A Painful Lesson

Well, I had an interesting last couple of days with Vista. I learned about how screwed up Vista can get with borked ACL's. It all started Friday morning, when a Windows update alerted me that there was an update for Windows Defender. These are usually lightweight updates that never seem to have any adverse effects. But... I also have an old flaky cable modem, a Linksys BEFCMU10, which is no longer on our ISP's list of supported modems. I have been researching getting this replaced, but haven't made a decision about which modem to go with yet. Anyhoo, I was working at the computer on Fri. morning, when WU asked to install the Defender update, and I told it to go ahead. After it installed, I noticed that my internet quit working and my Norton Ghost icon changed, indicating that it could no longer communicate with the Ghost service. I fiddled with it awhile and concluded that the WU had damaged something that used to work, though I didn't know what. So I decided to just undo the WU by using Windows' ability to Restore from a Restore Point, which the WU created as it was installing. Reboot, and no problem, right? Wrong. After the computer rebooted, the internet still didn't work, Ghost was still unhappy, and not only that, I found that my VPN network icon no longer worked, giving Access Denied when I clicked on it. I had just been using the VPN prior to the WU. Not good. Digging deeper, I learned that the Event Log service was not running, and would fail immediately when I would try to start it. That is very bad, as the Event Log is where error information is supposed to go. What to do? I googled the error message I was getting from trying to start the Event Log service, which was

Error 4201: The instance name passed was not recognized as valid by a WMI data provider

Forum threads such as this Microsoft Technet one indicated that it was a permissions problem on certain folders or files, or else it was an ACL problem. I tried a few things with permissions, but nothing was helping. The suggested ACL fixes are complicated and may not have worked anyway. So, I decided to just restore that whole computer from a backup. I just happened to have a 2-day old Ghost backup image of the drive, so that was good to restore from. Trouble is, it is on my Buffalo Terastation NAS drive, and I only have a 100 mbit NIC in this computer. When I booted up from the Ghost CD, it started to do a verify of the image before the restore. It estimated 15 hours... yowzer. Well, we were leaving for the 4th of July weekend anyway, so I just turned off the monitor and left for vacation. There is a checkbox in Ghost to tell it to reboot when it is done restoring, and I told it to go ahead, expecting that when I returned, I would see the usual login screen and everything would be fixed. But guess what? When I got back late last not, the problem was STILL THERE. WHAT?!!! This problem was NOT there when I made the backup on Wednesday. What's going on? Oh... did I mention that I also have a RAMDisk, and I have all of our temp directories pointed there, along with all of the browser cache files going there? When I upgraded to Vista 64, Superspeed required that I get a new license for Vista. It is not a license that you can get immediately. You have to send them an email, then they respond back with the key. In the meantime, you can run the software in trial mode for 30 days, at which time it expires and quits working. Here is the genesis of my trouble: I neglected to update the license key for the RAMDisk and it quit working right at the end of June. Therefore, the temp file locations were no longer valid because the drive was no longer there. Now here is the 1st lesson that I learned about Vista: If you boot up your computer with the temp file location unavailable, the Event Log service will not start up, and all sorts of other nasty inexplicable problems crop up. I noticed that this was a problem, but unfortunately, the Ghost image was not created with the RAMDisk license info installed. What I decided to try, and really hoped would work, was to predate the computer to mid-June, before restoring the backup. That way, when the computer booted up, it will think it was June and the RAMDisk would be active, thus having a valid temp file location. I also disconnected the computer from the internet, in case Vista would try to fix the time using a time server. To speed things up, I copied the network Ghost image to the D: drive on the computer, and restored from there. Then crossed my fingers. I was happy to find that this worked perfectly, and I now have a fully functioning Vista again. Oh... and the original internet problem... It was not WU at all, it was the stupid cable modem, and only needed to reset it to make it work again. The 2nd thing I learned was: Don't procrastinate on entering license keys. The 3rd thing: Norton Ghost is worth its price in times like this.