Hello, when I am trying to make a regular weekly backup to my external hard-drive with Windows Backup (this has worked for almost a year...) it has suddenly failed on me. A picture is worth a 1000 words so they say, so I'll just post a picture of the complete error...
Help would be appreciated,
Slasher
Help would be appreciated,
Slasher
Go to search, type the word
services
In services make sure that the services mentioned in your notice are on automatic
"event system and vss services"
Make sure this is not the work of a virus, make full anti virus scan download and make a full scan with malwarebytes.
services
In services make sure that the services mentioned in your notice are on automatic
"event system and vss services"
Make sure this is not the work of a virus, make full anti virus scan download and make a full scan with malwarebytes.
Hi,
VSS Service is running and is automatic, I can't see the 'Event System' service at all...
This is not the work of a virus, as I don't have any viruses on my system for sure...
VSS Service is running and is automatic, I can't see the 'Event System' service at all...
This is not the work of a virus, as I don't have any viruses on my system for sure...
Im willing to bet if you ran malwarebytes for the first time it would not come up negative. Might not solve the problem, but humour me.
Full scan and upadated.
Full scan and upadated.
Event system begins with com.
LOL
LOL
Hi,
The COM Event System service is running and on automatic. What next?
The COM Event System service is running and on automatic. What next?
Malwarebytes, this is not a search for a virus. I believe you have no virus.
Im giving you this now just in case you are done and Im not here. Even if you fix the problem using this great tutorial, make the malwarebytes scan now and once a week.
System Restore General Troubleshooting to Fix Issues
System Restore General Troubleshooting to Fix Issues
Hi,
I ran an sfc /scannow and it said there was corrupt files but it couldn't fix em all and provided a log. Can you please take a look at the attached log...
Attachment 164540
Thanks,
Slasher
I ran an sfc /scannow and it said there was corrupt files but it couldn't fix em all and provided a log. Can you please take a look at the attached log...
Attachment 164540
Thanks,
Slasher
This log is too long to analyse. Reduce the amount of data with this command:
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
I have asked for an assist from one of our experts in that area.
Ok thanks, don't really know how parts of my Windows 7 got corrupted, all I do is game really...
@whs, thanks for trying to help me
I've attached the log again after running the command, but I don't think the log changed much... Nevertheless, here you go.
Attachment 164543
@whs, thanks for trying to help me
I've attached the log again after running the command, but I don't think the log changed much... Nevertheless, here you go.
Attachment 164543
Did not see you Wolfgang when I made the prior post.
Ok...
Anyone?
I thought that WHS asked you to reformat the cbs doucment and submit.
If you looked a few posts up, you would see that I have already done so and am waiting
Did you use the troubleshooting tutorial that I posted?
�� Quote: Originally Posted by SlasherIT 
Hi,
VSS Service is running and is automatic, I can't see the 'Event System' service at all...
This is not the work of a virus, as I don't have any viruses on my system for sure...
VSS Service is running and is automatic, I can't see the 'Event System' service at all...
This is not the work of a virus, as I don't have any viruses on my system for sure...
In my computer, under Services application, Volume Shadow Copy is supposed to be Manual, not Automatic.
'Event System' service = COM + Event System
@richc46, yes I have used the tutorial, that's where I used the suggestion to do a sfc /scannow, which I have posted the log already. I have tried booting in Safe Mode, but there is no option for managing system restore or restore points at all. Windows Backup won't even open in Safe Mode as well.
@t-4-2, If a service is Manual or Automatic, it doesn't really matter, the end result is the same. And yes, if you had read the previous posts you would have seen that I already figured that out.
@t-4-2, If a service is Manual or Automatic, it doesn't really matter, the end result is the same. And yes, if you had read the previous posts you would have seen that I already figured that out
. �� Quote: Originally Posted by whs This log is too long to analyse. Reduce the amount of data with this command:
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
This is not necessary. For one thing, you or I could do it on our own computers, and if you were to, very quickly you would become bored, and then start reading the whole CBS.log. I would strongly recommend!
Since this seems to be a red-hot issue, would people like me to write an informal tutorial about how to quickly analyse the SFC section of a whole CBS.log. I could give details about every possible message SFC gives which I know about (which is most of them), how to quickly find the correct section in a CBS.log, and just how much data is lost when the log is parsed.
Richard
Now have a look at this OP's SFC log:
Open the CBS.log now. Yes, actually do it! Scroll to the bottom, the very bottom, find the above snippet, and tell me which file is corrupt. Is this method workable? Like it (or not)?
Here is what it would be like, parsed:
Yes, there is some extra data which you don't need. All I can say would be to ignore or use it!
Code:
2011-07-11 22:48:11, Info CSI 000002d8 [SR] Verify complete 2011-07-11 22:48:11, Info CSI 000002d9 [SR] Repairing 1 components 2011-07-11 22:48:11, Info CSI 000002da [SR] Beginning Verify and Repair transaction 2011-07-11 22:48:11, Info CSI 000002db Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll do not match actual file [l:22{11}]"termsrv.dll" : Found: {l:32 b:QYOQGQFNyArWS4rDiX4yE+DwPlLJ9doGTc1o3w47yls=} Expected: {l:32 b:b6DQfOGKOmnYLuSdh18UHjlAbpLDTqx2rE6wUubry80=} 2011-07-11 22:48:11, Info CSI 000002dc [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2011-07-11 22:48:11, Info CSI 000002dd Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll do not match actual file [l:22{11}]"termsrv.dll" : Found: {l:32 b:QYOQGQFNyArWS4rDiX4yE+DwPlLJ9doGTc1o3w47yls=} Expected: {l:32 b:b6DQfOGKOmnYLuSdh18UHjlAbpLDTqx2rE6wUubry80=} 2011-07-11 22:48:11, Info CSI 000002de [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2011-07-11 22:48:11, Info CSI 000002df [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery" 2011-07-11 22:48:11, Info CSI 000002e0 Hashes for file member \??\C:\Windows\System32\termsrv.dll do not match actual file [l:22{11}]"termsrv.dll" : Found: {l:32 b:QYOQGQFNyArWS4rDiX4yE+DwPlLJ9doGTc1o3w47yls=} Expected: {l:32 b:b6DQfOGKOmnYLuSdh18UHjlAbpLDTqx2rE6wUubry80=} 2011-07-11 22:48:11, Info CSI 000002e1 Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll do not match actual file [l:22{11}]"termsrv.dll" : Found: {l:32 b:QYOQGQFNyArWS4rDiX4yE+DwPlLJ9doGTc1o3w47yls=} Expected: {l:32 b:b6DQfOGKOmnYLuSdh18UHjlAbpLDTqx2rE6wUubry80=} 2011-07-11 22:48:11, Info CSI 000002e2 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"termsrv.dll"; source file in store is also corrupted 2011-07-11 22:48:11, Info CSI 000002e3 Repair results created: Here is what it would be like, parsed:
Code:
2011-07-11 22:48:11, Info CSI 000002d8 [SR] Verify complete 2011-07-11 22:48:11, Info CSI 000002d9 [SR] Repairing 1 components 2011-07-11 22:48:11, Info CSI 000002da [SR] Beginning Verify and Repair transaction 2011-07-11 22:48:11, Info CSI 000002dc [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2011-07-11 22:48:11, Info CSI 000002de [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2011-07-11 22:48:11, Info CSI 000002df [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery" 2011-07-11 22:48:11, Info CSI 000002e2 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"termsrv.dll"; source file in store is also corrupted �� Quote: Originally Posted by niemiro �� Quote: Originally Posted by whs This log is too long to analyse. Reduce the amount of data with this command:
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
This is not necessary. For one thing, you or I could do it on our own computers, and if you were to, very quickly you would become bored, and then start reading the whole CBS.log. I would strongly recommend!
Since this seems to be a red-hot issue, would people like me to write an informal tutorial about how to quickly analyse the SFC section of a whole CBS.log. I could give details about every possible message SFC gives which I know about (which is most of them), how to quickly find the correct section in a CBS.log, and just how much data is lost when the log is parsed.
Richard
Hi,
Ok great, but I'm kind of lost in what I'm supposed to do...
Ok great, but I'm kind of lost in what I'm supposed to do...
Sigh... Anyone?
@whs - Have you scanned the logs...? Soz for the bother...
�� Quote: Originally Posted by SlasherIT @whs - Have you scanned the logs...? Soz for the bother...
Quote:
All files and registry keys listed in this transaction have been successfully repaired
�� Quote: Originally Posted by whs �� Quote: Originally Posted by SlasherIT @whs - Have you scanned the logs...? Soz for the bother...
Quote:
All files and registry keys listed in this transaction have been successfully repaired
"Cannot repair member file" and "Could not reproject corrupted file" apply to the file given, and mean that the file has not been fixed!
A recurring "Repairing corrupted file x from store" means that SFC cannot fix the file because it is in use.
@SlasherIT:
OTL - Download or alternative link here and herePlease Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Under the Custom Scan box paste this in
termsrv.dll
/md5stop
- Click the None button, followed by Run Scan button. The scan wont take long.
- When the scan completes, it will open one notepad window. OTL.Txt. This is saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it here.
Richard
Ok I did it... Here you go.
OTL logfile created on: 14-Jul-11 5:04:58 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Naim Chahine\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
3.99 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 57.42% Memory free
9.85 Gb Paging File | 8.40 Gb Available in Paging File | 85.26% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.56 Gb Total Space | 154.24 Gb Free Space | 33.13% Space Free | Partition Type: NTFS
Drive E: | 931.48 Gb Total Space | 476.88 Gb Free Space | 51.20% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 435.36 Gb Free Space | 93.47% Space Free | Partition Type: NTFS
Computer Name: SLASHER | User Name: Naim Chahine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Custom Scans ==========
< MD5 for: TERMSRV.DLL >
[2009-07-14 03:17:47 | 000,706,560 | ---- | M] (Microsoft Corporation) MD5=572F6C8D3726DB1D3D524A6BCE1C7EAB -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll
[2011-02-23 22:23:19 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=E589BCD6041786C5E38E2D223C24C193 -- C:\Windows\SysNative\termsrv.dll
[2011-02-23 22:23:19 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=E589BCD6041786C5E38E2D223C24C193 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
< End of report >
OTL logfile created on: 14-Jul-11 5:04:58 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Naim Chahine\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
3.99 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 57.42% Memory free
9.85 Gb Paging File | 8.40 Gb Available in Paging File | 85.26% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.56 Gb Total Space | 154.24 Gb Free Space | 33.13% Space Free | Partition Type: NTFS
Drive E: | 931.48 Gb Total Space | 476.88 Gb Free Space | 51.20% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 435.36 Gb Free Space | 93.47% Space Free | Partition Type: NTFS
Computer Name: SLASHER | User Name: Naim Chahine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Custom Scans ==========
< MD5 for: TERMSRV.DLL >
[2009-07-14 03:17:47 | 000,706,560 | ---- | M] (Microsoft Corporation) MD5=572F6C8D3726DB1D3D524A6BCE1C7EAB -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll
[2011-02-23 22:23:19 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=E589BCD6041786C5E38E2D223C24C193 -- C:\Windows\SysNative\termsrv.dll
[2011-02-23 22:23:19 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=E589BCD6041786C5E38E2D223C24C193 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
< End of report >
@niemiro - Mind taking a look at the log ?
? Anyone...?
Look, sorry to sound rude and be an idiot, but... Is anyone going to check the CBS.log or not?
Based on the error message I'd run from an elevated command prompt:
vssadmin list writers
look for errors.
vssadmin list writers
look for errors.
It doesn't really do anything, the command goes idle for a few moments then reports back nothing. I posted a screenshot.
Slasher
Slasher
Well that looks like a problem. I think you should be get a list of writers like this
I guess so... So what can I do about it?
�� Quote: Originally Posted by SlasherIT I guess so... So what can I do about it?
�vssadmin list writers� does not return any writers | microtom.net
and
Explanation of Regsvr32 usage and error messages
Someone else may know more.
I tried the commands from the first link you gave me, and along the way it kept giving errors loading up some dll's. I still couldn't get it to work...
�� Quote: Originally Posted by SlasherIT I tried the commands from the first link you gave me, and along the way it kept giving errors loading up some dll's. I still couldn't get it to work...
Someone may be able to come along and give you better support.
Thanks for trying mjf, I appreciate it. Anyone care to help me?
Does anyone know how to scan a CBS.log for errors?
I think this may be what you were looking for? Maby this will help?
How to Repair Windows 7 System Files with System File Checker.
And if that did not work this probably will How to Do a Repair Install to Fix Windows 7 without having to reinstall windows!
The only downfall with the repair install is
I used the Windows 7 upgrade DVD that Gateway sent me for upgrade when I purchased my machine to fix errors on mine before but that was before SP1...
I have both resources Bookmarked for quick reference should a problem rise again, plus Im always fixing friends and family machines so its a must have...you can also do repair installs on Vista and XP, wish I would have known when I used to use XP would have saved me so much time!
How to Repair Windows 7 System Files with System File Checker.
And if that did not work this probably will How to Do a Repair Install to Fix Windows 7 without having to reinstall windows!
The only downfall with the repair install is
Quote:
If you have Windows 7 SP1 installed, then you either must use a "retail" Windows 7 SP1 installation disc to be able to do a repair install, or uninstall SP1 to be able to use a retail Windows 7 installation disc to do a repair install with.
I have both resources Bookmarked for quick reference should a problem rise again, plus Im always fixing friends and family machines so its a must have...you can also do repair installs on Vista and XP, wish I would have known when I used to use XP would have saved me so much time!
Well, the SFC /scannow is giving errors... So the only way to fix it is to do a repair install?
�� Quote: Originally Posted by SlasherIT Well, the SFC /scannow is giving errors... So the only way to fix it is to do a repair install?
Yup I do, but I'm just gonna go ahead and clean re-install Windows 7 anyways, I've been having other problems with it anyways...
Không có nhận xét nào:
Đăng nhận xét