Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rescue Request for System Restore "Catastrophic Failure (0x8000ffff)"


  • Please log in to reply
4 replies to this topic

#1 Upbloat

Upbloat

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 07 September 2015 - 10:40 PM

.

Hello!

 

I was kindly helped once in the past with a System Restore problem here, although I later discovered some restore points still would not go through. I decided to live with the problem.

 

While goofing around on the Internet, I clicked on a page which redirected to one of those scary pages that refused to close on my broswer (the kind that warns you of a virus), and the way I normally would have dealt with such a page was to close the browser via Windows Task Manager. This time I had no patience, seeing if I could get out of the page fast, and I thoughtlessly clicked on "OK." The tab still would not close, and after ending the program through Task Manager, the browser - Chrome - had stopped working. I figured I'd go "System Restore," since I didn't feel like uninstalling and reinstalling Chrome.

 

That's when I got the "Catastrophic Failure (0x8000ffff)" message.

 

Since I've already had experience with this problem, I have tried:

 

System Restore from Safe Mode (no go)

sfc /scannow, (reported corrupt files and repaired)

chkdsk /f /r C: (I let it run)

Malwarebytes Anti-Malware Free - clean bill of health

Tweaking.com - Windows Repair All-In-One- clean bill of health

ESET Onine Scanner - clean bill of health

 

In the interest of saving time, I'm going to take the liberty of performing a MiniToolbox (checking, List last 10 Event Viewer log, List Installed Programs, List Users, Partitions and Memory size), posting the results below. This is in case my computer has malware and needs to be moved to the "Am I Infected" area. The report will be in my next post.

 

Speccy Snapshot of my system.

 

Thanks.

 

 

While I was desperate to lick this problem on my own, I did something that messed something else up, which I'd also appreciate advice on.

 

From this Microsoft Answers page, I obeyed the following possible remedy:

 

From "msconfig" - "Click on the Selective Startup tab and Uncheck the 'Load Startup Items'
In the 'Services' tab, Check the *Hide all Microsoft Services* option and then click on 'Disable all'.
Finally click the 'OK'  ... Restart the computer ... Now try the Restore."

 

After the attempt (which did not work, needless to say), I thought I would be able to bring everything back in the 'Services" tab by clicking on "Enable all," but some of the items now show "Stopped," and I can't budge them. One is my AVAST anti-virus, and so far I'm not getting real-time protection anymore. (Perhaps some of the other "stopped" ones are no less important.) EDIT : I looked into this, and added my findings in my third post below.... sorry about this mess. In the meantime, I hope Win 7's Defender will protect me.

 

 

One last point. This page on Bleeping Computers came upon a remedy, and I was surprised to see it again when I looked at this other page with a similar problem. The magical solution was offered here, solving the problems of both "Catastrophic Failure" help-seekers. It regarded "VSS," which I have no idea about, and am fearful it could open another can of worms... but I figured this possible solution was worth mentioning.

 

 

Thanks again.

 

 

.


Edited by Upbloat, 07 September 2015 - 11:51 PM.


BC AdBot (Login to Remove)

 


#2 Upbloat

Upbloat
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 07 September 2015 - 10:44 PM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by MG (administrator) on 07-09-2015 at 23:01:30
Running from "C:\Users\MG\Downloads\Programs"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: K30AD_M31AD_M51AD Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/07/2015 09:49:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 45.0.2454.85, time stamp: 0x55df881b
Faulting module name: guard32.dll, version: 8.2.0.4674, time stamp: 0x55c148a3
Exception code: 0xc0000409
Fault offset: 0x000269c9
Faulting process id: 0xb2c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (09/07/2015 09:42:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/07/2015 09:32:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 45.0.2454.85, time stamp: 0x55df881b
Faulting module name: guard32.dll, version: 8.2.0.4674, time stamp: 0x55c148a3
Exception code: 0xc0000409
Fault offset: 0x000269c9
Faulting process id: 0xfe0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (09/07/2015 09:27:36 PM) (Source: Windows Search Service) (User: )
Description: Could not get performance counter registry info for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (09/07/2015 09:27:23 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context:  Application, SystemIndex Catalog

Error: (09/07/2015 09:27:22 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (09/07/2015 09:22:02 PM) (Source: System Restore) (User: )
Description: Failed to initiate System Restore (GOM flv).


Error: (09/07/2015 09:20:46 PM) (Source: Windows Search Service) (User: )
Description: Could not get performance counter registry info for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (09/07/2015 09:20:41 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context:  Application, SystemIndex Catalog

Error: (09/07/2015 09:20:40 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

System errors:
=============
Error: (09/07/2015 10:52:35 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:  %%1275

Error: (09/07/2015 10:52:35 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\MG\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (09/07/2015 10:52:35 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:  %%1275

Error: (09/07/2015 10:52:35 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\MG\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (09/07/2015 10:52:34 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (09/07/2015 10:52:34 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\MG\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (09/07/2015 10:52:34 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (09/07/2015 10:52:34 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\MG\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (09/07/2015 10:52:33 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (09/07/2015 10:52:33 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\MG\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Microsoft Office Sessions:
=========================
Error: (07/22/2015 09:13:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (HKLM\...\{9301985B-D116-4A93-A93D-94580084FF86}) (Version: 1.2.0 - Hewlett-Packard) Hidden
7-Zip 15.04 alpha x64 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Any Video Converter 5.8.1 (HKLM-x32\...\Any Video Converter) (Version: 5.8.1 - Anvsoft)
AOMEI Backupper Standard Edition 2.8 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.14 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.03 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.04 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM\...\{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Brother MFL-Pro Suite HL-2280DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Command & Conquer Tiberian Sun (HKLM-x32\...\Tiberian Sun) (Version:  - )
COMODO Firewall (HKLM\...\{4C5D0B6A-944A-47A6-A2F3-BCB58E05CA5D}) (Version: 8.2.0.4591 - COMODO Security Solutions Inc.)
CopyFilenames 3.1 (HKLM\...\CopyFilenames_is1) (Version: 3.1 - ExtraBit Software)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Galería de fotos (HKLM-x32\...\{5AE1297A-58E3-40F2-9C59-ADCB8CF56918}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{43711B8E-AE78-4C83-84EC-3E86D689311C}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.67.5221 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.13 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4222 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
Junk Mail filter update (HKLM-x32\...\{24758B1D-9345-4538-A69A-05660F63A296}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
K-Meleon 1.5.4 en-US (remove only) (HKLM-x32\...\K-Meleon) (Version: 1.5.4 - K-Meleon Team)
MAGIX Movie Edit Pro 2015 (HKLM\...\{DA7B58E7-740A-4411-AC11-7D9BA50804E2}) (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
MAGIX Movie Edit Pro 2015 (HKLM\...\MX.{DA7B58E7-740A-4411-AC11-7D9BA50804E2}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (HKLM\...\{B9A8B04D-2121-4131-9CF3-32B286D70508}) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B9A8B04D-2121-4131-9CF3-32B286D70508}) (Version: 7.0.1.27 - MAGIX Software GmbH)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.152 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft FrontPage 2000 (HKLM-x32\...\{00120409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{186312F7-5E94-4709-859E-8A91F97DC674}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5A88AF74-251F-4CE1-A9C4-5A627D10AE16}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8C22A294-DBBA-445F-B55C-E26817CCFE69}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DCA6C9A9-D593-4BF3-9AD2-C1AA69DFAB27}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
MyPadlock Password Manager (HKCU\...\e1c3488942f1ae2a) (Version: 1.0.0.32 - MyPadlock)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Opera 12.15 (HKLM\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Real Alternative 1.8.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.8.0 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7116 - Realtek Semiconductor Corp.)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.4.0 - Tweaking.com)
UMPlayer 0.98 [P4] (HKLM-x32\...\UMPlayer) (Version: 0.98 - Ori Rejwan)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.1.265 - ASUS Cloud Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wise Program Uninstaller 1.71 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 1.71 - WiseCleaner.com, Inc.)
影像中心 (HKLM-x32\...\{B56ADA3D-7E16-447C-AAC6-1E1EBEDEC505}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

========================= Memory info: ===================================
Percentage of memory in use: 38%
Total physical RAM: 8065.21 MB
Available physical RAM: 4971.07 MB
Total Virtual: 16128.62 MB
Available Virtual: 12773.66 MB

========================= Partitions: =====================================
1 Drive c: (WIN7) (Fixed) (Total:372.6 GB) (Free:81.53 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:535.84 GB) (Free:535.01 GB) NTFS
3 Drive e: (TS1) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS
5 Drive g: (HP v125w) (Removable) (Total:3.76 GB) (Free:2.07 GB) FAT32

========================= Users: ========================================
User accounts for \\MG-PC

Administrator            Guest                    MG                       


**** End of log ****


Edited by hamluis, 08 September 2015 - 10:41 AM.


#3 Upbloat

Upbloat
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 07 September 2015 - 11:37 PM

.

I can't get AVAST going again through its control panel.

 

I investigated "how to run the stopped services in system configuration," and this page instructed:

 

"Press the window logo button and r to initiate 'run' then type in 'services.msc' without the quotes and press enter. Look for the services you want to start/stop/restart. This should fix it."

 

I got "Access Denied" when I tried the "Automatic" and "Manual" options, leading to this page, advising on "How to Fix Access Denied Error when Using MSCONFIG"; following its instructions, I tried to change the decimal value for the AVAST entry in REGEDIT, but got the message:

 

Error Editing Value
Cannot edit Start: Error writing the value's new contents.

 

I'm sure AVAST was working fine before I fooled around with MSCONFIG ... in other words, I don't think that suspicious page in my browser is the cause of this. But this has turned into a major problem, besides my "System Restore" one. Should I start a new thread, regarding this?

 

My appreciation.

 

-------------------

 

EDIT : I fear this page got too confusing with two separate problems, and I decided to create another thread for this second one. Perhaps the moderator will decide this second problem should have remained in this thread, but time will tell.

 

--------------------

 

 

By the way...

Afterwards, I noticed the mysterious phrases beginning with "e" above, under MiniToolKit's "System Errors," such as "Ehdrv.sys" -  and they turned out to be connected to the ESET online virus scanner that I ran. Could that be a result of some virus' sabotage? The scan did complete, at least on the surface.

 

 

EDIT : Thank you, Hamluis (that is, Louis): I noticed your having highlighted the problem areas in the above report. The media player GOM has nothing to do with this problem, by the way; I had created a system restore point manually, naming it "GOM.flv," intending to install a CODEC... I then decided against the installation. So "GOM.flv" is simply an arbitrary name for the restore point I later attempted.

 

 

.

 

.


Edited by Upbloat, 08 September 2015 - 04:18 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,405 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:26 PM

Posted 08 September 2015 - 10:42 AM

Topic moved to Am I Infected forum.

 

Louis



#5 Upbloat

Upbloat
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 08 September 2015 - 12:09 PM

.

Hello, Louis; good to see you. I hope someone will be kind enough to look into this pickle I'm in.

 

One casualty, as mentioned, was Chrome. This morning I Googled the problem details, and came upon this page, where (very recently, this month) users were hit with the same problem (a conflict with COMODO HIPS... although I have HIPS disabled). I followed #19's instructions, and Chrome is functioning again.

 

Since my question has been moved to "Am I Infected?", might be worth noting that I've scanned with the online "Dr.Web CureIt!" (which brags about digging out rootkits), and the computer got a clean bill of health.

 

(As an EDIT, I later gave Microsoft Safety Scanner - from the same link - a shot, with the same clean bill of health result. Louis must have seen something from the MiniToolkit report that made him suspect I may be infected, but so far no anti-virus program has picked anything up.)

 

 

 

.


Edited by Upbloat, 08 September 2015 - 02:15 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users