Jump to content

I was asked you to make the new topic and that Ron will assist me further.


DoeZ

Recommended Posts

  • Replies 142
  • Created
  • Last Reply

Top Posters In This Topic

  • Root Admin

These errors can cause a lot of issues with the computer. As they are from yesterday they may be fixed already. But we need to check on that.

 

 

 

Error: (01/26/2015 09:34:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error

 

 

Error: (01/26/2015 08:38:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

 

 

 

 

Please restart the computer 2 times. Then temporarily disable your antivirus and uninstall MBAM using the clean removal process below.

 

Please uninstall your current version of MBAM and reinstall the latest version. MBAM Clean Removal Process 2x

 

 

After you have reinstalled MBAM and checked for updates, once again please restart the computer 2 times. Then run the Diagnostic scan again and post back the 3 NEW log files.

 

Again make sure you place a check mark in the Addition.txt check box and post back the logs when ready.

 

Thanks

 

Link to post
Share on other sites

I have just a few questions before I start this...and I apologize for the late start...I take care of my grandson and can't really do anything til his nap...

 

When you say "restart the computer 2 times" do you mean to click the restart tab or shutdown tab...2 times...

 

And after I uninstall the MBAM and reinstall the newest version of MBAM am I enabling my AV then too? Or do I leave that disabled?

 

And before I actually run the Diagnostic tests should I delete the old logs? I don't want to get any of them confused or anything...

Link to post
Share on other sites

  • Root Admin

Yes the computer needs to be fully shut down 2 times and logged on , recycled 2 times however you wish to think of it.

 

Yes please keep the antivirus disabled during MBAM removal and reinstall. Then after the reinstall of MBAM reboot the computer again.

Then check and temporarily disable your antivirus again and run FRST and MBAM CHECK and post back all 3 new logs. Yes you can delete the other logs if you like so as not to get confused.

 

Make sure you place a check mark in the Additions.txt check box for FRST to create the new logs.

 

Thank you

Link to post
Share on other sites

I am so very sorry for not being here for a few days. I've had a family emergency that I've been dealing with and I do apologize but that's a bit more important to me than anything else in this world. My 96 yr. old Gramma was admitted in the hospital and it's a touchy situation. But I do apologize for my absence and ask for your understanding if I don't reply back right away...as I might be at the hospital.

 

I uninstalled MBAM as per your request with your link and instructions and installed the new version with your link and instructions as well. (with the new updates) I rid my laptop of all the old files that I'm now replacing as I don't want any confusion happening and hopefully we can get to the bottom of this problem. So here are those 3 new logs you asked for. Again I apologize for the hold up.

 

FRST535.txt

 

Addition535.txt

 

CheckResults.txt

Link to post
Share on other sites

  • Root Admin

Well the current logs still show registry issues have not been resolved. Something is either blocking the Registry from reading and updating or it's corrupted. In either case it needs to be fixed.

I would suggest that you temporarily uninstall your current antivirus completely. Then reboot the computer 2 more times after the removal. Then run the FRST program again or check in the Event Logs and see if these errors still show up or not. If they go away with the removal of Panda  then Panda probably just needs to be relaxed some on the security. If the errors still continue with Panda removed then your only other choice may be to format the drive and reinstall Windows

 

 

 


Error: (02/02/2015 05:20:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error
 
Error: (02/02/2015 05:20:55 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5
 

 

 

The complexity of finding, preventing, and cleanup from malware
 

Link to post
Share on other sites

My AV is completely gone from my laptop and I ran that program...I honestly don't know how to read any of that altho I did see a lot of "error" and thought "Houston: We got a problem here" just from what I saw but who am I...I'm uncomfy with no AV and seeings how I think I saw alot of errors I'm gonna go ahead and put my AV back on and post my log for you and wait for what you think about all of this now.

 

 

FRST.txt

 

Addition.txt

 

 

Thanks again

DoeZ :blush:

Link to post
Share on other sites

  • Root Admin

Well at this point it really looks like you may have a corrupted registry there.

 

 

Error: (02/05/2015 07:06:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.




Error: (02/05/2015 04:47:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Unspecified error


System errors:
=============
Error: (02/05/2015 07:08:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5
 

 

 

Let me have you try the following and see if it can correct the issue or not. If it does not then about the only good choice you have would be to reinstall Windows. You could of course limp it along but in that case I would not trust the computer again for any type of operations sensitive in nature such as online banking or medical.

 

 

 

 

Download Portable Windows Repair (all in one) from one of the following:
 
http://www.tweaking.com/content/page/windows_repair_all_in_one.html
http://www.majorgeeks.com/Tweaking.com_-_Windows_Repair_Portable_d7222.html
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/
 
Unzip the contents into a newly created folder on your desktop.
 
Open the folder, run the tool by right click on Repair_Windows (icon with red briefcase) select "Run as Administrator"
 
 
tweak1.jpg
 
From the main GUI do the following:
 
 
Select Tab 5 and Create System Restore Point
 
 
tweak4.jpg
 
Select Start Repairs tab => Click the Start
 
 
tweak5.jpg
 
The repairs window will open, Check the boxes as indicated, also the "Restart" option, then select Start...
 
 
tweak6.jpg
 
DON'T use the computer while each scan is in progress.
 
Post the log, to access select "settings" tab > "open log folder" tab, log will be named _Windows_Repair_Log
 
 
tweak7.jpg
 
 
Let me see that log when done.

 

 

Link to post
Share on other sites

I'm gonna go ahead and do all of that but I wanted to ask you something first...and remember I'm not a pc geek by no means but I'm wondering if any of this could be related to maybe bad drivers? And correct me if I'm wrong...Cuz I like to know better...but are those drives the same drives that are what is connecting you to the internet via a modem/router? If I'm correct in all that...then I seriously think I have some major bad drivers. And just before posting this I was trying to find the log I was looking thru and it was explaining moreless how all these other...I'll say people...were connected to my router...their were several of them when in all actuality there's only 1 pc and 1 laptop and my cell that goes to my router and the 1 pc is off...it was pretty scary looking at it thinking that someone or some people are getting into my laptop maybe...Also whenever I would go into the Network & Sharing center I would look at the properties etc. and then run a diagnostics on it and every time after reading it it always says..."There may be a problem with your network" Just wanted to thro that out there and see if that could be any of this problem.

 

Ok I'm off to do your list. Be back soon.

Link to post
Share on other sites

  • Root Admin

It did a lot of fixes which is good. Now please restart the computer 2 times. Wait about 10 minutes between reboots so that we have a good time difference.

 

Then run the FRST scan again and make sure you place a check mark in the Addition.txt check box and post back both logs as attachments on your next reply

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

Houston...We have a problem :huh: I shut down my laptop the 1st time for about 15 mins. and then rebooted it...waited for about 3-4 mins and shut it down again...this time I shut it down for about 5 min then I rebooted it. I came here and downloaded the link you have for me above...saved it to me desktop and closed my browser...went to open up the program and this is what I get...see attachment...I also need to tell you that lately I've been trying to do certain things...like make a new folder and when I click to rename it...everything shuts down...and then comes back to where I was before I tried to change whatever...the name of a folder...this happens everytime now and now I have all these folders that say New Folder cuz it won't let me name it. Ugh...this is so frustrating...

 

 

 

post-181838-0-83270200-1423369753_thumb.

Link to post
Share on other sites

  • Root Admin

Your Panda Antivirus is detecting the FRST program as an infection. Please open Panda and go to the settings and remove it from Quarantine and then set FRST.EXE to be ignored by Panda.

 

Then you may need to download a new version of FRST to keep using it.

 

As I told you though we may be fighting a losing battle if this is due to a hardware issue. Please try as requested though and let me know.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

Well if that didn't take me all day to figure out...I really didn't know how to get Panda to ignore it other than to give it permission...so that took me awhile to figure out...remember I'm not a whiz here...just when I thought I had finally gotten it I got that stupid pop-up again...so I think finally I got it...I ended up disabeling my Panda Firewall and it worked no problem. So here's the logs...Should I turn Panda Firewall back on or Windows Firewall on?

 

 

FRST.txt

 

 

Addition.txt

Link to post
Share on other sites

  • Root Admin

The logs show that your  Windows Search is not working which may also be causing issues so let's try to fix that. As for disabling Panda I'm not sure as I don't use Panda and have not seen updates on what or how they've changed their interface.

 

Please go here and let Microsoft fix your Windows Search. You may need to disable Panda again to use it. Not sure.

 

https://support.microsoft.com/mats/windows_search/en-us

 

After you fix Windows Search then wait about 10 minutes and restart the computer and run the FRST scan again with the Addition.txt checked (remember to disable Panda temporarily)

 

When done make sure to re-enable Panda.

Link to post
Share on other sites

  • Root Admin

Well the errors have not gone away. There is still an ongoing issue with the Registry. At this point it's really up to you how you'd like to proceed.

 

I'll list some possible issues/ideas/concerns.

 

1. Bottom line main issue is that with unresolved registry issues the computer cannot be trusted to do anything sensitive such as online banking or medical, etc.

2. Left alone the computer may work and function seemingly okay for many programs that don't rely on the any affected keys or values.

3. Suggestion: Backup all user data to an external drive and then format the drive and reinstall Windows.

4. Take it to a local PC repair shop (not free) and have them try to resolve the issue.

5. Backup all user data to an external drive and disconnect the drive from the system. Then remove all security software and run a new full disk check and see if that resolves the error or not. If it does then that would be good and you could then reinstall security software and see if the error returns or not and act accordingly.

6. We could attempt to run some process monitoring tools to attempt to track this down further but that can be very time consuming for users with no experience using tools like that.

 

Please let me know what direction you think you'd like to take moving forward.

 

 

 

 

 


System errors:
=============
Error: (02/09/2015 05:55:49 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (02/09/2015 05:55:34 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Link to post
Share on other sites

Ok well I don't have an external hard drive...just a flash drive. I know I really need to reinstall windows etc...but I truly believe that I'm having alot of these issues because of my drivers...if that makes sense....I just ran the diagnosis from the Wireless Network Connection and it still tells me that I have a problem and I don't understand it honestly...other than saying I think I have the wrong driver? in my system for my network? The one file that was saved was the diagnostics file and I can't open it because it's a .etl file...and looking into a .etl file it can be opened by a thermalogger? or Windows Event Viewer and I don't know anything about either. But when looking thru the network and sharing center and again from just what I could see from that report...it looks like its showing a few other items? that could be connected and I have no idea who or what it is...one of the items mentioned was some kind of tunnel...and that doesn't look like it should be there at all...I know I'm probably not making much sense here but I just have that feeling that I have the wrong driver on this laptop and it's somehow corrupting my system. And once I can get rid of the driver and get the correct driver for my laptop and we do a clean reinstall of windows maybe everything will be fixed finally. Does any of this make sense to you? I know I might not have explained any of this in pc geek terms but I'm hoping that you get the jist of what I'm trying to say. :wacko:

Link to post
Share on other sites

  • Root Admin

Well a network driver if it was wrong would simply not allow you to connect to your router to get an IP address to get on the Internet so that is not the issue. You could certainly have issues with networking in general but again that is not what is generating these errors.

 

The issue or concern is that I want you to make sure you have all your data saved off to either a CD, DVD, Thumb-drive, or somewhere else just in case the restore process has any issues.

 

Once you have your data backed up then you can attempt to a factory restore if you like.

Link to post
Share on other sites

Ok well I just wonder why it always says I may have a problem with my network...I mean what does that mean?

 

I have a 32G flash drive I believe is what their called...and the only things I need to back up are my pics and doc which aren't many honestly...no music...I don't think I have to back up my dropbox cuz I can download it again and all my stuff will be there again for me...is there anything else I need to do?

 

I don't know how to do this and don't want to do this alone :(

Link to post
Share on other sites

  • Root Admin

Well unless you have another computer to stay online unfortunately at some point you would be alone. I can provide you links on how to do it but IF something were to go wrong with the network connection or driver and it could not get back online then you wouldn't be able to contact me for help unless you have another computer.

Do you have access via another computer if needed?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.