Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

COM Error crashes computer when trying to email


  • Please log in to reply

#31
shorthaul99

shorthaul99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts

 

 

 

 

 

Also check
Multimedia Class Scheduler Service

Is it running?

 

No, it's not running but it is set to start automatically.

 

 

 

FRST LOG:

 

 

 

Farbar Recovery Scan Tool (x64) Version: 19-11-2017
Ran by JB (21-11-2017 10:27:56)
Running from C:\Users\JB\Desktop
Boot Mode: Normal

================== Search Files: "iesysprep.dll" =============

C:\Windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.7601.17514_none_3853caf38f4097bb\iesysprep.dll
[2010-11-20 21:25][2010-11-20 21:25] 000114688 _____ (Microsoft Corporation) 3F0C0726F7C24E852D1590ABE721877D [File is digitally signed]

C:\Windows\winsxs\wow64_microsoft-windows-ie-sysprep_31bf3856ad364e35_11.2.9600.16428_none_083dd731036b79d4\iesysprep.dll
[2016-12-16 19:13][2016-02-18 13:49] 000105984 _____ (Microsoft Corporation) 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 [File is digitally signed]

C:\Windows\winsxs\amd64_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.7600.16385_none_924152af4aaf8557\iesysprep.dll
[2009-07-13 17:58][2009-07-13 19:41] 000138240 _____ (Microsoft Corporation) 601967E0B6C921E1077CBCC18CE46B5F [File is digitally signed]

C:\Windows\winsxs\amd64_microsoft-windows-ie-sysprep_31bf3856ad364e35_11.2.9600.16428_none_fde92cdecf0ab7d9\iesysprep.dll
[2016-12-10 21:04][2016-02-18 13:49] 000105984 _____ (Microsoft Corporation) 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 [File is digitally signed]

C:\Windows\SysWOW64\iesysprep.dll
[2013-12-03 19:01][2016-02-18 13:49] 000086016 _____ (Microsoft Corporation) 83F49FD1BC0A999B006D564C540C7258 [File is digitally signed]

C:\Windows\System32\iesysprep.dll
[2013-12-03 19:01][2016-02-18 13:49] 000105984 _____ (Microsoft Corporation) 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 [File is digitally signed]

C:\SFCFix\Backups\C\windows\winsxs\wow64_microsoft-windows-ie-sysprep_31bf3856ad364e35_11.2.9600.16428_none_083dd731036b79d4\iesysprep.dll
[2017-11-17 23:52][2016-02-18 13:49] 000105984 _____ (Microsoft Corporation) 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 [File is digitally signed]

====== End of Search ======

 

 

 

See if the procedure on

 

https://technet.micr...2(v=ws.10).aspx

 

works.

 

 

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\windows\system32>net accounts
Force user logoff how long after time expires?:       Never
Minimum password age (days):                          0
Maximum password age (days):                          42
Minimum password length:                              0
Length of password history maintained:                None
Lockout threshold:                                    Never
Lockout duration (minutes):                           30
Lockout observation window (minutes):                 30
Computer role:                                        WORKSTATION
The command completed successfully.

C:\windows\system32>

 

 

 

 

Log: 'System' Date/Time: 18/11/2017 6:35:21 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The IPsec Policy Agent service terminated with the following error:  The authentication service is unknown.

 

Try this:

 

http://www.howtonetw...ebuildipsec.htm

 

 

There was nothing in the registry of the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\IPsec\Policy\Local

so I went to Click Start, click Run, type regsvr32 polstore.dll, and then click OK and got this error

 

 

RegKey2.jpg

 

 

 

 

OK REBOOTING AND POSTING NOW SO I DON'T LOOSE MY WORK SO FAR. VEW logs coming after reboot...

 

 

 


  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,904 posts
  • MVP

Also check
Multimedia Class Scheduler Service

Is it running?

 

No, it's not running but it is set to start automatically.

 

 

Will it start if you tell it to?  Does it give you an error?


  • 0

#33
shorthaul99

shorthaul99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 21/11/2017 11:01:09 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/11/2017 4:59:47 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   24 user registry handles leaked from \Registry\User\S-1-5-21-2577112198-3913129868-2286876578-1000:
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\trust
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\trust
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\My
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\My
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\CA
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\CA
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\Root
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\Root
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Policies\Microsoft\SystemCertificates
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Policies\Microsoft\SystemCertificates
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Policies\Microsoft\SystemCertificates
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Policies\Microsoft\SystemCertificates
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Policies\Microsoft\SystemCertificates
Process 6436 (\Device\HarddiskVolume3\Windows\SysWOW64\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Policies\Microsoft\SystemCertificates
Process 1952 (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 17.0.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2577112198-3913129868-2286876578-1000\Software\Microsoft\SystemCertificates\Disallowed

 

 

 

 

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 21/11/2017 11:03:03 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/11/2017 4:59:48 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

 

 


  • 0

#34
shorthaul99

shorthaul99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts

 

Also check
Multimedia Class Scheduler Service

Is it running?

 

No, it's not running but it is set to start automatically.

 

 

Will it start if you tell it to?  Does it give you an error?

 

 

I just checked services and after the reboot, it's now up and running.


  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,904 posts
  • MVP

Looks better.  Now if only Kaspersky would get their act together.  Assume you do have the latest version?  Have you asked on their forum about the registry key problem?


  • 0

#36
shorthaul99

shorthaul99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts

No sir. I was only following your advise to the tee until further notice. I try not to have too many irons in the fire and undermine any progress we make together. I will post it on their forum now.


  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,904 posts
  • MVP

Try your QB again and if it fails, make new VEW logs.


  • 0

#38
shorthaul99

shorthaul99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts

Email from Kaspersky:

 

 

 

Hello ,

Thank you for contacting Kaspersky Lab Support.

My name is Syrene and I will be your Support today.


I apologize for the inconvenience that you have been having with your Kaspersky products, rest assured that I will do my best to help you get this resolved as quickly as possible.

To further investigate the issue and for us to be able to provide you to correct troubleshooting step to resolve this concern, please provide us a screenshot with the exact registry error message.

Can you show me what you see with a screenshot? For more details, here are instructions on how to take a screenshot:
http://support.kaspersky.com/us/492?cid=pe

Thank you and have a great day!


Having trouble with the steps we provided? We want to help! Please contact us right away using one of our live support options (available every day from 5:00am – 11:00pm Eastern Time):
http://supportkaspersky.com/us/b2c#region and reference your incident ID so we can better assist you.

If your issue has been resolved, please let us know. If you do not reply we will automatically resolve your request in 7 day(s).

Best regards,
Syrene R | Technical Support | Kaspersky Lab

Confidentiality Notice
This email message, and any attachments hereto, are for the sole use of the intended recipients, and may contain confidential and proprietary information. Any unauthorized use, disclosure or distribution of this email message or its attachments is prohibited. If you are not the intended recipient, please notify the sender by reply email and permanently delete this message and its attachments.

 

 

I have no idea what she is wanting me to screen shot. I already sent them the error results from the application log from VEW.

 

Please advise.


  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,904 posts
  • MVP

The guy's an idiot but if he wants a screenshot give him this:

 

Right click on My Computer and select Manage Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs click on Application.

 

Then at the top of the list click on Level.  This will sort the errors so that all of the errors are either at the top or bottom of the list.  Move to the Warning errored section and click on
Event: 1530 Source: Microsoft-Windows-User Profiles Service.  This should show the details in the bottom pane.  Take a screen shot of that and send it to him.  Emphasize that there is no popup - just Kaspersky caused errors in the event log.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP