Says it fixed something anyway. Does VEW show a recent profile error?
Windows Update Problem
#46
Posted 21 April 2020 - 04:31 PM
#47
Posted 21 April 2020 - 04:49 PM
There is one recent one, unfortunately.
I'm posting the logs below because there seem to be a whole lot of other errors in there. Thing quite a few may possibly have occurred when it was trying to create the administrator profile.
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 21/04/2020 23:36:38
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/04/2020 22:26:28
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: After starting, the service hung in a start-pending state.
Log: 'System' Date/Time: 21/04/2020 22:26:28
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Avast Firewall Service service depends on the Base Filtering Engine service which failed to start because of the following error: After starting, the service hung in a start-pending state.
Log: 'System' Date/Time: 21/04/2020 22:26:28
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Windows Defender Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: After starting, the service hung in a start-pending state.
Log: 'System' Date/Time: 21/04/2020 22:26:26
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Base Filtering Engine service hung on starting.
Log: 'System' Date/Time: 21/04/2020 22:26:26
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Base Filtering Engine service hung on starting.
Log: 'System' Date/Time: 21/04/2020 22:26:26
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Base Filtering Engine service hung on starting.
Log: 'System' Date/Time: 21/04/2020 22:26:26
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Base Filtering Engine service hung on starting.
Log: 'System' Date/Time: 21/04/2020 20:50:19
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.
Log: 'System' Date/Time: 21/04/2020 20:50:02
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server Windows.Internal.Security.Authentication.Web.TokenBrokerInternal did not register with DCOM within the required timeout.
Log: 'System' Date/Time: 21/04/2020 20:49:16
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the OneSyncSvc_2bfda service.
Log: 'System' Date/Time: 21/04/2020 20:48:27
Type: Error Category: 0
Event: 7005 Source: Service Control Manager
The LoadUserProfile call failed with the following error: The RPC server is unavailable.
Log: 'System' Date/Time: 21/04/2020 20:48:21
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The OneSyncSvc_2bfda service terminated with the following error: There are no more endpoints available from the endpoint mapper.
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Push Notifications System Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Microsoft Account Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The User Manager service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Web Account Manager service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Log: 'System' Date/Time: 21/04/2020 20:48:19
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/04/2020 22:26:21
Type: Warning Category: 0
Event: 7044 Source: Service Control Manager
The following service is taking more than 3 minutes to start and may have stopped responding: Base Filtering Engine Contact your system administrator or service vendor for approximate startup times for this service. If you think this service might be slowing system response or logon time, talk to your system administrator about whether the service should be disabled until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.
Log: 'System' Date/Time: 21/04/2020 22:25:33
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 22:22:06
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 22:22:04
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 20:46:59
Type: Warning Category: 0
Event: 7044 Source: Service Control Manager
The following service is taking more than 3 minutes to start and may have stopped responding: Base Filtering Engine Contact your system administrator or service vendor for approximate startup times for this service. If you think this service might be slowing system response or logon time, talk to your system administrator about whether the service should be disabled until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.
Log: 'System' Date/Time: 21/04/2020 20:46:54
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 20:43:18
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 20:43:16
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 16:25:05
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\Administrator SID (S-1-5-21-2559438547-1515831249-1651957702-500) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 16:22:51
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\Administrator SID (S-1-5-21-2559438547-1515831249-1651957702-500) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 16:21:39
Type: Warning Category: 0
Event: 7044 Source: Service Control Manager
The following service is taking more than 3 minutes to start and may have stopped responding: Base Filtering Engine Contact your system administrator or service vendor for approximate startup times for this service. If you think this service might be slowing system response or logon time, talk to your system administrator about whether the service should be disabled until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.
Log: 'System' Date/Time: 21/04/2020 16:15:45
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 16:15:43
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 13:40:14
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 13:40:13
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 13:40:12
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 13:40:11
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 13:36:51
Type: Warning Category: 0
Event: 7044 Source: Service Control Manager
The following service is taking more than 3 minutes to start and may have stopped responding: Base Filtering Engine Contact your system administrator or service vendor for approximate startup times for this service. If you think this service might be slowing system response or logon time, talk to your system administrator about whether the service should be disabled until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.
Log: 'System' Date/Time: 21/04/2020 13:35:55
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 21/04/2020 13:35:48
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 21/04/2020 23:37:39
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/04/2020 22:28:33
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 21/04/2020 20:46:54
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: svchost.exe, version: 10.0.18362.1, time stamp: 0x68f17365 Faulting module name: combase.dll, version: 10.0.18362.693, time stamp: 0xb5cb65b6 Exception code: 0xc0000005 Fault offset: 0x000883c5 Faulting process id: 0x4b4 Faulting application start time: 0x01d6181d66accf7d Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: C:\WINDOWS\System32\combase.dll Report Id: a17b82e6-4f4f-461e-959b-c5189b02da1e Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 21/04/2020 20:46:05
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: spoolsv.exe, version: 10.0.18362.476, time stamp: 0x84440337 Faulting module name: ntdll.dll, version: 10.0.18362.778, time stamp: 0x7d3954ae Exception code: 0xc0000005 Fault offset: 0x0003b2b8 Faulting process id: 0x910 Faulting application start time: 0x01d6181d6c96ad2a Faulting application path: C:\WINDOWS\System32\spoolsv.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 50cdc033-79dc-4948-a185-e3387529ed3d Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 21/04/2020 17:09:41
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 5280, ProfSvc PID: 1180.
Log: 'Application' Date/Time: 21/04/2020 17:09:41
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2276, ProfSvc PID: 1180.
Log: 'Application' Date/Time: 21/04/2020 17:09:41
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2276, ProfSvc PID: 1180.
Log: 'Application' Date/Time: 21/04/2020 17:09:23
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 21/04/2020 17:09:13
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: svchost.exe_WpnUserService, version: 10.0.18362.1, time stamp: 0x68f17365 Faulting module name: wpnuserservice.dll, version: 10.0.18362.1, time stamp: 0x679bdb1b Exception code: 0xc0000409 Fault offset: 0x00008771 Faulting process id: 0xac4 Faulting application start time: 0x01d617ff0d1c0cf8 Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: c:\windows\system32\wpnuserservice.dll Report Id: 75ac47b0-cbf5-4b78-8e82-8f7680c00a37 Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 21/04/2020 16:22:04
Type: Error Category: 3
Event: 455 Source: ESENT
StartMenuExperienceHost (4764,R,98) TILEREPOSITORYS-1-5-21-2559438547-1515831249-1651957702-500: Error -1023 (0xfffffc01) occurred while opening logfile C:\Users\Administrator\AppData\Local\TileDataLayer\Database\EDB.log.
Log: 'Application' Date/Time: 21/04/2020 16:22:04
Type: Error Category: 1
Event: 522 Source: ESENT
StartMenuExperienceHost (4764,P,98) TILEREPOSITORYS-1-5-21-2559438547-1515831249-1651957702-500: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).
Log: 'Application' Date/Time: 21/04/2020 16:20:50
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 21/04/2020 13:39:06
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 21/04/2020 13:16:33
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Users\channeal\Downloads\WMIDiag(2).exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Log: 'Application' Date/Time: 21/04/2020 09:22:40
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 20/04/2020 20:20:04
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2208, ProfSvc PID: 1204.
Log: 'Application' Date/Time: 20/04/2020 20:20:04
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2208, ProfSvc PID: 1204.
Log: 'Application' Date/Time: 20/04/2020 20:20:04
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 1264, ProfSvc PID: 1204.
Log: 'Application' Date/Time: 20/04/2020 20:20:04
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2208, ProfSvc PID: 1204.
Log: 'Application' Date/Time: 20/04/2020 19:32:33
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/04/2020 17:09:24
Type: Warning Category: 0
Event: 1509 Source: Microsoft-Windows-User Profiles General
Windows cannot copy file C:\Users\Default\NTUSER.DAT to location C:\Users\TEMP\NTUSER.DAT. This error may be caused by network problems or insufficient security rights. DETAIL - Access is denied.
Log: 'Application' Date/Time: 21/04/2020 16:18:19
Type: Warning Category: 7
Event: 508 Source: ESENT
taskhostw (7364,D,0) WebCacheLocal: A request to write to the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 14155776 (0x0000000000d80000) for 32768 (0x00008000) bytes succeeded, but took an abnormally long time (22 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 21/04/2020 09:16:00
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (2940,R,98) WebCacheLocal: The shadow header page of file C:\Users\channeal\AppData\Local\Microsoft\Windows\WebCache\V01.chk was damaged. The primary header page (4096 bytes) was used instead.
Log: 'Application' Date/Time: 20/04/2020 19:46:28
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 with error 0x80070057.
I'm off to bed - I've had enough of this computer for one day!
#48
Posted 21 April 2020 - 08:36 PM
Let's let FRST rerun DISM & SFC. Perhaps that will help. It's possible the dskchk found a bad sector and something important was on it.
Download the attached fixlist.txt to the same location as FRST
fixlist.txt 1.24KB
268 downloads
Run FRST and press Fix (Will take about 30 minutes)
A fix log will be generated please post that (may be too big so you may have to attach it)
Reboot if the fix doesn't reboot it for you
Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.
#49
Posted 22 April 2020 - 06:59 AM
Here are the logs: -
Fixlog.txt 388.84KB 255 downloads
FRST.txt 149.28KB 255 downloads
Addition.txt 31.46KB 259 downloads
#50
Posted 22 April 2020 - 07:22 AM
I know you have the paid version of Avast but would it be possible to uninstall it for a short time just to see if it might be causing the problem? Assume there is some license involved so you would need to save that before you uninstalled.
Reason I ask is the errors:
Error: (04/22/2020 11:31:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: NEAL1-DELL)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Error: (04/22/2020 11:26:08 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 2648, ProfSvc PID: 1172.
Error: (04/22/2020 11:26:08 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2332, ProfSvc PID: 1172.
the ProfSvc the bottom two errors are talking about is User Profile Service: The User profile service (ProfSvc) is a Microsoft service in charge of loading and unloading the user profile. It looks like Avast is interfering with the profile service which could be causing your problems.
#51
Posted 22 April 2020 - 07:29 AM
Funny you should say that, as I was thinking earlier today that I might uninstall Avast. I have had messages a few times just after logging on about both Avast and Windows Firewall being turned of - but then I go into Avast and everything seems okay. Will uninstall it shortly.
#52
Posted 22 April 2020 - 12:49 PM
I just restarted the computer and when I checked VEW, sure enough there was another profile error. So it looks as if it wasn't down to Avast.
#53
Posted 22 April 2020 - 01:01 PM
Let's see the VEW logs.
#54
Posted 22 April 2020 - 01:25 PM
Okey dokey, here they are.....
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 22/04/2020 20:16:58
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/04/2020 13:58:25
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The NVIDIA Update Service Daemon service hung on starting.
Log: 'System' Date/Time: 22/04/2020 10:42:32
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NcdAutoSetup service.
Log: 'System' Date/Time: 22/04/2020 10:36:16
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Update Orchestrator Service service hung on starting.
Log: 'System' Date/Time: 22/04/2020 10:34:03
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The NVIDIA Update Service Daemon service hung on starting.
Log: 'System' Date/Time: 22/04/2020 10:31:04
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Downloaded Maps Manager service hung on starting.
Log: 'System' Date/Time: 22/04/2020 10:21:27
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/04/2020 18:47:09
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 18:46:32
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 18:36:28
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 18:36:28
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.SecurityAppBroker and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 18:36:27
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 13:59:47
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.SecurityAppBroker and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 13:59:47
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 13:59:47
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 13:47:18
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 10:58:11
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 10:58:03
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 10:58:03
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 10:32:14
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 10:32:12
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 22/04/2020 10:29:55
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ocsp.pki.goog timed out after none of the configured DNS servers responded.
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 22/04/2020 20:18:17
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/04/2020 19:16:46
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 22/04/2020 18:34:14
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 22/04/2020 13:55:24
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 22/04/2020 13:47:14
Type: Error Category: 0
Event: 17 Source: SecurityCenter
Security Center failed to validate caller with error DC040780.
Log: 'Application' Date/Time: 22/04/2020 10:31:04
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Log: 'Application' Date/Time: 22/04/2020 10:26:08
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 2648, ProfSvc PID: 1172.
Log: 'Application' Date/Time: 22/04/2020 10:26:08
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2332, ProfSvc PID: 1172.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/04/2020 19:13:41
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (2200,R,98) WebCacheLocal: The shadow header page of file C:\Users\channeal\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Log: 'Application' Date/Time: 22/04/2020 18:54:28
Type: Warning Category: 0
Event: 2003 Source: Microsoft-Windows-Perflib
The configuration information of the performance library "C:\Windows\System32\perfts.dll" for the "TermService" service does not match the trusted performance library information stored in the registry. The functions in this library will not be treated as trusted.
Log: 'Application' Date/Time: 22/04/2020 16:09:54
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 5432 did not respond and is being forcibly terminated {filter host process 7772}.
Log: 'Application' Date/Time: 22/04/2020 16:01:57
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 5052 did not respond and is being forcibly terminated {filter host process 6416}.
#55
Posted 22 April 2020 - 01:49 PM
I think that's the only error we got that boot tho. Can you go to PC Settings, Accounts, Family & Other Users, Add Someone else to this PC, I don't have this person's sign in information, Add a user without a Microsoft Account, give it a username and password. Make sure it has admin rights. Then reboot and log on as the new user. Does the system have the same problems as before with administrator or does it work better this time?
#56
Posted 22 April 2020 - 03:21 PM
I followed your instructions and then logged into the new profile. The following are new logs which were run from it.
I am logging off for tonight now. Will check how things are going tomorrow.
Report run at 22/04/2020 21:31:03
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/04/2020 20:21:04
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The NVIDIA Update Service Daemon service hung on starting.
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The NVIDIA Update Service Daemon service hung on starting.
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NcdAutoSetup service.
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Update Orchestrator Service service hung on starting.
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The NVIDIA Update Service Daemon service hung on starting.
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Downloaded Maps Manager service hung on starting.
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/04/2020 20:21:25
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.SecurityAppBroker and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.SecurityAppBroker and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.SecurityAppBroker and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.SecurityAppBroker and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user NEAL1-DELL\channeal SID (S-1-5-21-2559438547-1515831249-1651957702-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ocsp.pki.goog timed out after none of the configured DNS servers responded.
Report run at 22/04/2020 21:27:57
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/04/2020 20:18:48
Type: Error Category: 3
Event: 455 Source: ESENT
StartMenuExperienceHost (1032,R,98) TILEREPOSITORYS-1-5-21-2559438547-1515831249-1651957702-1004: Error -1023 (0xfffffc01) occurred while opening logfile C:\Users\nealfamily\AppData\Local\TileDataLayer\Database\EDB.log.
Type: Error Category: 1
Event: 522 Source: ESENT
StartMenuExperienceHost (1032,P,98) TILEREPOSITORYS-1-5-21-2559438547-1515831249-1651957702-1004: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Type: Error Category: 0
Event: 17 Source: SecurityCenter
Security Center failed to validate caller with error DC040780.
Type: Error Category: 0
Event: 1511 Source: Microsoft-Windows-User Profiles Service
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 2648, ProfSvc PID: 1172.
Type: Error Category: 0
Event: 1552 Source: Microsoft-Windows-User Profiles Service
User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, PID: 2332, ProfSvc PID: 1172.
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/04/2020 20:16:37
Type: Warning Category: 7
Event: 508 Source: ESENT
taskhostw (5560,D,0) WebCacheLocal: A request to write to the file "C:\Users\nealfamily\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" at offset 15204352 (0x0000000000e80000) for 32768 (0x00008000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3548,R,98) WebCacheLocal: The shadow header page of file C:\Users\channeal\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 1052 did not respond and is being forcibly terminated {filter host process 6208}.
Log: 'Application' Date/Time: 22/04/2020 19:13:41
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (2200,R,98) WebCacheLocal: The shadow header page of file C:\Users\channeal\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Type: Warning Category: 0
Event: 2003 Source: Microsoft-Windows-Perflib
The configuration information of the performance library "C:\Windows\System32\perfts.dll" for the "TermService" service does not match the trusted performance library information stored in the registry. The functions in this library will not be treated as trusted.
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 5432 did not respond and is being forcibly terminated {filter host process 7772}.
Log: 'Application' Date/Time: 22/04/2020 16:01:57
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 5052 did not respond and is being forcibly terminated {filter host process 6416}.
#57
Posted 22 April 2020 - 07:22 PM
From your new login
Download the attached fixlist.txt to the same location as FRST
fixlist.txt 580bytes
251 downloads
Run FRST and press Fix (this one should be pretty quick but will want to reboot)
A fix log will be generated please post that
Reboot if the fix doesn't reboot it for you
Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.
#58
Posted 23 April 2020 - 06:31 AM
I have not been able to get as far as doing this yet!
So....... I downloaded FRST again from your link onto the new profile. Only....... Windows Defender told me there was a virus in the downloaded file: Trojan:Win32/Wacatac.D!ml. I quarantined it and am currently running a 'quick' scan to check it does not find anything else.
How did I get a virus from the FRST link? I am totally confused and bewildered. Please help!
Am beginning to feel like smashing this computer up lol
PS Scan just finished and no further threats were found.
#59
Posted 23 April 2020 - 06:56 AM
There is no virus. That's just a false positive. FRST is very powerful and it scares some anti-virus programs. I just downloaded and ran it through virustotal and the majority think it's OK. There were just two that flagged it. Even Microsoft passed it.
https://www.virustot...779e6/detection
You will probably have to suspend Windows Defender in order to download it. You may also get a warning from Smart Screen about it but there is a link on the warning page - something like More Info - that allows you to download it anyway.
#60
Posted 23 April 2020 - 08:05 AM
Ah okay, thanks! I thought it was strange! I got a bit concerned though when it told me the threat was 'severe'.
Here are the logs: -
Fixlog.txt 1.84KB 274 downloads
FRST.txt 145.42KB 251 downloads
Addition.txt 16.14KB 265 downloads
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users