Tried all these, attachments as requested.
Tried all these, attachments as requested.
Some interesting errors in the System log...
The Apps log shows the following errors...Code:The following boot-start or system-start driver(s) failed to load: SBRE . The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s). . A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/4040352340/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. . The XAMPP Service service failed to start due to the following error: The system cannot find the file specified. . The WebcamMax, WDM Video Capture service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. . Encrypted volume check: Volume information on \\?\Volume{d9751ffa-476c-11df-bd9e-806e6f6e6963} cannot be read. . The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&2C5E86A3&0&058F63636476&0#.
There are a number of other errors which arise from 'Access Denied type messagesCode:The description for Event ID 0 from source SignInAssistant cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: InitializeSvcAPI failed with hr = 0x8004888d . Activation - Health check failure: hr =0x8004FE21, HealthStatus: 0x000000000003EFFF . Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {c39b3885-4573-4f97-9975-ab72ce092c01}
I think the two most important are the ones at the top of the System list...
back in a few minutes with some ideas on them.
Last edited by NoelDP; 06 Oct 2013 at 10:39. Reason: formatting
Please run the following commands in an Elevated Command Prompt, and post the results....
REG QUERY HKLM\SYSTEM\CurrentControlSet\services\SQLWriter
REG QUERY "HKLM\SYSTEM\CurrentControlSet\services\VSS\Diag\System Writer"
(the last one may take a minute or two - be patient!)
Post the results.
Here are some instructions to make lifeeasier :)
1) To open anElevated Command Prompt Window (the ECP window), click on Start, All Programs,Accessories – then right-click on Command Prompt, and select Run asAdministrator. Accept the UAC prompt.
2) To run thecommands easier, highlight the block of commands, and right-click on thehighlight – select Copy. In the CP Window, click on the black/white icon at topleft – select Paste. The commands will run but may not complete the lastcommand, so hit the Enter Key once.
3) To copy theresults... click on the Black/White icon in the top left, and select Edit...'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to pasteit into your response.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\LEGACY_SBRE /S
ERROR: The system was unable to find the specified registry key or value.
C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\services\SQLWriter
Type REG_DWORD 0x10
Start REG_DWORD 0x2
ErrorControl REG_DWORD 0x1
ImagePath REG_EXPAND_SZ "C:\Program Files\Microsoft SQL Server\90\Shar
DisplayName REG_SZ SQL Server VSS Writer
ObjectName REG_SZ LocalSystem
Description REG_SZ Provides the interface to backup/restore Microsoft
SQL server through the Windows VSS infrastructure.
C:\Windows\system32>REG QUERY "HKLM\SYSTEM\CurrentControlSet\services\VSS\Diag\S
ystem Writer"
vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001-2005 Microsoft Corp.
Waiting for responses.
These may be delayed if a shadow copy is being prepared.
Writer name: 'Task Scheduler Writer'
Writer Id: {d61d61c8-d73a-4eee-8cdd-f6f9786b7124}
Writer Instance Id: {1bddd48e-5052-49db-9b07-b96f96727e6b}
State: [1] Stable
Last error: No error
Writer name: 'VSS Metadata Store Writer'
Writer Id: {75dfb225-e2e4-4d39-9ac9-ffaff65ddf06}
Writer Instance Id: {088e7a7d-09a8-4cc6-a609-ad90e75ddc93}
State: [1] Stable
Last error: No error
Writer name: 'Performance Counters Writer'
Writer Id: {0bada1de-01a9-4625-8278-69e735f39dd2}
Writer Instance Id: {f0086dda-9efc-47c5-8eb6-a944c3d09381}
State: [1] Stable
Last error: No error
Writer name: 'System Writer'
Writer Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Instance Id: {d0b40ca8-83a9-47a6-a9b5-11c84059a757}
State: [1] Stable
Last error: No error
Writer name: 'ASR Writer'
Writer Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Instance Id: {211a6bf4-a816-4cc9-bd40-e67884b8bc32}
State: [1] Stable
Last error: No error
Writer name: 'Registry Writer'
Writer Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Writer Instance Id: {7b247369-8b47-4187-8902-6d83d28f5e61}
State: [1] Stable
Last error: No error
Writer name: 'MSSearch Service Writer'
Writer Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Writer Instance Id: {8af12067-f9d9-483a-8911-4f9544697ecf}
State: [1] Stable
Last error: No error
Writer name: 'Shadow Copy Optimization Writer'
Writer Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Instance Id: {78659817-cc2f-4441-835f-cb6149abef11}
State: [1] Stable
Last error: No error
Writer name: 'WMI Writer'
Writer Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Instance Id: {e83dda79-5786-4d35-a921-0051b72ddc21}
State: [1] Stable
Last error: No error
Writer name: 'COM+ REGDB Writer'
Writer Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Writer Instance Id: {34ee78a1-18ce-44ba-8ba0-caab1bdccfd6}
State: [1] Stable
Last error: No error
Well at least we seem to have identified one of the problems :)
I'll post a fix for the SBRE problem a little later - I need to test a few things first.
Have you had Ad-Aware installed at any time??
this error can apparently be caused by AA being uninstalled - and can be fixed by a simple command in an Elevated Command Prompt...
If that's not the case here (or you get a 'service not installed' error), then read on...
I've uploaded a file - - to my SkyDrive at Noel's SkyDrive
Pleasedownload and save it to your desktop.
Right-clickon the saved file and select Extract all...
Saveit to the default location
Thisshould create a file sbrefix.reg
right-clickon the file, and select Merge
Acceptthe warnings, - you should then get a 'Success' message.
Closeall windows, and reboot.
Now test the system a bit, and post the new System.evtx file
I have to admit that I'm not sure how the SBRE 'driver' ties in with Windows updates, but it needs fixing anyhow :)
Yes, I have Ad Aware installed, or I certainly used to have it!
The first option was successful, no need to download file (I assume).
If AdAware is still installed, it may be a good idea to test it now - in case we need to do something else :)
The SBRE error is now 'missing' from the latest boot :)
There are a few other service errors - involving the following services...
Code:WebcamMax, WDM Video Capture service failed to start. XAMPP Service service failed to start SQL Server VSS Writer service terminated unexpectedly
also the following driver failed...
... and there are a number of failures with Windows Media Player.Code:The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&2C5E86A3&0&058F63636476&0#.
Code:A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/4040352340/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. . A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
As far as the WMP errors are concerned, have a look here...
Four errors from Windows Media Player Network Sharing Service on every - Microsoft Community
Let's have a look at the failing services...
run the following commands and post the results.
The System Writer problem is a tricky one - I need to do some thinking about that!
Okay, the Adaware I'm not too fussed about as it was probably removed to prevent clashing with my new AV, BitDefender Total Internet Security which is firewall, av and loads more.
Xampp I still have on my machine, but I more often use AAMPS as it's far more user friendly.
WebCamMax was probably something I tried and didn't like the results so uninstalled it.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>sc queryex xampp
TYPE : 110 WIN32_OWN_PROCESS (interactive)
WIN32_EXIT_CODE : 0 (0x0)
PID : 0
C:\Windows\system32>sc queryex WebCamMax
[SC] EnumQueryServicesStatus:OpenService FAILED 1060:
The specified service does not exist as an installed service.
I'm not a fan of security suites - I reckon that you're better off with a mix-and-match solution - but if it works for you, that's the main thing :)
Obviously there's something in the registry attempting to start the WebCamMax service - which doesn't exist. The question is: where? See if MSCONFIG gives any clues (or gives it a different name!).
Interesting that XAMPP seems to be saying that no attempt has been made to start it - let's see what happens is we do attempt it.
Open an Elevated Command Prompt and run the following commands
post the results