Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Since Malware removal, cannot access files & programmes


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Starting to smell like a hard drive problem.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

Advertisements


#17
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
OK I have followed the first part of your instructions up to scheduling a disk check. However, when I right click Computer and then Manage, nothing happens. It doesn't go to Event viewer or Windows logs.
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Just skip that step then. More evidence of Hard drive damage.
  • 0

#19
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Scans finally completed.
Here are the logs for System and Application:-

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 15/09/2013 17:51:56

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2013 20:05:02
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 06/07/2013 21:12:47
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/06/2013 10:43:11
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 12/06/2013 19:26:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/09/2013 16:22:58
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 16:22:58
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 16:22:58
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 16:22:58
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 16:22:58
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 15/09/2013 16:22:58
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 15/09/2013 16:22:48
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 16:22:48
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 16:22:48
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 15/09/2013 16:21:58
Type: Error Category: 0
Event: 31004 Source: Microsoft-Windows-SharedAccess_NAT
The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 15/09/2013 14:19:15
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 14:19:15
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 14:19:15
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 15/09/2013 13:44:24
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 13:44:24
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 13:44:24
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 13:44:24
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 15/09/2013 13:44:24
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 15/09/2013 13:44:24
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 15/09/2013 13:44:17
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/09/2013 14:19:17
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2013 14:19:17
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 14/09/2013 20:35:31
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 14/09/2013 20:35:30
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 14/09/2013 19:39:08
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_05AC&PID_129E&MI_00\0.

Log: 'System' Date/Time: 14/09/2013 19:31:50
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 14/09/2013 19:31:16
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 13/09/2013 21:36:12
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 13/09/2013 21:36:12
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 13/09/2013 21:22:15
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 13/09/2013 21:22:13
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 13/09/2013 19:58:11
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\SJH-TOSH on the network \Device\NetBT_Tcpip_{8577256D-52AC-4960-A22E-7CCB8D8553EF}. Browser master: \\SJH-TOSH Network: \Device\NetBT_Tcpip_{8577256D-52AC-4960-A22E-7CCB8D8553EF} This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 13/09/2013 17:26:01
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 13/09/2013 17:26:01
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 13/09/2013 11:59:42
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 13/09/2013 11:59:42
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 12/09/2013 19:37:44
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 12/09/2013 19:37:43
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 12/09/2013 11:30:08
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 12/09/2013 11:30:07
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 15/09/2013 17:55:35

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 13/09/2013 20:17:40
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011004}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:54
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2598285) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:36
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:27
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:09
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 13/09/2013 10:03:53
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 13/09/2013 10:03:01
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 13/09/2013 10:03:00
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 12/09/2013 22:05:26
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: cvhbs.exe, version: 14.0.6114.5003, time stamp: 0x4f045e8c Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0x40000015 Fault offset: 0x0005beae Faulting process id: 0xfa8 Faulting application start time: 0x01ceb0042b406b26 Faulting application path: C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe Faulting module path: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll Report Id: 6d1ae08a-1bf7-11e3-a485-a4badbcb00d5

Log: 'Application' Date/Time: 12/09/2013 22:04:53
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: cvhbs.exe, version: 14.0.6114.5003, time stamp: 0x4f045e8c Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0x40000015 Fault offset: 0x0005beae Faulting process id: 0x17d0 Faulting application start time: 0x01ceb00415da8151 Faulting application path: C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe Faulting module path: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll Report Id: 59b513f4-1bf7-11e3-a485-a4badbcb00d5

Log: 'Application' Date/Time: 12/09/2013 21:58:34
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: msi.dll, version: 5.0.7601.17807, time stamp: 0x4f80321a Exception code: 0xc0000005 Fault offset: 0x00000000001ec1e6 Faulting process id: 0x8b4 Faulting application start time: 0x01ceafef5b8ea4bc Faulting application path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\msi.dll Report Id: 77637fbc-1bf6-11e3-a485-a4badbcb00d5

Log: 'Application' Date/Time: 11/09/2013 16:58:29
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2598285) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 11/09/2013 16:54:01
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 11/09/2013 16:53:51
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 11/09/2013 16:53:08
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 11/09/2013 16:51:35
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 11/09/2013 16:47:13
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 11/09/2013 16:47:11
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 09/09/2013 23:37:35
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Log: 'Application' Date/Time: 09/09/2013 14:55:58
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 15/09/2013 16:31:56
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 15/09/2013 16:31:56
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 15/09/2013 16:21:48
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=180}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 15/09/2013 16:21:31
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=180}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 15/09/2013 13:52:45
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 15/09/2013 13:52:45
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 15/09/2013 13:52:09
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 15/09/2013 13:42:50
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=F44}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 15/09/2013 13:42:38
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=F44}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 14/09/2013 19:41:12
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 14/09/2013 19:41:12
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 14/09/2013 19:31:06
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C14}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 14/09/2013 19:30:55
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C14}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 13/09/2013 21:02:48
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 13/09/2013 20:02:44
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 13/09/2013 20:02:30
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 13/09/2013 20:02:30
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 13/09/2013 19:52:18
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E0C}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 13/09/2013 19:52:11
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E0C}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 13/09/2013 17:01:02
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
I think we need to try
Windows Repair all in one

http://www.tweaking....all_in_one.html

Download it and save it then run it.

You can skip to step 4 or 5 where it gives you the same picture as in the above link.

Make sure all of these are checked before hitting Start:

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair MDAC & MS Jet
Repair Hosts File
Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
Repair CD/DVD Missing/Not Working

Reboot when done and run VEW again as before.
  • 0

#21
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Have downloaded and saved Windows Repair but cannot run it. I get an Launcher error message - "Unable to open setup file"
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Could you make a printscreen of the error and attach it?

Can you take a screen shot of the page?

Try to run Windows Repair All in One again (remember to Right click and RUn As Admin)

Press the Alt + the Print Screen key on your keyboard. It may be labeled [PrtScn].

Open Microsoft Paint (All Programs, Accessories,Paint).

Go to the Edit menu and choose Paste (or just do Ctrl + v) and the image should appear.


Go to the File Menu and choose Save As.

Navigate to the folder where you want to save the image. (Desktop)

Type a file name for the image: Error

Select a file type. jpeg

Click the Save button.

Attach Task.jpg to your Reply.



Also let's see what happens when we try this:

Copy the next 5 lines:

Takeown /f %windir%\winsxs\filemaps\* /a
icacls %windir%\winsxs\filemaps\*.* /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\filemaps\*.* /grant BUILTIN\Users:(RX)
icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Do you get any errors?
  • 0

#23
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Have tried to attach the print screen for the error message but having problems. When trying to save the image to desktop it says "save operation has been interrupted. Image has not been saved."

Tried copying the 5 lines and error messages appeared on Command Prompt:-
C:\users\marion>Takeown/f:windir:winsxs\filemaps\*/a ERROR: The currently logged on user does not have administrative privileges

Then after each line - "Access is denied"

I am logged in as Marion and clicked on Run as administrator.
  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
But did you right click on Command Prompt and Run As Admin? (Before pasting in the lines)
  • 0

#25
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
My mistake. Sorry

Have re-opened Command Prompt with Run as Admin and no errors to report.
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Reboot and then run VEW again as before and let's see if the commands helped
  • 0

#27
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Ran VEW again and logs copied and pasted below.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/09/2013 12:06:42

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2013 20:05:02
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 06/07/2013 21:12:47
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/06/2013 10:43:11
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 12/06/2013 19:26:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2013 10:31:03
Type: Error Category: 0
Event: 34001 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 failed to configure IPv6 stack.

Log: 'System' Date/Time: 16/09/2013 10:23:56
Type: Error Category: 0
Event: 34001 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 failed to configure IPv6 stack.

Log: 'System' Date/Time: 16/09/2013 10:23:47
Type: Error Category: 0
Event: 31004 Source: Microsoft-Windows-SharedAccess_NAT
The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 16/09/2013 10:23:44
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:44
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:44
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 16/09/2013 10:23:43
Type: Error Category: 0
Event: 31004 Source: Microsoft-Windows-SharedAccess_NAT
The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Log: 'System' Date/Time: 16/09/2013 10:23:38
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Log: 'System' Date/Time: 16/09/2013 10:23:35
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:35
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:35
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:35
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:35
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 16/09/2013 10:23:35
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 16/09/2013 10:23:24
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:24
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

Log: 'System' Date/Time: 16/09/2013 10:23:24
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Log: 'System' Date/Time: 16/09/2013 10:11:01
Type: Error Category: 0
Event: 30013 Source: Microsoft-Windows-SharedAccess_NAT
The DHCP allocator has disabled itself on IP address 192.168.0.2, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Log: 'System' Date/Time: 16/09/2013 10:11:01
Type: Error Category: 0
Event: 34001 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 failed to configure IPv6 stack.

Log: 'System' Date/Time: 15/09/2013 23:25:14
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2013 10:34:23
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:22
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:22
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:22
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:22
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:05
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:05
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:05
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:04
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:04
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:04
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:04
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:02
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:34:02
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:30:23
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:30:23
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:30:23
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:30:23
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:30:23
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 16/09/2013 10:11:01
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate  bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/09/2013 12:09:23

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 13/09/2013 20:17:40
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011004}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:54
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2598285) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:36
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:27
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 13/09/2013 10:04:09
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 13/09/2013 10:03:53
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 13/09/2013 10:03:01
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 13/09/2013 10:03:00
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 12/09/2013 22:05:26
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: cvhbs.exe, version: 14.0.6114.5003, time stamp: 0x4f045e8c Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0x40000015 Fault offset: 0x0005beae Faulting process id: 0xfa8 Faulting application start time: 0x01ceb0042b406b26 Faulting application path: C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe Faulting module path: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll Report Id: 6d1ae08a-1bf7-11e3-a485-a4badbcb00d5

Log: 'Application' Date/Time: 12/09/2013 22:04:53
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: cvhbs.exe, version: 14.0.6114.5003, time stamp: 0x4f045e8c Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0x40000015 Fault offset: 0x0005beae Faulting process id: 0x17d0 Faulting application start time: 0x01ceb00415da8151 Faulting application path: C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe Faulting module path: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll Report Id: 59b513f4-1bf7-11e3-a485-a4badbcb00d5

Log: 'Application' Date/Time: 12/09/2013 21:58:34
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: msi.dll, version: 5.0.7601.17807, time stamp: 0x4f80321a Exception code: 0xc0000005 Fault offset: 0x00000000001ec1e6 Faulting process id: 0x8b4 Faulting application start time: 0x01ceafef5b8ea4bc Faulting application path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\msi.dll Report Id: 77637fbc-1bf6-11e3-a485-a4badbcb00d5

Log: 'Application' Date/Time: 11/09/2013 16:58:29
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2598285) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 11/09/2013 16:54:01
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 11/09/2013 16:53:51
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 11/09/2013 16:53:08
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 11/09/2013 16:51:35
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.

Log: 'Application' Date/Time: 11/09/2013 16:47:13
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 11/09/2013 16:47:11
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 09/09/2013 23:37:35
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Log: 'Application' Date/Time: 09/09/2013 14:55:58
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/09/2013 10:21:00
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 16/09/2013 10:21:00
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 16/09/2013 10:10:52
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=9CC}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 16/09/2013 10:10:44
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=9CC}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 15/09/2013 23:19:27
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 15/09/2013 23:16:27
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 15/09/2013 23:16:27
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 15/09/2013 23:06:21
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E4C}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 15/09/2013 23:06:11
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E4C}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 15/09/2013 21:53:09
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-18103452-1247424638-3126524233-1001:
Process 3956 (\Device\HarddiskVolume3\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe) has opened key \REGISTRY\USER\S-1-5-21-18103452-1247424638-3126524233-1001


Log: 'Application' Date/Time: 15/09/2013 18:38:32
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 15/09/2013 16:31:56
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 15/09/2013 16:31:56
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 15/09/2013 16:21:48
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=180}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 15/09/2013 16:21:31
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=180}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 15/09/2013 13:52:45
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 15/09/2013 13:52:45
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 15/09/2013 13:52:09
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 15/09/2013 13:42:50
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=F44}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 15/09/2013 13:42:38
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=F44}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Let's disable IPv6 since it is not working and no one uses it anyway:

http://support.micro...kb/929852/en-us

There is a Microsoft Fix it 50409 on the page that will turn it off for you.

Then try the Fixit on

http://support.micro...windows_update/

Then try this one:

http://support.micro..._and_uninstall/

Then reboot and run VEW again
  • 0

#29
GrahamH

GrahamH

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Couldn't run any of these programmes Ron.

Microsoft Fix it 50409 - Error message:- The installer has encountered an unexpected error installing this package. Error code 2738.

Microsoft Fixit :- Troubleshooting cannot continue because an error has occured.

By the way, by accident, I have found that xls and word documents sent as attachments to my Yahoo email address wont open with Microsoft Starter 2010 which was installed when I got the laptop. However they will open in Gmail with Google sheets and Google view.
  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
OK.

then see if you can do the fixit for ipv6 manually:

Click Start
type

regedit

in the Start Search box, and then click regedit.exe in the Programs list.
In the User Account Control dialog box, click Continue.
In Registry Editor, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters
Double-click DisabledComponents (should be int he right pane) to change the DisabledComponents entry.


Note If the DisabledComponents entry is unavailable, you must create it. To do this, follow these steps:

In the Edit menu, point to New, and then click DWORD (32-bit) Value.
Type DisabledComponents, and then press ENTER.
Double-click DisabledComponents.

Type the following values in the Value data field to configure the IPv6 protocol to the desired state, and then click OK:


Type 0xffffffff to disable all IPv6 components except the IPv6 loopback interface. This value also configures Windows to prefer using IPv4 over IPv6 by changing entries in the prefix policy table. For more information, see Source and Destination Address Selection.

If you get a permissions error while trying to edit HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters then:
http://www.howtogeek...y-in-windows-7/



Let's see if we can manually reset all permissions:

Let's try resetting the registry permissions to the defaults.

Download SubInACL.exe

http://www.microsoft...&displaylang=en

By default it installs the tool in C:\Program Files\Windows Resource Kits\Tools\

Please allow it to do so.


Download and Save the attached file, reset.zip, right click on it and Extract all and copy the reset.cmd file to C:\Program Files\Windows Resource Kits\Tools\.
Copy the next two lines:

cd  "\Program Files\Windows Resource Kits\Tools"
reset.cmd


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. This will take a while.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP