Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Symantec AV install and 0000218 stop error


  • Please log in to reply
4 replies to this topic

#1 cholleman

cholleman

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 27 January 2010 - 01:18 PM

I need a little help concerning a stop error issue I'm seeing on some machines on my network.

Environment is WinXP Embedded and SAV Corp Ed. v10.1.5.5000 on a domain. SAV 10.1 has been installed and running on all out production machines since Feb/Mar 09 with no problems up until now.

Initally, the problem manifested itself when a machine was restarted. WINXP splash screen would show, then the logon screen, which was garbled. Eventually, we would just get a BSOD stop error c0000218 cannot load registry file/hive: sysroot\sys32\config\software is corrupt, unreadable, or not writable.

Restarting the machine and choosing Last Known Good Configuration would allow windows to load and the user to logon. If Symantec was uninstalled, the machine would be fine. You could re-boot/logon without a problem. With Symantec uninstalled, I tried re-installing and re-booting, but that just leads to the same problem once you reboot. Install is being done from the Symantec System Console on our AV server as a remote install, or by navigating to the network share that contains the install files and initiating the install from the client.

So I did a little bit of research on the net and it seems that the problem may lie in Symantec's writing to registry files during the shut down process. I located a program called UPHClean from M$ that is supposed to fix these types of issues and in their readme doc, it specifically states a Userenv 1517 error, that I also see in my App log. Why we're just now seeing this problem after so many months is beyond me. Symantec AV scans report nothing, as do the M$ MSRT, and I've even run MBAM.

I appreciate any help. This has been driving me crazy.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:08 AM

Posted 27 January 2010 - 02:04 PM

FWIW, http://support.microsoft.com/kb/307545.

Seems that there doesn't have to be a Symantec connection for this to occur.

Louis

#3 cholleman

cholleman
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 27 January 2010 - 02:10 PM

Doesn't make a lot of sense though. Install Symantec, PC won't boot. Uninstall, PC boots fine. FWIW, I have cloned backups that do this after re-installing symantec. Why would multiple machines all of a sudden start doing this at the same time?

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,248 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:08 AM

Posted 27 January 2010 - 02:15 PM

LOL...I don't claim to understand the causes of file corruption/damage, whether registry files or system files.

All I know is that such happens probably much more frequently than we imagine and it's not until a critical process is impacted...that we become knowledgeable of such.

Louis

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:08 AM

Posted 27 January 2010 - 10:05 PM

Install Symantec, PC won't boot. Uninstall, PC boots fine.

The moral?
Stay away from Norton :thumbsup:

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users