TSP,

What are your hardware specs?

32/64 bit?

How many admin users you have on your system?

What were you doing right before you performed the registry tasks? 

How often have you cleaned up the system?

Hi Erik,

I am running Windows 7 Pro X64

Hardware

Intel Q9450 @ 2.67GHZ

Mobo Gigabyte EX-38 DS4

(2) 320GB WD Enterprise Edition Drives (in Raid 1 Intel onboard ICH9/ICH10 raid controller) Latest Bios

(4) OCZ Reaper DDR2 1152mhz

EVGA 9800GX2

My Windows 7 was installed 3 weeks ago, I had the latest drivers and the only admin accts were Administrator and my own. I just installed the utilites and rebooted, logged back in cleaned the drive and ran the norton registry defrag/compress task. I was asked to reboot which I did and my system has blue screneed since.

However this last weekend I got tired of waiting and just did a fresh reinstall of EVERYTHING since my alt computer is not reliable. I also found another issue and I am not sure what is the cause. I was forced to reactivate NIS2010 after having activated it after the fresh install. It was strange because I began writing a document for work and a just 3 minutes into the fresh logon my NIS began shutting off system protection and had asked me to reactivate, which makes no sense. I have ran NIS and malware bytes and there is nothing on my computer. So that means I have used my 2nd and 3rd license of my 3 licenses in just 6 days, can you help me with this???

Unfortunately, I don't deal much with the licensing client.  You might post to the NIS forum for that. 

Thank you for the hardware details.  I'll pass this along to the NU team. 

If anyone is still having this problem, use the Recovery Console to do the following:

Hi Erik,

Thanks again for getting involved in this. Does this indicate that your software team has some leads on this problem?

Thanks much

Allen

If these steps work, it would mean that something happened to the hives during the process.  We would want to look at all the *.old files to see exactly what happened if this works. 

Hi Erik: 

I'm afraid that this solution is 'Greek to me.' Will there be an automatic patch or fix available at a future point for the more computer-illiterate folks out here?  I do not feel confident to re-install NU 14.5 until there is.

Thanks, Jaylene

In order for us to fix something, we need to know why it happened first.  Currently we are unable to reproduce this, which means we need to obtain information from those affected. 

Erik,

I had this issue on an HP HDX18 laptop running 64 bit Windows 7.

I followed your instructions above, although the only .rmbak files on my system were default and software, (no sam,system or security).

This solved my problem :-) Thanks for your help.

I have saved the old default and software files. If they might be of use to Symantec in debugging this issue, I can send them to you.

Absolutely.  I'll send you a private message with instructions.

Hi Erik,

Regarding your workaround posted above, I'm just curious if this would also explain cases where reports have indicated that "Last Known Good Configuration" was NOT able to solve the problem? I would have thought this option should replace all of the registry hives.

Thanks much

Allen

I'm unsure as I don't know all the inner workings of system restore, but I believe that components of system restore reside in those hives.  That could be why it's failing.

Erik,

I had the exact same issue.  I ran registry defrag, BSOD on reboot, THEN found this thread.  Seriously, you guy need to disable the registry defrag on Win7 through smart update.  This isn't acceptable.

My platform is Windows 7 Ultimate 64-bit on a DIY PC built on an Asus A8N-SLI Deluxe, 4GB RAM.

I managed to manually recover the system by partially following your instructions to recover the registry hives.  I had created a system protection checkpoint just before running Norton Utilities just in case.  Unfortunately, System Restore couldn't use it.

In following your instructions I found that I only had .rmbak files for the DEFAULT and SOFTWARE hives.  So I renamed those and copied the remaining hives for SYSTEM, SECURITY, and SAM from the RegBack directory that happened to have copies timestamped just prior to the disaster.

The system is back up and running again.

Thanks for looking into this but you guys need to seriously do something to prevent people from killing their systems.  If anything at least pop up a warning recommending not doing this on Win7 systems.

Unfortunately this isn't a case of a problem happening due to Win 7 64 bit.  In fact, the product was fully tested on both 32/64 bit Vista and Win7.  We are diligently working to determine why this is occuring.

Would you be willing to provide a copy of the corrected and "bad" versions of the Default and Software hives like what rcgibbs did? 

Foobarred had it exactly right, follwed his instructions and everything is back to normal....just for the record Window 7 home premium abd I just restarted as per the instructions after doing the registry compression.  When I renamed and coped files from a command prompt, it all came back with no problems, definately the same bug everyone else has found the hard way!!

Thanks again Foobarred.

Bob

Erik,

Unfortunately, as much as I would like to help you guys determine the root cause, I'm a little uncomfortable sending my registry hives.  I have some pretty expensive software installed and all the keying and licensing info is in those hives.

Are there specific keys from those hives I can send you? I don't mind doing a diff on them either and sending you the deltas after I review them for personal information.

Just out of curiousity, when you guys product tested NU was it simultatneously installed with NIS 2010?  I've come to realize that NIS 2010 won't let System Restore work until after the tamper protection is disabled.  I was wondering if that could have had anything to do with System Restore not being able to run when trying to recover from the registry defrag error.

Hi Foobarred,

Kudos to you for being willing to send deltas of your registry hives to help Symantec on this issue. 

I don't think the tamper protection would cause this particular issue because one of the symptoms for some people has been that even rebooting the computer and using F8 to get to the advanced options menu was also not able to restore the system using "Last known good configuration".

Allen

Unfortunately, I've been told a diff isn't sufficient.  They need the hives to analyze to see what happened.  Anything sent will be kept in confidence and any personal references will be passed over.  We wouldn't be a security company if we couldn't keep your information in confidence. 

Yes, tested with other consumer products installed.  The symprotect issue you're referring to is doing a restore while in Windows (last known good config won't have a problem).  Creating a restore point won't be a problem either.

So, I have an update for those that are monitoring this.  If any of you who experienced this issue are willing, we have a developer who would like to remote into a few systems.  If you are willing, please send me a private message with your name, phone number, OS, and what time works for you.  I'm trying to get some set up today and tomorrow.  Thank you.

Norton Utilities has just released an update that may resolve this situation.  In order to verify do the following:

-If you are in an unbootable state, follow the steps to rename any .rmbak backups of the registry hives as previously instructed

-If you are in Windows, ensure that you run Smart Update after installing NU 14.5

If you are unsure if you have recieved the update, launch Smart Update to check for updates.  If this does not resolve the situation, please let me know immediately.  Thank you for your patience with this as well as those that passed along information to help in identifying the root cause for this issue.