something wrong!


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Friday, May 5, 2017 3:35 PM
  • Bump.  I continue to get the protected key warnings whenever O365 runs an update.

    Any ideas, anyone?  Thanks.


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Monday, July 3, 2017 1:05 PM
  • Still stuck with this.  Any ideas, anyone?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Monday, July 3, 2017 1:06 PM
  • Hi glnzglnz...I'm back ... Any update on getting this fixed?

    The poster above who mentioned subinacl is the tool I was thinking of when I mistakenly mentioned accesschk.  Subinacl is an excellent method of performing mass maintenance on the registry.  As for your question a couple posts up, Administrators (plural) is what you want to use.

    I'm having the issue now on two PC's, one Win 8.1 and the other Win10.  I'm thinking about what might be the common denominator in our issues...You're using Dell and I'm using Lenovo Thinkpad.  Do you have a touch screen?  Do you run Evernote?  I had the ink error with Evernote & Outlook crashing at one time but IIRC that was related to EN and fixed by them.  

    I'd like to solve the Office 16 problem on my machine as well and if I have some time I may see what I can conjure up with subinacl.  I'll def follow back up if I have any success.

    Friday, October 20, 2017 8:43 PM
  • LAX-777 -- nothing new here - every update of anything in Office re-triggers those 41± Warnings.

    Please do try subinacl and let us know whether it helps!

    Question - subinacl seems to have been designed for older OSes.  Will it work in the registry for Win 7 Pro 64-bit?


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 8GB RAM, Win 7 Pro 64-bit and now Office 2016.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    • Edited by glnzglnz Friday, October 20, 2017 11:47 PM
    Friday, October 20, 2017 11:46 PM
  • Sorry - still not fixed - bump.  Anyone have any good suggestions?

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 8GB RAM, Win 7 Pro 64-bit and now Office 2016.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    • Edited by glnzglnz Sunday, November 19, 2017 4:06 PM
    Sunday, November 19, 2017 3:58 PM
  • Sorry, I never got any notifications on posts to this thread.  Subinacl.exe works with all windows versions through windows 10.  It gives a display for how many keys are actually changed and how many are not changed due to be write protected such as Anti-virus files, etc.

    I assume this may be posted too late to be useful information.

    Tuesday, January 16, 2018 8:32 PM
  • I had to change my ID from RichardSchaefer_895 to RichardtheGeek.
    Tuesday, January 16, 2018 8:33 PM
  •  

    Richard - could you post here a few links explaining subinacl.exe (or where to go to get it and run it)?

    Especially how it might help me UNprotect those keys so they CAN be modified in the next O365 update.

    Thanks!

     


    glnzglnz ► In the office, Dell Optiplex 7010 with 8GB RAM, Win 7 Pro 64-bit and now Office 2016. ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Tuesday, January 16, 2018 10:36 PM
  • The MS download site is: https://www.microsoft.com/en-us/download/details.aspx?id=23510

    The documentation on that page only discusses older versions of Windows, but I have consistently used it on my computers (5) and my clients computers with windows 7, 8.1, and 10.  There are no problems with its use on newer Windows versions.  You can google the program to get reviews on using it.  Here is an article on Subinacl usage:

    https://www.petri.com/subinacl-download-deployment

    Let me know if I can help more.

    Tuesday, January 16, 2018 11:05 PM
  •  

    Still the same here - every update of anything in Office re-triggers those 41± Warnings.

    I don't recall using subinacl, but I did use something similar in attempts to get those keys to be modifiable, but no luck.


    glnzglnz ► In the office, Dell Optiplex 7010 with 8GB RAM, Win 7 Pro 64-bit and now Office 2016. ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Friday, May 18, 2018 12:51 PM
  • I don't know what to say if Subinacl.exe can't resolve the issue.  You may need to look into what is causing the warnings rather than trying to resolve the issue with something like Subinacl to change permissions.
    Friday, May 18, 2018 3:20 PM
  •  Still an issue with every update of O365
    • Edited by glnzglnz Wednesday, July 4, 2018 12:00 PM
    Wednesday, July 4, 2018 11:36 AM
  • Bump

    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Wednesday, July 4, 2018 12:00 PM
  • I can provide you with a batch file that will change ownership of the keys in question to Administrators and give full rights to System and Administrators.  I can add lines to change the keys ownership back to trusted installer, but that will take some time to test before providing it.  It is a brute force batch file.  It changes all CLSID and AppID entries under the HKCR and HKLM keys.  Whenever I've used it, I've left the owner as Administrators since Administrators, System, and Trusted Installer all have full rights to the keys when the batch file completes.  However, I can add lines to the batch file to return ownership to Trusted Installer if you want.  I have never run into problems by leaving Administrators as owner of these keys.  I developed the batch file to change ownerships to resolve Event ID 10010 and 10016 DCOM errors, but it should also serve your purposes as long as your issue is in the CLSID and/or AppID subkeys.  Let me know if you think it may help. 

    The batch file also does a reload (lodctr /R) and resyncperf (winmgmt.exe /RESYNCPERF) of the WMI entities before starting with the ownership changes.
    Wednesday, July 4, 2018 1:47 PM
  •  

    Richard - Thanks.

    Please send your dangerous batch file.

    However, if you have nothing else to do this Holiday and feel like reading all of this thread, abut a year ago I did change ownership and permissions on the affected keys but still got the errors when I next ran an update to Office.

    Meantime, also today, over in the MS Answers Community, another good citizen suggested "MS Utility against Office https://diagnostics.outlook.com/#/"

    Well, I have now run it twice, and the second time (after turning off FoolishIT's CryptoPrevent and rebooting) was a smooth run.  I won't know if it "worked" until there is another Update for Office, so we'll see.

     


    glnzglnz
    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Wednesday, July 4, 2018 3:15 PM
    Wednesday, July 4, 2018 3:14 PM
  • I got a kick out of the way you stated "dangerous batch file".. The link below will take you to the batch file and subinacl.exe.  The batch file and subinacl must be on the C: or D: drive in a folder named "test" in order to function properly.  Also, it will write a log file to the test folder.

    I've used this batch file on every system I've owned and many of my clients units and never had a problem.  I never seriously thought about returning ownership to Trusted Installer so the batch file does not do that.  Any regkeys that are not in CLSID or AppID folders or subfolders will not be changed.

    You can copy the files from: https://1drv.ms/f/s!AibPeeUZ7fkewQeaYLSXjpFAhK03

    The link is good only for 3 days starting today.  Good luck with resolving the issues.
    • Edited by RichardtheGeek Wednesday, July 4, 2018 4:40 PM explanation
    Wednesday, July 4, 2018 4:38 PM
  •  

     Richard - Thanks.

    I shall first wait to see if the next update is miraculously OK now that I ran the "diagnostics" I mentioned above, but shall return to this if it's another fail.

     


    <p>glnzglnz <br/> <font color="#A52A2A">► In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010.<br/> <font color="#0000FF">► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.<br/> <font color="#006400">► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.</font></font></font></p>

    Wednesday, July 4, 2018 4:58 PM
  • I'd just like to share I'm having the same problem on a server 2012 r2 box running terminal services and a volume copy of office 2016.

    That being said server 2012 is basically windows 8, and office 2016 is basically office 365, at least for now.

    Keep me updated. Just following.

    Thanks

    Thursday, July 5, 2018 9:52 PM
  •  

    Daadian - how many errors or warnings each time?

     


    glnzglnz

    ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010.
    ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit.
    ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.



    • Edited by glnzglnz Friday, July 6, 2018 1:36 AM
    Friday, July 6, 2018 1:31 AM
  •  
    On July 4, 2018, a few posts above, I noted that 'over in the MS Answers Community, another good citizen suggested "MS Utility against Office https://diagnostics.outlook.com/#/" '.

    Well, I have now run that utility a number of times, and on the latest Update of my O365 (after running the utility), I have only 21 Warnings, and those are three Warnings for each of seven registry keys.  So the situation is improved.

    I have now gone into the Permissions of each of those seven registry keys and added Everyone - Full Control.

    So let's see what happens the next time there's an Update to O365.  Stay tuned.

    (And that suggested utility is clearly good for a LOT of situations.)

    By the way, those seven registry keys are:

    Software\Classes\CLSID\{3050F667-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
    Software\Classes\CLSID\{3050F819-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
    Software\Classes\CLSID\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\InprocServer32
    Software\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32
    Software\Classes\CLSID\{3050F391-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
    Software\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32
    Software\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32
     



    <p>glnzglnz<br>
    <font color=#A52A2A>? In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010<br>
    <font color=#0000FF>? At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit<br>
    <font color=#006400>? Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003</font></font></font></p>
    • Edited by glnzglnz Sunday, July 22, 2018 8:25 PM
    Sunday, July 22, 2018 8:23 PM
  • UPDATE - NO LUCK - The same seven keys would not accept three modifications each.

    Any ideas?

     

    glnzglnz &lt;br/&gt; ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. &lt;br/&gt; ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. &lt;br/&gt; ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.<br/> glnzglnz<br/> <font color="#A52A2A">► In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010<br/> <font color="#0000FF">► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit<br/> <font color="#006400">► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003<br/> </font></font></font>

    Friday, July 27, 2018 2:44 PM
  • glnzglnz,

    Sorry to hear you are still having some registry key failures.  If you have executed my Set_DCOM_ACLs batch file, then I really don't have any other suggestions.  At lease you have dramatically reduced the number of errors to 7 keys.  As a test I went to the HKCR\CLSID\{3050f667-98b5-11cf-bb82-00aa00bdce0b} and set the desired permissions for this key and subkeys to Administrators as owner with Administrators, System, and Trusted Installer as full.  This automatically changed the HKLM (Software\Classes\CLSID\{3050F667-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32) entry also.  I experienced no errors or access denied and permissions were set properly.  I really don't understand what can be going on with your system.  Good luck.

    Friday, July 27, 2018 4:35 PM
  • Richard - thanks for attention here.

    Although I had added "EVERYONE" with Full Control to Permissions for the seven keys, maybe I have to re-check that Administrators, System and Trusted Installer also have Full Control.  (Maybe EVERYONE isn't enough.)

    I haven't run your batch file because I HAVE successfully changed the Permissions of these keys (to add "EVERYONE" with Full Control) although I left the Owner as whatever it was before (Trusted Installer probably).  (I used a special batch file which makes me Trusted Installer before I change Permissions so I don't have to change the Owner back and forth each time.  See < THIS THREAD >.

    I am NOT a tech but I understand that what counts here are Permissions and not Ownership.  That is, if EVERYONE has "Full Control", why do we care who is the Owner?

    But correct me if I'm wrong about that.  And if I'm wrong, then who should be the Owner?


    glnzglnz &lt;br/&gt; ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. &lt;br/&gt; ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. &lt;br/&gt; ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.<br/> glnzglnz<br/> <font color="#A52A2A">► In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010<br/> <font color="#0000FF">► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit<br/> <font color="#006400">► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003<br/> </font></font></font>


    • Edited by glnzglnz Friday, July 27, 2018 4:50 PM
    Friday, July 27, 2018 4:48 PM
  • The reason we usually need to change the owner is because you need to be the owner in order to change any permissions.  The program you are using does the reserve.  It makes you Trusted Installer and you can make changes in permissions because, through impersonation, you are the owner as Trusted Installer.  Changing the permissions in that manner should be acceptable to accomplish what you need to do with the permissions.  You can have full access on some keys, but if you are not the owner, you cannot change permissions on those keys for yourself or anyone else.  You would have full access to the program the key points to, but not to the permissions of the registry key(s) or DCOM Security keys themselves.  I think I explained this correctly.
    Friday, July 27, 2018 6:01 PM
  •  

    Richard - You mention "the registry key(s) or DCOM Security keys".

    I hadn't known about "DCOM Security keys".  What are they, and do you think they might be a source of the problem?


    glnzglnz <br/> ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. <br/> ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. <br/> ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.


    • Edited by glnzglnz Friday, July 27, 2018 8:46 PM
    Friday, July 27, 2018 8:46 PM
  •  

    Added note on odd aspects of seven registry keys that are “protected” and throw Warnings when I update Office 365 Home

    One of the seven is:

    Software\Classes\CLSID\{3050F667-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32

    Its “Advanced Security Settings” show the following (and this is after I gave Full Control to Everyone, Account Unknown and Users and made sure others had Full Control) – two screenshots:


    and

     

    NOTE HOW there are four DUPLICATE listings for SYSTEM, Administrators, Users and Account Unknown that say “Read”.  Two things:

    1. I cannot Edit those “Reads”.  Any attempt to double-click on any of those last four does not work – I just bounce back into the upper list that already says “Full Control”. (All other attempts to check the Permissions of the upper part of the list indicate Full Control.)
    2. I cannot check “Replace all child object permissions with inheritable permissions from this object”.  If I do and hit Apply, it unchecks itself.

    I see these symptoms on at least four of the seven "protected" keys and a few of these symptoms on the other three.

    So, might this be connected to the reason I get warnings that these keys are protected and cannot be modified each time I update O365?


    glnzglnz <br/> ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. <br/> ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. <br/> ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.




    • Edited by glnzglnz Saturday, July 28, 2018 4:45 PM
    Saturday, July 28, 2018 4:40 PM
  • No, when you have permissions that are inherited from a higher level key, the permissions can not be edited.  You can add additional permissions and the object of the permissions will display 2 sets of permissions - 1 inherited and one belonging to the current key.  I'll write more on DCOM later or tomorrow.
    Saturday, July 28, 2018 8:06 PM
  •  

    Richard - apologies for a noob question:

    So, should I UNcheck the "Include inheritable permissions from this object's parent"?

    Would that make the four "Read" entries go away (maybe after I confirmed I want "Full Control")?

    Thanks.
     


    glnzglnz <br/> ► In the office, Dell Optiplex 7010 with 4GB RAM, Win 7 Pro 32-bit and Office 2010. <br/> ► At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit. <br/> ► Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003.

    Saturday, July 28, 2018 10:46 PM
  • No, don't uncheck it.  You want to propagate as many of these permissions as possible.  However, when permissions are inherited, you will have little control over them unless you go to the key that the permissions are inherited from.  If the Read permissions are inherited from the System key, then you would need to check the permissions on the system key to change them.  If the current key has Full permissions and has inherited Read permissions from a higher level key, don't worry about it.  The various permissions are additive.  The current key will still have full permissions.  Always look at the highest level of permissions for what is active for a specific key.
    • Edited by RichardtheGeek Sunday, July 29, 2018 3:18 PM correct spelling
    Sunday, July 29, 2018 3:17 PM
  •  
    Richard - thanks again, and what you write confirms something I saw this morning as I continued to google this aspect.

    So - having now given Full Control to every name in the explicit (not inherited) Permissions lists for these seven registry keys (including my addition of EVERYBODY a few weeks ago), I shall wait again until the next update from O365.  But from experience it will still be the same result.

    Then what?
     


    glnzglnz

    ☺ In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010

    ☻ At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit

    ♥ Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003



    • Edited by glnzglnz Sunday, July 29, 2018 10:30 PM
    Sunday, July 29, 2018 4:52 PM
  •  

    Also, is it relevant that all seven stubborn registry keys end with "InprocServer32"?

    When I started this philosophical-life struggle two years ago, an MS telephone tech person wrongly had me install the 32-bit version of O365 when I had always wanted the 64-bit version.  We UNinstalled the 32-bit and re-installed the 64-bit.

    So, is "InprocServer32" a holdover from the initial installation that should no longer be there?  (And keep in mind I have tried to do some VERY thorough UNinstalls and re-installs since then.)
     


    glnzglnz

    ☺ In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010

    ☻ At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit

    ♥ Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003

    • Edited by glnzglnz Sunday, July 29, 2018 10:31 PM
    Sunday, July 29, 2018 5:27 PM
  •  

    This is still a problem.  On every update of Office 365 Home 64-bit, I get the 21 Warnings that seven keys are protected.  On my Win 7 Pro 64-bit PC.

    In each key's Permissions, all accounts and "Everyone" have Full Control.

    I even did the same thing in each key's parent key!!

    No luck.

    WHAT IS PROTECTING THOSE KEYS????

    Recap - the seven stubborn keys are the following:

    Software\Classes\CLSID\{3050F667-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
    Software\Classes\CLSID\{3050F819-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
    Software\Classes\CLSID\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\InprocServer32
    Software\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32
    Software\Classes\CLSID\{3050F391-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
    Software\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32
    Software\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32

     


    glnzglnz
    ☺ In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010
    ☻ At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit
    ♥ Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003




    • Edited by glnzglnz Sunday, January 6, 2019 3:09 PM
    Sunday, January 6, 2019 3:02 PM
  • You or some software must have changed the permissions at one time or another.  The keys should originally be owned and controlled by Trusted Installer with all other listed entities having read permissions:

    You must take ownership of each key and give yourself full control.  I usually give ownership to Administrators and give Administrators and SYSTEM Full Control.  One of the only things that may change that back is an upgrade from one version to another such as Windows 10 Version 1803 to 1809, but you said you are on Windows 7.  I'll check a couple of those keys on my Windows 7 box.  If some software on your system is changing the ownership and control to Everyone, then you need to research how and why that is happening.  However, Ownership and Full Control by Everyone should still allow you to install software without access denied errors.

    If in you last message, if I misunderstood your meaning and you are stating that you changed the keys to Ownership and Full control to Everyone and you are still getting the errors, then I don't know what to say.  The Windows 7 update may have changed them back.  You can always put those changes into a .reg file to make it easier to apply them in the future.  Good luck.

    Sunday, January 6, 2019 5:49 PM
  • Richard - I changed all the Permissions to Full Control, and I also added EVERYONE with Full Control Permission - on all seven keys.

    The Owner is still Trusted Installer.

    This remains so even after updates - I checked.

    I am still getting the 21 Warnings.


    glnzglnz
    ☺ In the office, Dell Optiplex 7040 with 8GB RAM, Win 7 Pro 64-bit and Office 2010
    ☻ At home, Dell Optiplex 7010 with 16GB RAM dual-booting Win 7 Pro 64-bit (now with Office 365 Home) and Win 10 Pro 64-bit
    ♥ Also still have Dell Optiplex 755 with 4GB RAM with Win XP Pro SP3 (which still gets updates with the POS hack) and Office 2003

    Sunday, January 6, 2019 8:27 PM
  • I don't know if it will make a difference, but make your changes under the HKEY_CLASSES_ROOT key rather than the HKEY_LOCAL_MACHINE key.  I've checked my changes in more detail.  Though I've changed the {3050F819-98B5-11CF-BB82-00AA00BDCE0B} key the changes did not go down to the InprocServer32 key or its subkey.  Even after enabling inheritance at the {3050F819-98B5-11CF-BB82-00AA00BDCE0B}, the permissions did not propogate down to the InprocServer32 key.  When I changed the owner from SYSTEM to Administrators, I could not edit the current Administrators and SYSTEM permissions.  I had to add new entries for them:

    I can't duplicate your problem, but why don't you try edit the HKCR keys and make the changes I mentioned for the parent keys and subkeys for InprocServer32.  Make the owner Administrators assuming you are an administrators and keep it that way.  Whoever is the owner can change the permissions and you want to avoid changes that you don't make.  If I could duplicate the problem I would but this is as far as I can go with this issue at this time.  I just rechecked and once I changed Ownership to Administrators the permissions propogated dow to the InprocServer32 key and it's subkey.  I think I had to close and re-open the key:

    This has been going on with you for a long time.  I wish you success.


    Sunday, January 6, 2019 10:28 PM