New
#371
Log Name: Microsoft-Windows-Kernel-EventTracing/Admin
Source: Microsoft-Windows-Kernel-EventTracing
Date: 11/20/2014 10:25:12 PM
Event ID: 2
Task Category: Session
Level: Error
Keywords: Session
User: CINDY-PC\Cynthia
Computer: Cindy-PC
Description:
Session "RjvTrace" failed to start with the following error: 0xC0000035
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-EventTracing" Guid="{B675EC37-BDB6-4648-BC92-F3FDC74D3CA2}" />
<EventID>2</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>2</Task>
<Opcode>12</Opcode>
<Keywords>0x8000000000000010</Keywords>
<TimeCreated SystemTime="2014-11-21T04:25:12.128824800Z" />
<EventRecordID>8</EventRecordID>
<Correlation />
<Execution ProcessID="2324" ThreadID="3824" />
<Channel>Microsoft-Windows-Kernel-EventTracing/Admin</Channel>
<Computer>Cindy-PC</Computer>
<Security UserID="S-1-5-21-1662743237-2819461425-3786422579-1001" />
</System>
<EventData>
<Data Name="SessionName">RjvTrace</Data>
<Data Name="FileName">
</Data>
<Data Name="ErrorCode">3221225525</Data>
<Data Name="LoggingMode">16777217</Data>
</EventData>
</Event>
Log Name: Microsoft-Windows-Kernel-EventTracing/Admin
Source: Microsoft-Windows-Kernel-EventTracing
Date: 11/20/2014 10:25:12 PM
Event ID: 2
Task Category: Session
Level: Error
Keywords: Session
User: CINDY-PC\Cynthia
Computer: Cindy-PC
Description:
Session "RjvTrace" failed to start with the following error: 0xC0000035
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-EventTracing" Guid="{B675EC37-BDB6-4648-BC92-F3FDC74D3CA2}" />
<EventID>2</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>2</Task>
<Opcode>12</Opcode>
<Keywords>0x8000000000000010</Keywords>
<TimeCreated SystemTime="2014-11-21T04:25:12.128824800Z" />
<EventRecordID>8</EventRecordID>
<Correlation />
<Execution ProcessID="2324" ThreadID="3824" />
<Channel>Microsoft-Windows-Kernel-EventTracing/Admin</Channel>
<Computer>Cindy-PC</Computer>
<Security UserID="S-1-5-21-1662743237-2819461425-3786422579-1001" />
</System>
<EventData>
<Data Name="SessionName">RjvTrace</Data>
<Data Name="FileName">
</Data>
<Data Name="ErrorCode">3221225525</Data>
<Data Name="LoggingMode">16777217</Data>
</EventData>
</Event>
Log Name: Microsoft-Windows-Kernel-EventTracing/Admin
Source: Microsoft-Windows-Kernel-EventTracing
Date: 11/20/2014 5:57:58 PM
Event ID: 3
Task Category: Session
Level: Error
Keywords: Session
User: SYSTEM
Computer: Cindy-PC
Description:
Session "ReadyBoot" stopped due to the following error: 0xC0000188
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-EventTracing" Guid="{B675EC37-BDB6-4648-BC92-F3FDC74D3CA2}" />
<EventID>3</EventID>
<Version>1</Version>
<Level>2</Level>
<Task>2</Task>
<Opcode>14</Opcode>
<Keywords>0x8000000000000010</Keywords>
<TimeCreated SystemTime="2014-11-20T23:57:58.553875400Z" />
<EventRecordID>4</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="136" />
<Channel>Microsoft-Windows-Kernel-EventTracing/Admin</Channel>
<Computer>Cindy-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="SessionName">ReadyBoot</Data>
<Data Name="FileName">C:\WINDOWS\Prefetch\ReadyBoot\ReadyBoot.etl</Data>
<Data Name="ErrorCode">3221225864</Data>
<Data Name="LoggingMode">276824064</Data>
<Data Name="FailureReason">0</Data>
</EventData>
</Event>
Log Name: Microsoft-Windows-AppReadiness/Admin
Source: Microsoft-Windows-AppReadiness
Date: 11/20/2014 6:01:33 PM
Event ID: 10
Task Category: (6)
Level: Error
Keywords: (128)
User: SYSTEM
Computer: Cindy-PC
Description:
The Appx operation 'RegisterPackageAsync' on 'Microsoft.Media.PlayReadyClient.2_2.5.1891.0_x86__8wekyb3d8bbwe' failed for user 'cindywilliams572@hotmail.com' - error 0x80070003: Opening file from location: C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient.2_2.5.1891.0_x86__8wekyb3d8bbwe\AppxManifest.xml failed with error: The system cannot find the path specified.
.. (Error: Package could not be opened.)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-AppReadiness" Guid="{F0BE35F8-237B-4814-86B5-ADE51192E503}" />
<EventID>10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>6</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000080</Keywords>
<TimeCreated SystemTime="2014-11-21T00:01:33.250600200Z" />
<EventRecordID>38</EventRecordID>
<Correlation ActivityID="{9B386646-051D-0003-8D66-389B1D05D001}" />
<Execution ProcessID="1760" ThreadID="3284" />
<Channel>Microsoft-Windows-AppReadiness/Admin</Channel>
<Computer>Cindy-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="User">cindywilliams572@hotmail.com</Data>
<Data Name="Operation">RegisterPackageAsync</Data>
<Data Name="PackageId">Microsoft.Media.PlayReadyClient.2_2.5.1891.0_x86__8wekyb3d8bbwe</Data>
<Data Name="Result">-2147009296</Data>
<Data Name="Error">error 0x80070003: Opening file from location: C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient.2_2.5.1891.0_x86__8wekyb3d8bbwe\AppxManifest.xml failed with error: The system cannot find the path specified.
.</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Boot
Date: 11/22/2014 4:47:18 PM
Event ID: 29
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: Cindy-PC
Description:
Windows failed fast startup with error status 0xC0000001.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Boot" Guid="{15CA44FF-4D7A-4BAA-BBA5-0998955E531E}" />
<EventID>29</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2014-11-22T22:47:18.056567600Z" />
<EventRecordID>4889</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="8" />
<Channel>System</Channel>
<Computer>Cindy-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="FailureStatus">3221225473</Data>
<Data Name="FailureMsgId">1079040</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Eventlog
Date: 11/21/2014 5:54:45 AM
Event ID: 30
Task Category: Service startup
Level: Error
Keywords: Service availability
User: LOCAL SERVICE
Computer: Cindy-PC
Description:
The event logging service encountered an error (5) while enabling publisher {0bf2fb94-7b60-4b4d-9766-e82f658df540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Eventlog" Guid="{FC65DDD8-D6EF-4962-83D5-6E5CFE9CE148}" />
<EventID>30</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>100</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000020000</Keywords>
<TimeCreated SystemTime="2014-11-21T11:54:45.255022600Z" />
<EventRecordID>2811</EventRecordID>
<Correlation />
<Execution ProcessID="932" ThreadID="2224" />
<Channel>System</Channel>
<Computer>Cindy-PC</Computer>
<Security UserID="S-1-5-19" />
</System>
<UserData>
<InitChannelPublisherEnableFailure xmlns="http://manifests.microsoft.com/win/2...ndows/eventlog">
<Error Code="5" />
<ChannelPath>Microsoft-Windows-Kernel-ShimEngine/Operational</ChannelPath>
<PublisherGuid>{0BF2FB94-7B60-4B4D-9766-E82F658DF540}</PublisherGuid>
</InitChannelPublisherEnableFailure>
</UserData>
</Event>
Log Name: System
Source: Microsoft-Windows-WER-SystemErrorReporting
Date: 11/22/2014 12:10:47 PM
Event ID: 1001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Cindy-PC
Description:
The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xffffe000cfa3b060, 0xffffd0010cbc4aa0, 0xffffe000cf44d3a0). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 112214-28546-01.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WER-SystemErrorReporting" Guid="{ABCE23E7-DE45-4366-8631-84FA6C525952}" EventSourceName="BugCheck" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-11-22T18:10:47.000000000Z" />
<EventRecordID>4870</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>Cindy-PC</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">0x0000009f (0x0000000000000003, 0xffffe000cfa3b060, 0xffffd0010cbc4aa0, 0xffffe000cf44d3a0)</Data>
<Data Name="param2">C:\WINDOWS\MEMORY.DMP</Data>
<Data Name="param3">112214-28546-01</Data>
</EventData>
</Event>
Okay. There is more, but that seems to be all related to this problem.