APPLE: Fix for iTunes error – The registry settings used by the iTunes drivers for importing and burning CDs and DVDs are missing
Sep 27th
***Update 11/7/2009 – Am additional step that may help a few of you who were unable to resolve the issue after following the steps in the original post. Follow the original steps in the post and then do the step in RED at the bottom of the post
***********************************************************************
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/itunes_logo NULL.jpg) Today’s post covers an iTunes error that seems to be a fairly common issue with iTunes, however, if you look on the Apple site there doesn’t seem to be an answer other than download the latest version and reinstall.
“ERROR: The registry settings used by the iTunes drivers for importing and burning cds and DVDs are missing… Please re-install iTunes”
The problem with the update/reinstall solution is that (as many have reported) it doesn’t fix the problem.
I received a call from a family member asking for assistance with fixing this today. Here is what I did and was able to get it corrected without having to reinstall iTunes.
- Make sure that iTunes is closed and if you have an iPod that it isn’t connected to the pc during this fix.
- Go to the GEAR Software website http://www.gearsoftware.com/support/drivers.cfm (http://www NULL.gearsoftware NULL.com/support/drivers NULL.cfm) and download the latest GEAR drivers (iTunes uses GEAR software drivers for importing and burning CD’s & DVD’s)
 (http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/gearsoftware NULL.jpg) |
From the GEAR website - http://www.gearsoftware.com/support/drivers.cfm (http://www NULL.gearsoftware NULL.com/support/drivers NULL.cfm) The file you need to download and install is showing (on Left) next to the arrow. |
3. Install the GEAR software that you downloaded. You can use all default settings
4. Once you install the GEAR software, the next step will require you to adjust a setting in your registry**
**THE REGISTRY CONTROLS HOW YOUR PC FUNCTIONS, MAKING CHANGES TO YOUR REGISTRY WITHOUT KNOWING WHAT YOUR DOING CAN CAUSE CHANGES THAT WILL DAMAGE YOUR WINDOWS INSTALL AND COULD KEEP YOUR PC FROM BOOTING. FOLLOW MY STEPS EXACTLY AND DO NOT MAKE ANY OTHER CHANGES UNLESS YOUR ARE ABSOLUTLY SURE YOU KNOW WHAT YOUR DOING. THIS IS YOUR WARNING.
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/runboxxp NULL.jpg)Go to Start –> Run
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/regeditbox NULL.jpg)
In the run box type Regedit and click ok
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/regeditfind1 NULL.jpg)
In the regedit box click on edit and the click on Find
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/regeditfind2key NULL.jpg)In the find window type 4D36E965-E325-11CE-BFC1-08002BE10318 the click ok
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/regeditfind3result NULL.jpg)
In the window on the left you will see the key highlighted. Look on the right window for a listing for UpperFliters. If you don’t see it right click in the middle of the right box and select Multi String Value and call it UpperFilters.
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/regeditfind3key NULL.jpg)
If its already there (or once you have added it) right click on UpperFilter and left click on Modify
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/regeditfind4change NULL.jpg)
In the window that opens you will see InCD or something similar. Remove what’s listed and add GEARAspiWDM in the Value data window and hit enter. The click ok and then click on the X on top right to close registry.
****************************New Step:****************************************
- This step requires that your pc be set up to show extensions for known file types. Which means if you look at any file in your c:\ drive it will show up as afs.sys not just afs. If you don’t see the .sys or .exe or .doc, etc when looking at your files please see TGM post “Showing hidden files, folders and extensions” ( http://techgeekandmore.com/2009/10/24/software-showing-hidden-files-folders-and-extensions-in-windows-vista-and-windows-7/ (http://techgeekandmore NULL.com/2009/10/24/software-showing-hidden-files-folders-and-extensions-in-windows-vista-and-windows-7/)) and follow those steps 1st.
– Once you know you can see the file extensions, open My computer –> C:\ –> Windows –> System32 –> Drivers. In the drivers folder look for a file called afs.sys (There is also one called afd.sys, do not touch that one). If you don’t see afs.sys, then close the Window and restart iTunes.
– If you do see afs.sys, right click it and select rename, and then rename the file to afs.txt. This file (from a company called Oak Technologies) will be there if you have iTunes or Norton Ghost, or Norton 360 (even if you have uninstalled the program). Once you rename that file (notice how I’m saying rename NOT delete). Restart your computer
******************************************************************************
Once pc has restarted – restart iTunes and issue should be resolved.
Tech: Solution to the Symantec PCAnywhere AW_Host.SYS error
Sep 23rd
(http://www NULL.symantec NULL.com/) A problem I regularly find with clients who use PCAnywhere is that during pc startup or when PCAnywhere itself is started you get the error message “"pcAnywhere has had a compatibility problem with your system. AW_HOST.SYS has been disabled. To re-enable, choose Options from the Tools menu. On the Host Operation property page, change the video mode to ‘Accelerator Enabled’" or a message that says "unknown error loading device drivers." . The following solution will take care of the problem quickly and easily.
- Open PCAnywhere and run Live update (Located under the help section in all versions of PCAnywhere that I can recall).
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/liveupdate NULL.jpg) 2. Modify the Windows AW_HOST registry key by clicking on Start > Run.
3. In the Run dialog box, type the following text: regedit then click OK.
4. In the Registry Editor dialog box, go to the key:
HKEY_LOCAL_MACHINE>System>CurrentControlSet>Services>AW_HOST
5. In the right pane, click Start.
6. On the Edit menu, click Modify.
7. In the Edit DWORD Value window, change "Value Data" to 1. Then Click OK.
8. Close the Registry Editor.
Information is based on Symantec Document ID:2003082808432312 (http://service1.symantec.com/SUPPORT/pca.nsf/ppfdocs/2003082808432312?Open&dtype=corp&src=&seg=&om=1&om_out=prod) (http://service1 NULL.symantec NULL.com/SUPPORT/pca NULL.nsf/ppfdocs/2003082808432312?Open&dtype=corp&src=&seg=&om=1&om_out=prod)
Tech: PBS Website compromised for a time and used to infect pc’s
Sep 22nd
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/computer_cartoon1 NULL.jpg) Over the past few weeks I’ve seen a rise in calls from clients that got malware infections on their pc’s. They all ask the same thing, “how did I get infected, when I know better and don’t open attachments, and follow all those things everyone says your supposed to do to be safe”. I’ve had to explain that the latest way that the bad guys are using to get to your machine involves them using exploits to infect websites that people visit every day and use the legitimate website to infect your pc.
If what is occurring still doesn’t make sense to you, think of it this way –
No matter where you live, everyone has seen a news story about someone who shows up to a home dressed like the water company or cable company employee telling you that they need to access you house to check something or access your back yard to fix something and then once you let them in they do something like rob you (and hopefully that’s all they do). Well what is occurring in the computer world is the same thing.
The Pure wire blog (http://blog.purewire.com/bid/20389/PBS-Website-Compromised-Used-to-Serve-Exploits (http://blog NULL.purewire NULL.com/bid/20389/PBS-Website-Compromised-Used-to-Serve-Exploits)) has a story about PBS that occurred last week (and PBS has since fixed this) but this just shows how you could still get infected even with taking all the “best practices” precaution.
From the story:
On Monday of this week, Purewire’s Malicious Javascript Detection (MJD) engine identified malicious activity originating from a page that belongs to the popular website pbs.org. Specifically, attempts to access certain PBS website pages yielded javascript that serves exploits from a malicious domain via an iframe.
A forensic analysis of this attack revealed that the user requested the following:
hxxp://www.pbs.org/parents/curiousgeorge
which in turn requested:
hxxp://dipsy.pbs.org/parents/ptframe/images/bground-leaderboard.jpg
instead of:
hxxp://www.pbs.org/parents/ptframe/images/bground-leaderboard.jpg
Accessing the image off of dipsy.pbs.org requires login credentials, as shown in the following screenshot.
PBS Login PromptIf correct credentials are not provided, dipsy.bps.org serves an error page that looks normal:
… until you look under the hood. The end of the error page’s source:
contains obfuscated javascript placed there by a malicious third party. Deobfuscated, this code writes an iframe that loads malicious javascript from the following malicious URL:
hxxp://qxfcuc.info/f.cgi?jzo
The above URL serves exploits that target a variety of software vulnerabilities, including those in Acrobat Reader (CVE-2008-2992 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=2008-2992), CVE-2009-0927 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2009-0927), and CVE-2007-5659 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2007-5659)), AOL Radio AmpX (CVE-2007-6250 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2007-6250)), AOL SuperBuddy (CVE-2006-5820 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2006-5820)) and Apple QuickTime (CVE-2007-0015 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2007-0015)).
The domain qxfcuc.info is part of a malware campaign that includes tens of similar websites hosted off of a handful of common IP addresses. Similar exploit code was served from most of these domains, although a handful (e.g., yyoqny.info) display a message that suggests the criminal behind this campaign is compromising systems to build a botnet he will likely later lease. Translated from Russian, that message tells prospective leasers to "Send a message to ICQ #559156803; stats available under ststst02."
How To: Surviving using Windows without a mouse (Keyboard shortcuts)
Sep 21st
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/microsoft NULL.jpg) I have run across an issue with a couple of clients recently where due to either virus infection or mouse/pc connection failure we could not get a working mouse on the pc. I have been around for a while, and I still remember many of the keyboard shortcuts since back in the “old school” days a mouse was not really considered as indispensable as it is today (Anyone remember the Microsoft serial mouse?)
(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/09/microsoftserialmouse NULL.jpg)
While attending to these clients, the same question kept coming up “You can do that with a keyboard?”, and since I was asked that enough times I figured that I should post the list of Keyboard shortcuts.
This list is from Microsoft Article ID: 126449 (http://support.microsoft.com/kb/126449 (http://support NULL.microsoft NULL.com/kb/126449)). I find many of these short cuts faster than reaching over and clicking on my mouse.
Windows system key combinations
- F1: Help
- CTRL+ESC: Open Start menu
- ALT+TAB: Switch between open programs
- ALT+F4: Quit program
- SHIFT+DELETE: Delete item permanently
- Windows Logo+L: Lock the computer (without using CTRL+ALT+DELETE)
Windows program key combinations
- CTRL+C: Copy
- CTRL+X: Cut
- CTRL+V: Paste
- CTRL+Z: Undo
- CTRL+B: Bold
- CTRL+U: Underline
- CTRL+I: Italic
Mouse click/keyboard modifier combinations for shell objects
- SHIFT+right click: Displays a shortcut menu containing alternative commands
- SHIFT+double click: Runs the alternate default command (the second item on the menu)
- ALT+double click: Displays properties
- SHIFT+DELETE: Deletes an item immediately without placing it in the Recycle Bin
General keyboard-only commands
- F1: Starts Windows Help
- F10: Activates menu bar options
- SHIFT+F10 Opens a shortcut menu for the selected item (this is the same as right-clicking an object
- CTRL+ESC: Opens the Start menu (use the ARROW keys to select an item)
- CTRL+ESC or ESC: Selects the Start button (press TAB to select the taskbar, or press SHIFT+F10 for a context menu)
- CTRL+SHIFT+ESC: Opens Windows Task Manager
- ALT+DOWN ARROW: Opens a drop-down list box
- ALT+TAB: Switch to another running program (hold down the ALT key and then press the TAB key to view the task-switching window)
- SHIFT: Press and hold down the SHIFT key while you insert a CD-ROM to bypass the automatic-run feature
- ALT+SPACE: Displays the main window’s System menu (from the System menu, you can restore, move, resize, minimize, maximize, or close the window)
- ALT+- (ALT+hyphen): Displays the Multiple Document Interface (MDI) child window’s System menu (from the MDI child window’s System menu, you can restore, move, resize, minimize, maximize, or close the child window)
- CTRL+TAB: Switch to the next child window of a Multiple Document Interface (MDI) program
- ALT+underlined letter in menu: Opens the menu
- ALT+F4: Closes the current window
- CTRL+F4: Closes the current Multiple Document Interface (MDI) window
- ALT+F6: Switch between multiple windows in the same program (for example, when the Notepad Find dialog box is displayed, ALT+F6 switches between the Find dialog box and the main Notepad window)
Shell objects and general folder/Windows Explorer shortcuts
For a selected object:
- F2: Rename object
- F3: Find all files
- CTRL+X: Cut
- CTRL+C: Copy
- CTRL+V: Paste
- SHIFT+DELETE: Delete selection immediately, without moving the item to the Recycle Bin
- ALT+ENTER: Open the properties for the selected object
To copy a file
Press and hold down the CTRL key while you drag the file to another folder.
To create a shortcut
Press and hold down CTRL+SHIFT while you drag a file to the desktop or a folder.
General folder/shortcut control
- F4: Selects the Go To A Different Folder box and moves down the entries in the box (if the toolbar is active in Windows Explorer)
- F5: Refreshes the current window.
- F6: Moves among panes in Windows Explorer
- CTRL+G: Opens the Go To Folder tool (in Windows 95 Windows Explorer only)
- CTRL+Z: Undo the last command
- CTRL+A: Select all the items in the current window
- BACKSPACE: Switch to the parent folder
- SHIFT+click+Close button: For folders, close the current folder plus all parent folders
Windows Explorer tree control
- Numeric Keypad *: Expands everything under the current selection
- Numeric Keypad +: Expands the current selection
- Numeric Keypad -: Collapses the current selection.
- RIGHT ARROW: Expands the current selection if it is not expanded, otherwise goes to the first child
- LEFT ARROW: Collapses the current selection if it is expanded, otherwise goes to the parent
Properties control
- CTRL+TAB/CTRL+SHIFT+TAB: Move through the property tabs
Accessibility shortcuts
- Press SHIFT five times: Toggles StickyKeys on and off
- Press down and hold the right SHIFT key for eight seconds: Toggles FilterKeys on and off
- Press down and hold the NUM LOCK key for five seconds: Toggles ToggleKeys on and off
- Left ALT+left SHIFT+NUM LOCK: Toggles MouseKeys on and off
- Left ALT+left SHIFT+PRINT SCREEN: Toggles high contrast on and off
Microsoft Natural Keyboard keys
- Windows Logo: Start menu
- Windows Logo+R: Run dialog box
- Windows Logo+M: Minimize all
- SHIFT+Windows Logo+M: Undo minimize all
- Windows Logo+F1: Help
- Windows Logo+E: Windows Explorer
- Windows Logo+F: Find files or folders
- Windows Logo+D: Minimizes all open windows and displays the desktop
- CTRL+Windows Logo+F: Find computer
- CTRL+Windows Logo+TAB: Moves focus from Start, to the Quick Launch toolbar, to the system tray (use RIGHT ARROW or LEFT ARROW to move focus to items on the Quick Launch toolbar and the system tray)
- Windows Logo+TAB: Cycle through taskbar buttons
- Windows Logo+Break: System Properties dialog box
- Application key: Displays a shortcut menu for the selected item
Microsoft Natural Keyboard with IntelliType software installed
- Windows Logo+L: Log off Windows
- Windows Logo+P: Starts Print Manager
- Windows Logo+C: Opens Control Panel
- Windows Logo+V: Starts Clipboard
- Windows Logo+K: Opens Ke
yboard Properties dialog box - Windows Logo+I: Opens Mouse Properties dialog box
- Windows Logo+A: Starts Accessibility Options (if installed)
- Windows Logo+SPACEBAR: Displays the list of Microsoft IntelliType shortcut keys
- Windows Logo+S: Toggles CAPS LOCK on and off
Dialog box keyboard commands
- TAB: Move to the next control in the dialog box
- SHIFT+TAB: Move to the previous control in the dialog box
- SPACEBAR: If the current control is a button, this clicks the button. If the current control is a check box, this toggles the check box. If the current control is an option, this selects the option.
- ENTER: Equivalent to clicking the selected button (the button with the outline)
- ESC: Equivalent to clicking the Cancel button
- ALT+underlined letter in dialog box item: Move to the corresponding item
(http://www