Jump to content

Recommended Posts

Hi,

I have 3.0.6.1469 version premium subscription.

For some reason, each time I switch on my PC the taskbar icon has a red !.  This never goes away unless I open the dashboard, and click on Update (it always says my updates are not current). The "update"  takes about 5 seconds, and then it says it's "updates current" (green tick).

Next time - same thing.

Component package version = 1.0.103

Update Package version = 1.0.1777

Any reason for this please?

Link to post
Share on other sites

  • Root Admin

Hello @dave1510

The computer has what appears to be a corrupted, or broken Windows Search - this may just be due to some type of disk corruption. A full disk check may fix it.

Error: (04/19/2017 08:11:42 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.


This could be temporary or could be that some other piece of software is conflicting. Needs further analysis to determine cause

Error: (04/14/2017 11:13:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Needs further analysis to determine cause
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

There appears to possibly be a policy set that has your System Restore disabled. This needs to be removed
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION

Appears to be a group policy restriction on the system as well
GroupPolicy: Restriction <======= ATTENTION
HKU\S-1-5-21-457163509-3813027254-3722488355-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-457163509-3813027254-3722488355-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202017213248849\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-457163509-3813027254-3722488355-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04212017212421930\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION


I would recommend trying to correct these issues and then trying a clean removal and reinstall of Malwarebytes and see if you're still having an issue or not.


Please click on the "Search the web and Windows" box.

win10search.jpg.ab49407705b2ffa8728339ae


Then type in CMD.EXE and when it shows on the start menu right click and select "Run as administrator"

 

cmd_prompt_run_as_administrator.jpg.252a

 

In the command prompt please type the following exactly.

CHKDSK  C:  /R

This will tell Windows to run a full disk check, however you'll get the following, telling you it cannot run because it's in use.

Press the Y key to tell it to run on the next restart of the computer.

 

Quote

Microsoft Windows [Version 10.0.10586]


(c) 2015 Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>CHKDSK C: /R
The type of the file system is NTFS.
Cannot lock current drive.

Chkdsk cannot run because the volume is in use by another
process.  Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N)

 

Then restart the computer and let it run.
Then find and copy the disk check entry from the Event Logs and paste back the results here.

How to Read Event Viewer Log for Chkdsk (Check Disk) in Windows 10

 

 

 

 

 

 

 

Please read and try the following. If the clean removal and reinstall works, great, if not then please post back all of the requested logs so we can check and see what's going on.

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - Malwarebytes mb-clean tool (NOTE: After uninstalling with the mb-claen tool you will be asked to reboot.  Once you reboot it will ask you if you want to re-install Malwarebytes, you can select YES or you can download the latest version (currently v3.0.6 CU4.1) to re-install from HERE)
  2. If that does not correct the issue, then please read the following and attach to your next reply the 4 requested logs - Diagnostic Logs (the 4 logs are: mbam logs zipped, FRST.txt, Addition.txt and mb-checkResult.txt)
  3. NOTE: More info about the latest Malwarebytes 3.0.6 CU4.1 HERE; MB 3 User Guide ONLINE; MB 3 User Guide PDF; MB 3 FAQ: Malwarebytes 3.0 - Frequently Asked Questions


Please let us know how it goes.

Thank you

Ron

Edited by AdvancedSetup
Link to post
Share on other sites

On ‎21‎/‎04‎/‎2017 at 11:31 PM, Porthos said:

@dave1510 is your computer off or sleeping for more than 24 hours at a time?

Hi,

Thanks - yes, sometimes my PC is switched off for more than 24 hours - this has never caused me any issue in the past. I have not had the issue for a few days, but today it is back, and the PC has been switched off for about 20 hours.

Thanks

 

Link to post
Share on other sites

On ‎22‎/‎04‎/‎2017 at 6:48 AM, AdvancedSetup said:

Hello @dave1510

The computer has what appears to be a corrupted, or broken Windows Search - this may just be due to some type of disk corruption. A full disk check may fix it.

Error: (04/19/2017 08:11:42 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.


This could be temporary or could be that some other piece of software is conflicting. Needs further analysis to determine cause

Error: (04/14/2017 11:13:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Needs further analysis to determine cause
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

There appears to possibly be a policy set that has your System Restore disabled. This needs to be removed
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION

Appears to be a group policy restriction on the system as well
GroupPolicy: Restriction <======= ATTENTION
HKU\S-1-5-21-457163509-3813027254-3722488355-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-457163509-3813027254-3722488355-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202017213248849\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-457163509-3813027254-3722488355-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04212017212421930\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION


I would recommend trying to correct these issues and then trying a clean removal and reinstall of Malwarebytes and see if you're still having an issue or not.


Please click on the "Search the web and Windows" box.

win10search.jpg.ab49407705b2ffa8728339ae


Then type in CMD.EXE and when it shows on the start menu right click and select "Run as administrator"

 

cmd_prompt_run_as_administrator.jpg.252a

 

In the command prompt please type the following exactly.

CHKDSK  C:  /R

This will tell Windows to run a full disk check, however you'll get the following, telling you it cannot run because it's in use.

Press the Y key to tell it to run on the next restart of the computer.

 

 

Then restart the computer and let it run.
Then find and copy the disk check entry from the Event Logs and paste back the results here.

How to Read Event Viewer Log for Chkdsk (Check Disk) in Windows 10

 

 

 

 

 

 

 

Please read and try the following. If the clean removal and reinstall works, great, if not then please post back all of the requested logs so we can check and see what's going on.

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - Malwarebytes mb-clean tool (NOTE: After uninstalling with the mb-claen tool you will be asked to reboot.  Once you reboot it will ask you if you want to re-install Malwarebytes, you can select YES or you can download the latest version (currently v3.0.6 CU4.1) to re-install from HERE)
  2. If that does not correct the issue, then please read the following and attach to your next reply the 4 requested logs - Diagnostic Logs (the 4 logs are: mbam logs zipped, FRST.txt, Addition.txt and mb-checkResult.txt)
  3. NOTE: More info about the latest Malwarebytes 3.0.6 CU4.1 HERE; MB 3 User Guide ONLINE; MB 3 User Guide PDF; MB 3 FAQ: Malwarebytes 3.0 - Frequently Asked Questions


Please let us know how it goes.

Thank you

Ron

Hi Ron,

Thanks for your reply.

I will run a disk check as you have advised.However, I am not too sure how to correct the other issues.

System Restore is switched on (the CU update switched it off.)

I cant seem to find an exact match for:

HKU\S-1-5-21-457163509-3813027254-3722488355-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202017213248849\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction 

but will run the disc check and report back before I start on registry stuff.

Thanks

 

 

 

 

HKLM SR.JPG

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.