Since Malware removal, cannot access files & programmes
Started by
GrahamH
, Jul 19 2013 03:58 PM
#31
Posted 17 September 2013 - 09:11 AM
#32
Posted 17 September 2013 - 09:29 AM
just put in the F's
0x just means hex
0x just means hex
#33
Posted 17 September 2013 - 09:58 AM
Hit a problem.
Windows Resource Kits\Tools is in Programme Files (x86). So when I pasted the copied lines it said "the system cannot find the path specified". I tried to manually type in Programme files (x86) but the same message came up. Is it sensitive to spaces etc?
Windows Resource Kits\Tools is in Programme Files (x86). So when I pasted the copied lines it said "the system cannot find the path specified". I tried to manually type in Programme files (x86) but the same message came up. Is it sensitive to spaces etc?
#34
Posted 17 September 2013 - 10:08 AM
Needs the quotation marks so if it's really in Programme Files (x86) then it would be
cd "\Programme Files (x86)\Windows Resource Kits\Tools"
reset.cmd
You can also probably use progra~1 instead of Programme Files (x86)
cd progra~1
cd "Windows Resource KitsWindows Resource Kits"
reset.cmd
cd "\Programme Files (x86)\Windows Resource Kits\Tools"
reset.cmd
You can also probably use progra~1 instead of Programme Files (x86)
cd progra~1
cd "Windows Resource KitsWindows Resource Kits"
reset.cmd
#35
Posted 17 September 2013 - 10:37 AM
Still no success.
Tried to do a print screen of Command Prompt but it wouldn't save in Paint.
Have tried both \Programme files (x86) and Progra~1 and both came up as "system cannot find specified path".
After reset.cmd it says " reset.cmd" is not recognised as an internal or external command, operable programme or batch file.
Tried to do a print screen of Command Prompt but it wouldn't save in Paint.
Have tried both \Programme files (x86) and Progra~1 and both came up as "system cannot find specified path".
After reset.cmd it says " reset.cmd" is not recognised as an internal or external command, operable programme or batch file.
#36
Posted 17 September 2013 - 10:56 AM
If I look at your OTL log I see:
C:\Program Files (x86) and not C:\Programme Files (x86)
so try
cd "\Program Files (x86)\Windows Resource Kits\Tools"
reset.cmd
C:\Program Files (x86) and not C:\Programme Files (x86)
so try
cd "\Program Files (x86)\Windows Resource Kits\Tools"
reset.cmd
#37
Posted 17 September 2013 - 11:18 AM
OK the first line with program instead of programme seems to be OK now but it is still not recognising reset.cmd as a valid imput.
#38
Posted 17 September 2013 - 11:30 AM
Did you unzip the reset.zip to get the reset.cmd file? Did you move reset.cmd to your "\Program Files (x86)\Windows Resource Kits\Tools" folder?
#39
Posted 17 September 2013 - 12:32 PM
Sorry Ron. This exercise is taking my computing skills to new territory!
I've unzipped reset.zip so that it appears on the right as reset.cmd. I then highlight it and click on extract. In Extract options, "Extract to this location" I've got C:\Program Files (x86)\Windows Resource Kits\Tools
Should Extract files to a new folder (\reset) be checked?
What should be selected in Content and File conflicts?
If you let me know about these queries I'll give it a go later but will then need to log off until tomorrow.
Thanks for your patience!
I've unzipped reset.zip so that it appears on the right as reset.cmd. I then highlight it and click on extract. In Extract options, "Extract to this location" I've got C:\Program Files (x86)\Windows Resource Kits\Tools
Should Extract files to a new folder (\reset) be checked?
What should be selected in Content and File conflicts?
If you let me know about these queries I'll give it a go later but will then need to log off until tomorrow.
Thanks for your patience!
#40
Posted 17 September 2013 - 01:27 PM
Should Extract files to a new folder (\reset) be checked?
No. We want reset.cmd to be in C:\Program Files (x86)\Windows Resource Kits\Tools
Content and File conflicts?
Shouldn't matter as there should be no conflicts.
#41
Posted 18 September 2013 - 06:08 AM
Successfully ran reset.cmd then rebooted and ran VEW.exe.
Here are the logs:-
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 18/09/2013 13:04:58
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 17/09/2013 22:03:27
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0x1960 Faulting application start time: 0x01ceb3ed3899428f Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: fa82bc70-1fe4-11e3-aacb-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 21:40:14
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}. Error 1622 occurred while ending the transaction.
Log: 'Application' Date/Time: 17/09/2013 21:39:41
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 21:39:40
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 15:34:25
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 15:34:24
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 13:21:33
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0x18cc Faulting application start time: 0x01ceb3a8d2b8840d Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: 120fa5b1-1f9c-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 13:21:29
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb1072 Exception code: 0xc0000005 Fault offset: 0x0002e3be Faulting process id: 0x1a40 Faulting application start time: 0x01ceb3a8ca969ce1 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 0f233130-1f9c-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 13:21:08
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0xf00 Faulting application start time: 0x01ceb3a8c35b80a6 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: 02c3fdb7-1f9c-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 13:20:29
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0x9f8 Faulting application start time: 0x01ceb3a817cc156b Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: ebcf96ac-1f9b-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 12:21:11
Type: Error Category: 0
Event: 1101 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8
Log: 'Application' Date/Time: 17/09/2013 12:21:10
Type: Error Category: 0
Event: 1101 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8
Log: 'Application' Date/Time: 17/09/2013 11:40:56
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2598285) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
Log: 'Application' Date/Time: 17/09/2013 11:40:49
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
Log: 'Application' Date/Time: 17/09/2013 11:40:38
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.
Log: 'Application' Date/Time: 17/09/2013 11:40:30
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.
Log: 'Application' Date/Time: 17/09/2013 11:39:46
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 11:39:45
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 16/09/2013 16:29:59
Type: Error Category: 0
Event: 11711 Source: MsiInstaller
Product: Microsoft Fix it 50409 -- Error 1711. An error occurred while writing installation information to disk. Check to make sure enough disk space is available, and click Retry, or Cancel to end the install.
Log: 'Application' Date/Time: 16/09/2013 16:29:57
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Microsoft Fix it 50409 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , ,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 18/09/2013 12:05:17
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 18/09/2013 11:55:57
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E04}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 18/09/2013 11:55:42
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E04}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 18/09/2013 10:54:35
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 18/09/2013 10:54:35
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 18/09/2013 10:53:50
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 18/09/2013 10:44:27
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=D98}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 18/09/2013 10:44:19
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=D98}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 17/09/2013 21:39:42
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 21:39:42
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 21:39:27
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 21:37:27
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 17/09/2013 21:37:27
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 17/09/2013 21:27:22
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=B7C}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 17/09/2013 21:27:15
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=B7C}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 17/09/2013 17:24:54
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 16:24:54
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 15:34:26
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 15:34:26
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 15:34:13
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 18/09/2013 13:05:51
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2013 20:05:02
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 06/07/2013 21:12:47
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 25/06/2013 10:43:11
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 12/06/2013 19:26:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/09/2013 12:02:05
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: {7AB36653-1796-484B-BDFA-E74F1DB7C1DC} as /. The error: "5" Happened while starting this command: "C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
Log: 'System' Date/Time: 18/09/2013 11:57:40
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:40
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:39
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:39
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:40
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:57:39
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:57:29
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:29
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:29
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:53:44
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:53:44
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:53:44
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:17:24
Type: Error Category: 0
Event: 31004 Source: Microsoft-Windows-SharedAccess_NAT
The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/09/2013 11:53:46
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 18/09/2013 11:53:46
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 22:29:39
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/09/2013 22:29:39
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 21:40:09
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 17/09/2013 21:40:09
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 17/09/2013 21:40:09
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 17/09/2013 18:33:35
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/09/2013 18:33:35
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 13:17:56
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_091E&PID_455B\0000e6002c71.
Log: 'System' Date/Time: 17/09/2013 11:43:13
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SAMSUNG&PROD_S5830I_CARD&REV_0000#7&2B6F9F3C&0&0123456789ABCDEF&0#.
Log: 'System' Date/Time: 17/09/2013 10:48:30
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/09/2013 10:48:30
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 10:19:50
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Log: 'System' Date/Time: 17/09/2013 10:19:46
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Log: 'System' Date/Time: 16/09/2013 17:18:50
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 16/09/2013 17:18:49
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 16/09/2013 15:01:49
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 16/09/2013 13:09:42
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_05AC&PID_129E&MI_00\0.
Log: 'System' Date/Time: 16/09/2013 12:03:11
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Here are the logs:-
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 18/09/2013 13:04:58
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 17/09/2013 22:03:27
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0x1960 Faulting application start time: 0x01ceb3ed3899428f Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: fa82bc70-1fe4-11e3-aacb-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 21:40:14
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}. Error 1622 occurred while ending the transaction.
Log: 'Application' Date/Time: 17/09/2013 21:39:41
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 21:39:40
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 15:34:25
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 15:34:24
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 13:21:33
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0x18cc Faulting application start time: 0x01ceb3a8d2b8840d Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: 120fa5b1-1f9c-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 13:21:29
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb1072 Exception code: 0xc0000005 Fault offset: 0x0002e3be Faulting process id: 0x1a40 Faulting application start time: 0x01ceb3a8ca969ce1 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 0f233130-1f9c-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 13:21:08
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0xf00 Faulting application start time: 0x01ceb3a8c35b80a6 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: 02c3fdb7-1f9c-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 13:20:29
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0 Faulting module name: vbscript.dll, version: 5.8.9200.16521, time stamp: 0x512080e8 Exception code: 0xc0000005 Fault offset: 0x00005349 Faulting process id: 0x9f8 Faulting application start time: 0x01ceb3a817cc156b Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWow64\vbscript.dll Report Id: ebcf96ac-1f9b-11e3-aa21-a4badbcb00d5
Log: 'Application' Date/Time: 17/09/2013 12:21:11
Type: Error Category: 0
Event: 1101 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8
Log: 'Application' Date/Time: 17/09/2013 12:21:10
Type: Error Category: 0
Event: 1101 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8
Log: 'Application' Date/Time: 17/09/2013 11:40:56
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2598285) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
Log: 'Application' Date/Time: 17/09/2013 11:40:49
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
Log: 'Application' Date/Time: 17/09/2013 11:40:38
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.
Log: 'Application' Date/Time: 17/09/2013 11:40:30
Type: Error Category: 0
Event: 1043 Source: MsiInstaller
Failed to end a Windows Installer transaction C:\Windows\Installer\1bbc723.msi. Error 1622 occurred while ending the transaction.
Log: 'Application' Date/Time: 17/09/2013 11:39:46
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 17/09/2013 11:39:45
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
TraverseDir : Unable to FindFirstFile.
System Error:
Access is denied. .
Log: 'Application' Date/Time: 16/09/2013 16:29:59
Type: Error Category: 0
Event: 11711 Source: MsiInstaller
Product: Microsoft Fix it 50409 -- Error 1711. An error occurred while writing installation information to disk. Check to make sure enough disk space is available, and click Retry, or Cancel to end the install.
Log: 'Application' Date/Time: 16/09/2013 16:29:57
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Microsoft Fix it 50409 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , ,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 18/09/2013 12:05:17
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 18/09/2013 11:55:57
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E04}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 18/09/2013 11:55:42
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E04}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 18/09/2013 10:54:35
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 18/09/2013 10:54:35
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 18/09/2013 10:53:50
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 18/09/2013 10:44:27
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=D98}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 18/09/2013 10:44:19
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=D98}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 17/09/2013 21:39:42
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 21:39:42
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 21:39:27
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 21:37:27
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 17/09/2013 21:37:27
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 17/09/2013 21:27:22
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=B7C}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.1.10263 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: MARION-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 17/09/2013 21:27:15
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=B7C}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 17/09/2013 17:24:54
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 16:24:54
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 15:34:26
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 15:34:26
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Automatically choosing a diff-area volume
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 17/09/2013 15:34:13
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{c2247e9d-8f60-11df-9d02-a4badbcb00d5}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 18/09/2013 13:05:51
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2013 20:05:02
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 06/07/2013 21:12:47
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 25/06/2013 10:43:11
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 12/06/2013 19:26:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/09/2013 12:02:05
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: {7AB36653-1796-484B-BDFA-E74F1DB7C1DC} as /. The error: "5" Happened while starting this command: "C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
Log: 'System' Date/Time: 18/09/2013 11:57:40
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:40
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:39
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:39
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:40
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:57:39
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:57:29
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:29
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:57:29
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:53:44
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:53:44
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 11:53:44
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 11:17:24
Type: Error Category: 0
Event: 31004 Source: Microsoft-Windows-SharedAccess_NAT
The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Log: 'System' Date/Time: 18/09/2013 10:47:42
Type: Error Category: 0
Event: 102 Source: Microsoft-Windows-PNRPSvc
The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/09/2013 11:53:46
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 18/09/2013 11:53:46
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 22:29:39
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/09/2013 22:29:39
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 21:40:09
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 17/09/2013 21:40:09
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 17/09/2013 21:40:09
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 17/09/2013 18:33:35
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/09/2013 18:33:35
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 13:17:56
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_091E&PID_455B\0000e6002c71.
Log: 'System' Date/Time: 17/09/2013 11:43:13
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SAMSUNG&PROD_S5830I_CARD&REV_0000#7&2B6F9F3C&0&0123456789ABCDEF&0#.
Log: 'System' Date/Time: 17/09/2013 10:48:30
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/09/2013 10:48:30
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 17/09/2013 10:19:50
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Log: 'System' Date/Time: 17/09/2013 10:19:46
Type: Warning Category: 0
Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
The ICS_IPV6 was unable to allocate bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Log: 'System' Date/Time: 16/09/2013 17:18:50
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 16/09/2013 17:18:49
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 16/09/2013 15:01:49
Type: Warning Category: 2
Event: 57 Source: Ntfs
The system failed to flush data to the transaction log. Corruption may occur.
Log: 'System' Date/Time: 16/09/2013 13:09:42
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_05AC&PID_129E&MI_00\0.
Log: 'System' Date/Time: 16/09/2013 12:03:11
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
#42
Posted 18 September 2013 - 08:32 AM
See if you can do the procedure on http://technet.micro...7(v=ws.10).aspx
#43
Posted 18 September 2013 - 01:44 PM
Fell at the first hurdle.
Can't find %systemdrive%\Windows in the C drive.
Can't find %systemdrive%\Windows in the C drive.
#44
Posted 18 September 2013 - 02:17 PM
%systemdrive%\Windows is Microsoft speak for C:\Windows
#45
Posted 18 September 2013 - 03:33 PM
Have carried out the procedure. However can't see "system writer" in the list of writers.
They are as follows:-
Task scheduler writer
USS Metadata store writer
Performance Counter Writer
ASR Writer
MSService search writer
WMI Writer
Registry Writer
Shadow Copy Optimisation Writer
COM & REGDB Writer
They are as follows:-
Task scheduler writer
USS Metadata store writer
Performance Counter Writer
ASR Writer
MSService search writer
WMI Writer
Registry Writer
Shadow Copy Optimisation Writer
COM & REGDB Writer
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users