can't update important files and services while the system is using

Please open Event Viewer
Navigate to teh Windows Logs\Application
right-click on the Application key, and select Save all events as...
Call it Appevt.evtx and save it to the Desktop.
Repeat for the System events (call it Sysevt.evtx)
zip both files, and attach to your reply.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Please open an Elevated CommandPrompt, and run the following command

fsutil resource setautoreset true c:\

reboot

now see if the Firewall is running
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Please run the following commands, and post the results.

SC QUERYEX MpsSvc
SC QUERYEX KeyIso
SC QUERYEX Wlansvc
SC QUERYEX dot3svc
SC QUERYEX BFE
SC QUERYEX PolicyAgent
SC QUERYEX IKEEXT
 
Last edited:

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\user>sc queryex mpssvc

SERVICE_NAME: mpssvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1066 (0x42a)
SERVICE_EXIT_CODE : 6801 (0x1a91)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :

C:\Users\user>sc queryex keyiso

SERVICE_NAME: keyiso
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 632
FLAGS : RUNS_IN_SYSTEM_PROCESS

C:\Users\user>sc queryex wlansvc

SERVICE_NAME: wlansvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1092
FLAGS :

C:\Users\user>sc queryex dot3svc

SERVICE_NAME: dot3svc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1077 (0x435)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :

C:\Users\user>sc queryex bfe

SERVICE_NAME: bfe
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1860
FLAGS :

C:\Users\user>sc queryex policyagent

SERVICE_NAME: policyagent
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 3636
FLAGS :

C:\Users\user>sc queryex ikeext

SERVICE_NAME: ikeext
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1124
FLAGS :

C:\Users\user>
 

My Computer

OS
64-bit Windows 7 Home Premium
I've just been pointed at what looks like a very good tool for use in this situation - please download and run the FarBar Service Scanner - from Farbar Service Scanner Download
run it, and attach the log file it produces to a reply - it'll get there much quicker than I will :)

(forgot to add- tick all options for the scan!)
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Firewall not running, updates not possible, same error messages upon reboot. Here is the file requested. "bleeping computer" indeed!
 

My Computer

OS
64-bit Windows 7 Home Premium
Please use Event Viewer to export the Windows Application and System event logs, then compress them and attach them to a reply.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
(1) Oddly, I get the message that this fix-it does not apply to my computer (see attached).
(2) Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>sc qc netlogon
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: netlogon
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Windows\system32\lsass.exe
LOAD_ORDER_GROUP : MS_WindowsRemoteValidation
TAG : 0
DISPLAY_NAME : Netlogon
DEPENDENCIES : LanmanWorkstation
SERVICE_START_NAME : LocalSystem

C:\Windows\system32>
 

My Computer

OS
64-bit Windows 7 Home Premium
Bother - I was hoping that a Vista fixit would also run on Win7 - obviously not.

Use the manual method from the article
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>fsutil resource setautoreset true c:\
The operation completed successfully.

C:\Windows\system32>

updated event logs attached
 

My Computer

OS
64-bit Windows 7 Home Premium
There's something odd about those logs - they don't appear to be recording all the normal events.
There's no apparent change in system behaviour.

Have you rebooted since trying the fix?
Please run the following command

REG QUERY "HKLM\SOFTWARE\Microsoft\Windows Search"

Post the results.
 
Last edited:

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
(1) Rebooted
(2) Results of last command :
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>reg query" HKLM\software\microsoft\windows search"
ERROR: Invalid Argument/Option - 'query HKLM\software\microsoft\windows search'.

Type "REG /?" for usage.

C:\Windows\system32>reg query "hklm\software\microsoft\windows search"

HKEY_LOCAL_MACHINE\software\microsoft\windows search
indexer:ci:MaxRestrictionNodes REG_DWORD 0x7ef40
CurrentVersion REG_SZ 6.1.7601.17610
UseLowPriorityConfiguration REG_DWORD 0x1
DataDirectory REG_EXPAND_SZ %ProgramData%\Microsoft\Search\Data\
InstallDirectory REG_EXPAND_SZ %systemroot%\system32\
DefaultDataDirectory REG_EXPAND_SZ %ProgramData%\Microsoft\Search\Data
\
SetupCompletedSuccessfully REG_DWORD 0x0
IndexerCatalogVersion REG_SZ 4.60101.60101
SystemIndexNormalization REG_DWORD 0x1
RebuildIndex REG_DWORD 0x2

HKEY_LOCAL_MACHINE\software\microsoft\windows search\Applications
HKEY_LOCAL_MACHINE\software\microsoft\windows search\Capabilities
HKEY_LOCAL_MACHINE\software\microsoft\windows search\CatalogNames
HKEY_LOCAL_MACHINE\software\microsoft\windows search\CrawlScopeManager
HKEY_LOCAL_MACHINE\software\microsoft\windows search\Databases
HKEY_LOCAL_MACHINE\software\microsoft\windows search\Gather
HKEY_LOCAL_MACHINE\software\microsoft\windows search\Gathering Manager
HKEY_LOCAL_MACHINE\software\microsoft\windows search\Indexer
HKEY_LOCAL_MACHINE\software\microsoft\windows search\InstallDirectory
HKEY_LOCAL_MACHINE\software\microsoft\windows search\PerformanceCounters
HKEY_LOCAL_MACHINE\software\microsoft\windows search\PHSearchConnectors
HKEY_LOCAL_MACHINE\software\microsoft\windows search\PreviousSettings
HKEY_LOCAL_MACHINE\software\microsoft\windows search\ProtocolHandlers
HKEY_LOCAL_MACHINE\software\microsoft\windows search\SearchService
HKEY_LOCAL_MACHINE\software\microsoft\windows search\Tracing
HKEY_LOCAL_MACHINE\software\microsoft\windows search\UsnNotifier
HKEY_LOCAL_MACHINE\software\microsoft\windows search\VolumeInfoCache

C:\Windows\system32>

(3) New event logs attached
 

My Computer

OS
64-bit Windows 7 Home Premium
That looks normal.
I'm trying to work out where the coruption is - whether it's in the control files or the output files. At the moment, I think the favourite is in the control files, but I'm uncertain as to how to properly rebuild them.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Don't lose sleep over this! Have a beer and take the rest of the weekend off - I have a portable PC and - I hesitate to say this - a Mac that has never given me any trouble at all :)
 

My Computer

OS
64-bit Windows 7 Home Premium
Please run the following commands, and post the results.

REG QUERY HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WSearch /S
DIR C:\ProgramData\Microsoft\Search\Data\Applications\Windows
DIR C:\ProgramData\Microsoft\Search\Data\Temp

Post the results, and we'll see where we are (hopefully!)
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>reg query hkey_local_machine\system\currentcontrolset\servic
es\wsearch /s

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\wsearch
DisplayName REG_SZ Windows Search
ErrorControl REG_DWORD 0x1
ImagePath REG_EXPAND_SZ %systemroot%\system32\SearchIndexer.exe /Embed
ding
Start REG_DWORD 0x2
Type REG_DWORD 0x10
Description REG_SZ @%systemroot%\system32\SearchIndexer.exe,-104
DependOnService REG_MULTI_SZ RPCSS
ObjectName REG_SZ LocalSystem
ServiceSidType REG_DWORD 0x1
RequiredPrivileges REG_MULTI_SZ SeChangeNotifyPrivilege\0SeManageVolum
ePrivilege\0SeImpersonatePrivilege\0SeAssignPrimaryTokenPrivilege\0SeIncreaseQuo
taPrivilege\0SeTcbPrivilege
FailureActionsOnNonCrashFailures REG_DWORD 0x1
DelayedAutoStart REG_DWORD 0x0
FailureActions REG_BINARY 80510100000000000000000003000000140000000100
00003075000001000000307500000000000000000000


C:\Windows\system32>dir c:\programdata\microsoft\search\data\applications\window
s
Volume in drive C has no label.
Volume Serial Number is 8AF5-69C1

Directory of c:\programdata\microsoft\search\data\applications\windows

02/12/2012 11:32 AM <DIR> .
02/12/2012 11:32 AM <DIR> ..
02/12/2012 11:32 AM <DIR> Config
02/12/2012 11:32 AM <DIR> GatherLogs
02/12/2012 11:32 AM 8,192 MSS.chk
02/12/2012 11:32 AM 1,048,576 MSS.log
02/12/2012 11:32 AM 1,048,576 MSSres00001.jrs
02/12/2012 11:32 AM 1,048,576 MSSres00002.jrs
02/12/2012 11:32 AM <DIR> Projects
02/12/2012 11:32 AM 75,563,008 Windows.edb
5 File(s) 78,716,928 bytes
5 Dir(s) 281,197,125,632 bytes free

C:\Windows\system32>dir c:\programdata\microsoft\search\data\temp
Volume in drive C has no label.
Volume Serial Number is 8AF5-69C1

Directory of c:\programdata\microsoft\search\data\temp

02/12/2012 11:32 AM <DIR> .
02/12/2012 11:32 AM <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 281,197,125,632 bytes free

C:\Windows\system32>
 

My Computer

OS
64-bit Windows 7 Home Premium
You must log in or register to reply here.
Back
Top