Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

"You have been logged on with a temporary profile"

Started by oliver amaya , Nov 15 2012 07:53 AM

  • Please log in to reply

#16
oliver amaya
Posted 15 November 2012 - 06:39 PM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
After I run the program I get the following:

Cannot find the C:\VEW.txt file. Do you want to create a new file? Yes No Cancel

Behind that message a blank notepad appears.

What should I do? I tried clicking yes once but nothing happens. I just ran VEW again.

Edited by oliver amaya, 15 November 2012 - 06:56 PM.

  • 0

Advertisements

#17
oliver amaya
Posted 15 November 2012 - 06:57 PM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
I attached a screenshot of what I'm looking at
I also tried to save a VEW.txt file in the C drive but I got this error message "C:\VEW.txt You don't have permission to save in this location. Contact the administrator to obtain permission. Would you like to save in the My Documents folder instead?" I am in the newly created profile, not the corrupted one.

Attached Thumbnails

  • vew.jpg

Edited by oliver amaya, 15 November 2012 - 08:08 PM.

  • 0

#18
SleepyDude
Posted 16 November 2012 - 05:16 AM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts
Hi,

Try this, right click on the VEW file and choose Run as Administrator

Edit: I just confirm you need to run VEW as Administrator because the program doesn't request that by itself.

Edited by SleepyDude, 16 November 2012 - 05:18 AM.

  • 0

#19
oliver amaya
Posted 16 November 2012 - 08:27 AM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
SleepyDude,

My computer did another automatic update. It no longer has a problem with the GFXUI error. Furthermore, I have logged into the "corrupt" profile and the temporary profile message did not pop up, but my setting haven't returned to normal. The desktop is still different, and all of my documents are still in my C drive but not readily available in the "corrupted" profile, i.e. when I go to my docs it's empty.

Here is the log

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/11/2012 9:18:26 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/11/2012 8:29:14 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 7144

Log: 'Application' Date/Time: 16/11/2012 8:29:14 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 7144

Log: 'Application' Date/Time: 16/11/2012 8:29:14 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 16/11/2012 8:29:13 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 6099

Log: 'Application' Date/Time: 16/11/2012 8:29:13 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 6099

Log: 'Application' Date/Time: 16/11/2012 8:29:13 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 16/11/2012 8:29:12 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 5070

Log: 'Application' Date/Time: 16/11/2012 8:29:12 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 5070

Log: 'Application' Date/Time: 16/11/2012 8:29:12 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 16/11/2012 8:29:11 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 4071

Log: 'Application' Date/Time: 16/11/2012 8:29:11 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 4071

Log: 'Application' Date/Time: 16/11/2012 8:29:11 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 16/11/2012 8:29:10 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 1138

Log: 'Application' Date/Time: 16/11/2012 8:29:10 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 1138

Log: 'Application' Date/Time: 16/11/2012 8:29:08 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 16/11/2012 8:00:16 AM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1991760897-3703780301-3782144816-1001.new). hr = 0x80070539, The security ID structure is invalid. .

Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {ab8d0a83-bc98-408f-8585-279bd463c682}

Log: 'Application' Date/Time: 15/11/2012 2:26:50 PM
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Log: 'Application' Date/Time: 15/11/2012 2:26:50 PM
Type: Error Category: 0
Event: 1515 Source: Microsoft-Windows-User Profiles Service
Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.

Log: 'Application' Date/Time: 15/11/2012 2:09:50 PM
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Log: 'Application' Date/Time: 15/11/2012 2:09:50 PM
Type: Error Category: 0
Event: 1515 Source: Microsoft-Windows-User Profiles Service
Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/11/2012 2:14:05 PM
Type: Information Category: 0
Event: 903 Source: Microsoft-Windows-Security-SPP
The Software Protection service has stopped.

Log: 'Application' Date/Time: 16/11/2012 2:13:12 PM
Type: Information Category: 0
Event: 1000 Source: Microsoft-Windows-LoadPerf
Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data in the data section contains the new index values assigned to this service.

Log: 'Application' Date/Time: 16/11/2012 2:13:12 PM
Type: Information Category: 0
Event: 1001 Source: Microsoft-Windows-LoadPerf
Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
[518431a3-4515-41c6-906a-0b1d8d405622] Registry string check dependency met? False

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [518431a3-4515-41c6-906a-0b1d8d405622]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
[3b362a57-7549-411a-9eb5-7a3952879c70] Registry string check dependency met? False

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [3b362a57-7549-411a-9eb5-7a3952879c70]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
[b644565b-46c1-41a7-8888-2cc37098ae14] OS version check dependency met? True

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [b644565b-46c1-41a7-8888-2cc37098ae14]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [bbcf0586-8b94-46eb-a2b4-c5fefbce2751]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [01d4f272-71b8-489b-85d3-97c263eac3b7]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [1df917db-3056-41af-bbac-0489a6b63d4d]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [e4b859d8-de3c-4f9a-b55d-cdc1253ccbdb]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
[e0f225d7-03f0-4acf-a33e-cf7f281e8006] File version check dependency met? True

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [e0f225d7-03f0-4acf-a33e-cf7f281e8006]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
[11bdfbae-4028-4fed-963f-4ad272c8fccd] BIOS version dependency met? True

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [11bdfbae-4028-4fed-963f-4ad272c8fccd]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [0c26de97-4cdc-441c-ace6-fe1e25316130]

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
[38e4a581-db38-4d4f-b33a-d0c191aa2c21] Registry string check dependency met? True

Log: 'Application' Date/Time: 16/11/2012 2:12:47 PM
Type: Information Category: 0
Event: 0 Source: TOSHIBA Service Station
Checking dependency [38e4a581-db38-4d4f-b33a-d0c191aa2c21]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/11/2012 9:17:07 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 15/11/2012 9:13:24 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 15/11/2012 9:05:42 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 18/03/2012 12:54:32 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 08/10/2011 8:54:26 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/11/2012 11:45:17 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The IHA_MessageCenter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 11:45:17 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Log: 'System' Date/Time: 15/11/2012 11:16:19 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The IHA_MessageCenter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 11:16:19 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Log: 'System' Date/Time: 15/11/2012 11:03:57 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The IHA_MessageCenter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 11:03:57 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Log: 'System' Date/Time: 15/11/2012 10:59:57 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The SupportSoft Repair Service (verizondm) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 10:59:57 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Repair Service (verizondm) service to connect.

Log: 'System' Date/Time: 15/11/2012 10:59:25 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The IHA_MessageCenter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 10:59:25 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Log: 'System' Date/Time: 15/11/2012 10:31:09 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The IHA_MessageCenter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 10:31:09 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Log: 'System' Date/Time: 15/11/2012 2:30:13 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The IHA_MessageCenter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 15/11/2012 2:30:13 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Log: 'System' Date/Time: 15/11/2012 2:28:36 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 15/11/2012 2:28:36 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 15/11/2012 2:28:36 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 15/11/2012 2:27:15 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 15/11/2012 2:27:15 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 15/11/2012 2:27:12 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/11/2012 2:14:05 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Software Protection service entered the stopped state.

Log: 'System' Date/Time: 16/11/2012 2:11:53 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Windows Media Player Network Sharing Service service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:11:53 PM
Type: Information Category: 0
Event: 14204 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' started.

Log: 'System' Date/Time: 16/11/2012 2:11:47 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Mozilla Maintenance Service service entered the stopped state.

Log: 'System' Date/Time: 16/11/2012 2:11:40 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Mozilla Maintenance Service service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:11:07 PM
Type: Information Category: 1101
Event: 7001 Source: Microsoft-Windows-Winlogon
User Logon Notification for Customer Experience Improvement Program

Log: 'System' Date/Time: 16/11/2012 2:10:58 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Windows Media Player Network Sharing Service service entered the stopped state.

Log: 'System' Date/Time: 16/11/2012 2:10:58 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The UPnP Device Host service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:10:58 PM
Type: Information Category: 0
Event: 14205 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' stopped.

Log: 'System' Date/Time: 16/11/2012 2:10:54 PM
Type: Information Category: 1102
Event: 7002 Source: Microsoft-Windows-Winlogon
User Logoff Notification for Customer Experience Improvement Program

Log: 'System' Date/Time: 16/11/2012 2:09:31 PM
Type: Information Category: 1
Event: 19 Source: Microsoft-Windows-WindowsUpdateClient
Installation Successful: Windows successfully installed the following update: Security Update for Windows 7 for x64-based Systems (KB2727528)

Log: 'System' Date/Time: 16/11/2012 2:09:31 PM
Type: Information Category: 1
Event: 19 Source: Microsoft-Windows-WindowsUpdateClient
Installation Successful: Windows successfully installed the following update: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2761451)

Log: 'System' Date/Time: 16/11/2012 2:09:31 PM
Type: Information Category: 1
Event: 19 Source: Microsoft-Windows-WindowsUpdateClient
Installation Successful: Windows successfully installed the following update: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2729451)

Log: 'System' Date/Time: 16/11/2012 2:09:31 PM
Type: Information Category: 1
Event: 19 Source: Microsoft-Windows-WindowsUpdateClient
Installation Successful: Windows successfully installed the following update: Security Update for Windows 7 for x64-based Systems (KB2761226)

Log: 'System' Date/Time: 16/11/2012 2:08:46 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The TOSHIBA HDD SSD Alert Service service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:08:35 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Portable Device Enumerator Service service entered the stopped state.

Log: 'System' Date/Time: 16/11/2012 2:08:25 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Windows Update service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:08:15 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Security Center service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:08:15 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Software Protection service entered the running state.

Log: 'System' Date/Time: 16/11/2012 2:08:13 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Google Update Service (gupdate) service entered the stopped state.
  • 0

#20
SleepyDude
Posted 16 November 2012 - 05:11 PM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts
Hi,

Its strange but the log doesn't show the result of chkdsk!

Please try this, download ListChkdskResult.zip
Extract the zip file to the Desktop and then execute the file ListChkdskResult.vbs wait a moment and a log will open in Notepad
Copy & Paste the content to your post.
  • 0

#21
oliver amaya
Posted 17 November 2012 - 01:27 AM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
I extracted the program to my desktop. Then I double clicked it. The program didn't pop up, but a wordpad file was created. I opened the file and it was blank. I attempted this twice with the same result.
  • 0

#22
SleepyDude
Posted 17 November 2012 - 05:35 AM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts

I extracted the program to my desktop. Then I double clicked it. The program didn't pop up, but a wordpad file was created. I opened the file and it was blank. I attempted this twice with the same result.


Ok. That means that the CHKDSK probably didn't run. Did you see the chkdsk running at boot before windows start?

Edit: It will show a countdown don't press any key because if you do the chkdsk is canceled.

Edited by SleepyDude, 17 November 2012 - 07:22 AM.

  • 0

#23
oliver amaya
Posted 17 November 2012 - 12:58 PM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
Okay, so I deleted the program and downloaded/extracted it and it functioned properly. I received a message saying that in a moment a wordpad file would open up. That didn't occur before. This was found in the wordpad:

ListChkdskResult by SleepyDude v0.1.3 Beta | 16-01-2012

------< Log generate on 11/17/2012 2:02:04 PM >------
No Events found for Chkdsk or Wininit!

Edited by oliver amaya, 17 November 2012 - 01:04 PM.

  • 0

#24
SleepyDude
Posted 17 November 2012 - 01:19 PM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts
Hi,

My script did the job the first time that's why I ask if you did see Chkdsk running.
You need to follow the steps from post #9 again.

When the computer boot you will see a count down to run chkdsk don't press any key and wait.

This time you got a different result because I did some improvements to the script, now it shows when a chkdsk log isn't found on the Windows Event Viewer.
  • 0

#25
oliver amaya
Posted 17 November 2012 - 04:04 PM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
ListChkdskResult by SleepyDude v0.1.3 Beta | 16-01-2012

------< Log generate on 11/17/2012 5:01:09 PM >------
Category: 0
Computer Name: ElvisTheGod-PC
Event Code: 1001
Record Number: 137609
Source Name: Microsoft-Windows-Wininit
Time Written: 20121117210119.000000-000
Event Type: Information
User:
Message:

Checking file system on C:
The type of the file system is NTFS.
Volume label is TI105847W0F.


A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 3)...
244224 file records processed.

File verification completed.
3545 large file records processed.

0 bad file records processed.

0 EA records processed.

124 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
329202 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...
244224 file SDs/SIDs processed.

Cleaning up 513 unused index entries from index $SII of file 0x9.
Cleaning up 513 unused index entries from index $SDH of file 0x9.
Cleaning up 513 unused security descriptors.
Security descriptor verification completed.
42490 data files processed.

CHKDSK is verifying Usn Journal...
36776088 USN bytes processed.

Usn Journal verification completed.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

301652991 KB total disk space.
168874692 KB in 163583 files.
110428 KB in 42491 indexes.
0 KB in bad sectors.
357175 KB in use by the system.
65536 KB occupied by the log file.
132310696 KB available on disk.

4096 bytes in each allocation unit.
75413247 total allocation units on disk.
33077674 allocation units available on disk.

Internal Info:
00 ba 03 00 05 25 03 00 d0 a9 05 00 00 00 00 00 .....%..........
1a 6c 00 00 7c 00 00 00 00 00 00 00 00 00 00 00 .l..|...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.

-----------------------------------------------------------------------
  • 0

Advertisements

#26
SleepyDude
Posted 17 November 2012 - 04:24 PM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts
Hi,

Good Job! The chkdsk log is Ok, many times the profiles corruption occurs due to disk errors.

Now lets look at the registry...
Please download SystemLook from one of the links below according to your OS Architecture and save it to your Desktop.
SystemLook (32-bit)
SystemLook (64-bit)

  • Double-click SystemLook.exe to run it.
  • Accept the prompt Allow the program to make changes to this computer (UAC prompt)
  • Copy the content of the following codebox into the main textfield:
    :reg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can be found on your Desktop entitled SystemLook.txt
  • 0

#27
oliver amaya
Posted 17 November 2012 - 05:03 PM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
I feel like we are really making progress here SleepyDude! I thank you so much for the help so far!

SystemLook 30.07.11 by jpshortstuff
Log created at 18:02 on 17/11/2012 by New Account
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList]
"ProfilesDirectory"="%SystemDrive%\Users"
"Default"="%SystemDrive%\Users\Default"
"Public"="%SystemDrive%\Users\Public"
"ProgramData"="%SystemDrive%\ProgramData"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags"= 0x000000000c (12)
"State"= 0x0000000000 (0)
"RefCount"= 0x0000000001 (1)
"Sid"=01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY)
"ProfileImagePath"="%systemroot%\system32\config\systemprofile"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath"="C:\Windows\ServiceProfiles\LocalService"
"Flags"= 0x0000000000 (0)
"State"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath"="C:\Windows\ServiceProfiles\NetworkService"
"Flags"= 0x0000000000 (0)
"State"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1991760897-3703780301-3782144816-1001]
"ProfileImagePath"="C:\Users\Elvis The God.ElvisTheGod-PC"
"Flags"= 0x0000000000 (0)
"State"= 0x0000000000 (0)
"Sid"=01 05 00 00 00 00 00 05 15 00 00 00 01 dc b7 76 cd 33 c3 dc 30 f3 6e e1 e9 03 00 00 (REG_BINARY)
"ProfileLoadTimeLow"= 0x0000000000 (0)
"ProfileLoadTimeHigh"= 0x0000000000 (0)
"RefCount"= 0x0000000000 (0)
"RunLogonScriptSync"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1991760897-3703780301-3782144816-1001.new]
"ProfileImagePath"="C:\Users\Elvis The God"
"Flags"= 0x0000000000 (0)
"State"= 0x0000008000 (32768)
"Sid"=01 05 00 00 00 00 00 05 15 00 00 00 01 dc b7 76 cd 33 c3 dc 30 f3 6e e1 e9 03 00 00 (REG_BINARY)
"ProfileLoadTimeLow"= 0x0000000000 (0)
"ProfileLoadTimeHigh"= 0x0000000000 (0)
"RefCount"= 0x0000000000 (0)
"RunLogonScriptSync"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1991760897-3703780301-3782144816-1006]
"ProfileImagePath"="C:\Users\New Account"
"Flags"= 0x0000000000 (0)
"State"= 0x0000000000 (0)
"Sid"=01 05 00 00 00 00 00 05 15 00 00 00 01 dc b7 76 cd 33 c3 dc 30 f3 6e e1 ee 03 00 00 (REG_BINARY)
"ProfileLoadTimeLow"= 0x0000000000 (0)
"ProfileLoadTimeHigh"= 0x0000000000 (0)
"RefCount"= 0x0000000002 (2)
"RunLogonScriptSync"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1991760897-3703780301-3782144816-1007]
"ProfileImagePath"="C:\Users\Attempt"
"Flags"= 0x0000000000 (0)
"State"= 0x0000000204 (516)
"Sid"=01 05 00 00 00 00 00 05 15 00 00 00 01 dc b7 76 cd 33 c3 dc 30 f3 6e e1 ef 03 00 00 (REG_BINARY)
"ProfileLoadTimeLow"= 0x0000000000 (0)
"ProfileLoadTimeHigh"= 0x0000000000 (0)
"RefCount"= 0x0000000000 (0)
"RunLogonScriptSync"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1991760897-3703780301-3782144816-1008]
"ProfileImagePath"="C:\Users\Another"
"Flags"= 0x0000000000 (0)
"State"= 0x0000000204 (516)
"Sid"=01 05 00 00 00 00 00 05 15 00 00 00 01 dc b7 76 cd 33 c3 dc 30 f3 6e e1 f0 03 00 00 (REG_BINARY)
"ProfileLoadTimeLow"= 0x0000000000 (0)
"ProfileLoadTimeHigh"= 0x0000000000 (0)
"RefCount"= 0x0000000000 (0)
"RunLogonScriptSync"= 0x0000000000 (0)


-= EOF =-
  • 0

#28
SleepyDude
Posted 17 November 2012 - 05:40 PM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts
To get a complete picture I need to check the user profiles you have on the disk...

Run SystemLook again but this time Copy & Paste the following text to the program box
:dir
c:\users /nntuser.dat /s
Click the Look button to start the scan, it can take some time...
Please post the log in your reply.

Edited by SleepyDude, 22 November 2012 - 05:26 PM.

  • 0

#29
oliver amaya
Posted 17 November 2012 - 05:44 PM

oliver amaya

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 115 posts
No problem.

SystemLook 30.07.11 by jpshortstuff
Log created at 18:43 on 17/11/2012 by New Account
Administrator - Elevation successful

No Context: dir

No Context: c:\users /nntuser.dat /s

-= EOF =-

But these are the other profiles I have: Another, Attempt, Elvis The God (corrupted), and a Guest profile. I don't think I have signed into Attempt.
  • 0

#30
SleepyDude
Posted 17 November 2012 - 06:27 PM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,978 posts
Sorry, the code above have a mistake, please use this one:
:dir
c:\users /nntuser.dat /s

Edited by SleepyDude, 17 November 2012 - 06:27 PM.

  • 0
Back to Windows Vista and Windows 7 · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows Vista and Windows 7

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP