Share via

System Restore did not complete successfully.

Anonymous
2011-05-03T10:05:10+00:00

Hi all. A couple of days ago I encountered a problem while trying to use Restore. Then, after trying for hours to resolve it, gave up. And so here's my second go. The error is as below. But also, here's a screenshot.

Details:

System Restore failed to extract the original copy of the directory from the restore point.

Source: %SystemRoot%\Registration

Destination: ComPlusStaging

Now, I've checked various services to see if they were on/set properly, which include the Volume Shadow Copy and COM+ ones. One of the Shadow Copy services I believe were off and not set to Automatic. What I realized as far as services go is that COM+ System Application is the one I can't seem to get to turn on. (I checked the services it listed as dependencies, but to no avail.) This has been while running Component Services as Administrator as well as having Avast's shields off, and Windows Firewall down.

Something interesting is that when I tried sfc /scannow, I got this:

Windows Resource Protection found corrupt files and successfully repaired

them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log.

I've run it again and it says that's rosy now.

I'm sorry because I may have forgotten something or described it poorly. But you can imagine I've restarted my laptop quite a few times, and then haven't thought about this for a day or two. Other members with similar error messages here on Answers I don't think ever got down to the solution. Maybe someone will have an idea. =)

Windows for home | Previous Windows versions | Windows update

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

12 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2011-05-09T15:55:29+00:00

    Sean

    The Event ID 5 {Registry Hive Recovered} Registry hive error is a nasty problem. I have not bothered with the others as you have got to eliminate this error before l.ooking any other things.

    First before doing anything more make you have backed up all data you want to keep to external media.

    The corruption to the registry could have been caused by a hard drive problem. You need to be sure that any repairs you do that the drive is sound before you expend timer on fixing the system.

    Select Start, Run, type cmd and press ENTER. Type "chkdsk c: /f /r" without the quotes and hit ENTER. Make sure you include the spaces indicated. Enter Y when asked whether you wish to run chkdsk on restarting the computer. Exit and restart the computer.

    Marking off bad sectors on a hard drive takes time so be patient. Marking off does not repair a bad sector. It places pointers on the drive telling the system not to read or write to those sectors which have been damaged.

    If the number of bad sectors continues to increase after you have run the procedure above several times then you should replace the drive. If an important system file is written to a bad sector you can corrupt registry hives and lose the whole contents of the drive.

    On the other hand if having run chkdsk you see no more new bad sectors then the drive can work for you for years.

    When you tried system restore  did you go as far back as the oldest restore point?

    What is your situation regarding a Windows 7 DVD. Do you have a retail or generic OEM DVD or is it a branded computer. If a branded computer what is the make and model?

    0 comments
  2. Anonymous
    2011-05-09T08:53:53+00:00

    Sure thing. Sorry if it seemed I didn't pay attention. Hopefully this is helpful and not poorly copied on my part. - My Event logs go back to the beginning of December. This is the first to mention COM+, appearing twice in the same second and then not again after:

    Log Name:      System

    Source:        Microsoft-Windows-DistributedCOM

    Date:          12/25/2010 9:41:58 AM

    Event ID:      10016

    Task Category: None

    Level:         Error

    Keywords:      Classic

    User:          Blueberry_Verry\Guest

    Computer:      Blueberry_Verry

    Description:

    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

    {8BC3F05E-D86B-11D0-A075-00C04FB68820}

    and APPID

    {8BC3F05E-D86B-11D0-A075-00C04FB68820}

    to the user Blueberry_Verry\Guest SID (S-1-5-21-72967861-3383069690-4048351782-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />

    <EventID Qualifiers="49152">10016</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x80000000000000</Keywords>

    <TimeCreated SystemTime="2010-12-25T01:41:58.000000000Z" />

    <EventRecordID>211045</EventRecordID>

    <Correlation />

    <Execution ProcessID="0" ThreadID="0" />

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security UserID="S-1-5-21-72967861-3383069690-4048351782-501" />

    </System>

    <EventData>

    <Data Name="param1">application-specific</Data>

    <Data Name="param2">Local</Data>

    <Data Name="param3">Activation</Data>

    <Data Name="param4">{8BC3F05E-D86B-11D0-A075-00C04FB68820}</Data>

    <Data Name="param5">{8BC3F05E-D86B-11D0-A075-00C04FB68820}</Data>

    <Data Name="param6">Blueberry_Verry</Data>

    <Data Name="param7">Guest</Data>

    <Data Name="param8">S-1-5-21-72967861-3383069690-4048351782-501</Data>

    <Data Name="param9">LocalHost (Using LRPC)</Data>

    </EventData>

    </Event>

    And this, once on the first of April:

    Log Name:      System

    Source:        Microsoft-Windows-Kernel-General

    Date:          4/1/2011 11:28:04 PM

    Event ID:      5

    Task Category: None

    Level:         Error

    Keywords:

    User:          SYSTEM

    Computer:      Blueberry_Verry

    Description:

    {Registry Hive Recovered} Registry hive (file): '??\Volume{31278246-e46b-11de-9101-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore{cd42efe1-f6f1-427c-b004-033192c625a4}{90485DD9-6825-42C7-B86B-E105F114E122}' was corrupted and it has been recovered. Some data might have been lost.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Microsoft-Windows-Kernel-General" Guid="{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}" />

    <EventID>5</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8000000000000000</Keywords>

    <TimeCreated SystemTime="2011-04-01T15:28:04.624975800Z" />

    <EventRecordID>233744</EventRecordID>

    <Correlation />

    <Execution ProcessID="6140" ThreadID="6036" />

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security UserID="S-1-5-18" />

    </System>

    <EventData>

    <Data Name="FinalStatus">0x8000002a</Data>

    <Data Name="ExtraStringLength">171</Data>

    <Data Name="ExtraString">??\Volume{31278246-e46b-11de-9101-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore{cd42efe1-f6f1-427c-b004-033192c625a4}{90485DD9-6825-42C7-B86B-E105F114E122}</Data>

    </EventData>

    </Event>

    These appear ever-frequently since 4/30th.

    Log Name:      System

    Source:        Service Control Manager

    Date:          5/1/2011 7:24:58 AM

    Event ID:      7000

    Task Category: None

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      Blueberry_Verry

    Description:

    The COM+ System Application service failed to start due to the following error:

    The service did not respond to the start or control request in a timely fashion.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />

    <EventID Qualifiers="49152">7000</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8080000000000000</Keywords>

    <TimeCreated SystemTime="2011-04-30T23:24:58.916575500Z" />

    <EventRecordID>242268</EventRecordID>

    <Correlation />

    <Execution ProcessID="572" ThreadID="2564" />

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="param1">COM+ System Application</Data>

    <Data Name="param2">%%1053</Data>

    </EventData>

    </Event>

    Log Name:      System

    Source:        Service Control Manager

    Date:          5/1/2011 7:24:58 AM

    Event ID:      7009

    Task Category: None

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      Blueberry_Verry

    Description:

    A timeout was reached (30000 milliseconds) while waiting for the COM+ System Application service to connect.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />

    <EventID Qualifiers="49152">7009</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8080000000000000</Keywords>

    <TimeCreated SystemTime="2011-04-30T23:24:58.916575500Z" />

    <EventRecordID>242267</EventRecordID>

    <Correlation />

    <Execution ProcessID="572" ThreadID="2564" />

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="param1">30000</Data>

    <Data Name="param2">COM+ System Application</Data>

    </EventData>

    </Event>

    Also, there are a couple different errors that also show up throughout the entire log, though I think they have to do with my graphics/display.

    Log Name:      System

    Source:        atikmdag

    Date:          4/30/2011 3:05:13 PM

    Event ID:      52236

    Task Category: CPLIB

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      Blueberry_Verry

    Description:

    CPLIB :: General - Invalid Parameter

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="atikmdag" />

    <EventID Qualifiers="49152">52236</EventID>

    <Level>2</Level>

    <Task>51</Task>

    <Keywords>0x80000000000000</Keywords>

    <TimeCreated SystemTime="2011-04-30T07:05:13.243623900Z" />

    <EventRecordID>239888</EventRecordID>

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security />

    </System>

    <EventData>

    <Data>

    </Data>

    <Binary>0000000001000000330000000CCC00C0000000000000000000000000000000000000000000000000</Binary>

    </EventData>

    </Event>

    Log Name:      System

    Source:        atikmdag

    Date:          4/30/2011 3:05:13 PM

    Event ID:      43029

    Task Category: DAL

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      Blueberry_Verry

    Description:

    Display is not active

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="atikmdag" />

    <EventID Qualifiers="49152">43029</EventID>

    <Level>2</Level>

    <Task>42</Task>

    <Keywords>0x80000000000000</Keywords>

    <TimeCreated SystemTime="2011-04-30T07:05:13.243623900Z" />

    <EventRecordID>239889</EventRecordID>

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security />

    </System>

    <EventData>

    <Data>

    </Data>

    <Binary>00000000010000002A00000015A800C0000000000000000000000000000000000000000000000000</Binary>

    </EventData>

    </Event>

    There's also different events from a program called LogMeIn Hamachi, which occur throughout. I uninstalled this program a few months ago now, but seeing that it still crops up in Event Viewer, apparently not well enough. I tried reinstalling and removing it again to see if they'd stop (didn't really help). Though I don't know if that's at all related.

    Eg:

    Log Name:      System

    Source:        Service Control Manager

    Date:          4/30/2011 3:05:27 PM

    Event ID:      7000

    Task Category: None

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      Blueberry_Verry

    Description:

    The LogMeIn Kernel Information Provider service failed to start due to the following error:

    The system cannot find the path specified.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />

    <EventID Qualifiers="49152">7000</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8080000000000000</Keywords>

    <TimeCreated SystemTime="2011-04-30T07:05:27.341655100Z" />

    <EventRecordID>239939</EventRecordID>

    <Correlation />

    <Execution ProcessID="568" ThreadID="572" />

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="param1">LogMeIn Kernel Information Provider</Data>

    <Data Name="param2">%%3</Data>

    </EventData>

    </Event>

    Log Name:      System

    Source:        Service Control Manager

    Date:          5/9/2011 12:58:13 PM

    Event ID:      7000

    Task Category: None

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      Blueberry_Verry

    Description:

    The LogMeIn Kernel Information Provider service failed to start due to the following error:

    The system cannot find the path specified.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

    <System>

    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />

    <EventID Qualifiers="49152">7000</EventID>

    <Version>0</Version>

    <Level>2</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8080000000000000</Keywords>

    <TimeCreated SystemTime="2011-05-09T04:58:13.375654800Z" />

    <EventRecordID>250652</EventRecordID>

    <Correlation />

    <Execution ProcessID="620" ThreadID="624" />

    <Channel>System</Channel>

    <Computer>Blueberry_Verry</Computer>

    <Security />

    </System>

    <EventData>

    <Data Name="param1">LogMeIn Kernel Information Provider</Data>

    <Data Name="param2">%%3</Data>

    </EventData>

    </Event>

    0 comments
  3. Anonymous
    2011-05-09T07:44:22+00:00

    Sean

    Can you please post a copy of the COM+ report from Event Viewer?

    0 comments
  4. Anonymous
    2011-05-09T07:06:55+00:00

    Sigh. Thank you.

    Sorry for the interval. I've done as was suggested and cleared Shadow Copy. But it didn't change anything. And I've been up and down this problem now. Not much is written about COM+, at least that would be of any help. I believe Shadow Copy is broken because of it, and not the other way around. Again, as it can be seen here, I can neither get COM+ System Application to start nor see anything past that error box.

    There's nothing really new of help in the Event Viewer, either.

    I'm not sure what to do now and do appreciate any help. The most promising thing I've found that could possibly solve this is here: http://support.microsoft.com/kb/315296. But, as expressed by someone else, this doesn't apply to Windows 7 either. I don't know. I've run sfc but don't know what it fixed, and don't see any kind of benefit.

    I can still create restore points, but I can't go back to them.

    0 comments
  5. Anonymous
    2011-05-04T11:36:43+00:00

    Are you able to create a restore point?

    http://windows.microsoft.com/en-US/windows7/Create-a-restore-point

    1. Normally when an error occurs on your computer looking in Event Viewer should be your starting point for finding a solution. Most system related errors are logged and getting an exact copy of the relevant report is important. Unfortunately understanding the reports is not easy and most computer users need help with their interpretation. I have more to say later on interpretation.
    2. Event Viewer comprises three main Windows logs. These are Application, Security and System. For troubleshooting purposes System is by far the most important.
    3. To access the System log select Start, Control Panel, Administrative Tools, Event Viewer, from the list in the left side of the window select Windows Logs and System. Place the cursor on System, right click and select Filter Current Log. Check the box before Error and click on OK and you see only Error reports. Click on the Date and Time Column Header to sort. You may need to click a second time to see the latest Report at the top.
    4. A tip for posting copies of Error Reports! Run Event Viewer and double click on the error you want to copy. Click on the Copy button to place a copy on your Clipboard and close Event Viewer. Now start your message and paste into the body of the message. Make sure this is the first paste after exiting from Event Viewer.
    5. There are three types of Report, being Information, Warning and Error reports. In most situations it is Error Reports that offer the best information but occasionally Warning Reports provide useful clues.
    6. All reports have date and time stamps and when troubleshooting it is important to concentrate on more recent reports. Study reports since the point when the computer was last booted and then check whether a similar report appeared in the previous session. If errors do not repeat investigation as to why they occurred is wasted effort.
    7. Within individual reports the more important information is Event ID and Source as these help when looking for help on the internet. The description is equally important and copying the exact text for use as the search criteria greatly helps getting better results when using Google. Do not paraphrase descriptions when asking others for help.
    0 comments