SystemRestore utility fails to run

  • Thread starter Thread starter Big-D
  • Start date Start date
B

Big-D

Can anyone help please?

System Restore in XP Pro crashes with an Error Dialog,
and also leaves the following Dr.Watson...

===============================================

Application exception occurred:
App: C:\WINDOWS\system32\restore\rstrui.exe (pid=3464)
When: 26/03/2004 @ 16:17:29.285
Exception number: c0000005 (access violation)

*----> System Information <----*
Computer Name: W094
User Name: WAdmin
Terminal Session Id: 0
Number of Processors: 1
Processor Type: x86 Family 6 Model 8 Stepping 6
Windows Version: 5.1
Current Build: 2600
Service Pack: 1
Current Type: Uniprocessor Free
Registered Organization: Murray Beith Murray WS
Registered Owner: IS Group

*----> Task List <----*
0 System Process
4 System
428 smss.exe
492 csrss.exe
516 winlogon.exe
560 services.exe
572 lsass.exe
740 svchost.exe
792 svchost.exe
872 svchost.exe
924 svchost.exe
972 spoolsv.exe
1156 LogWatNT.exe
1172 nvsvc32.exe
1316 locator.exe
1416 SLClient.exe
1468 snmp.exe
3840 svchost.exe
1020 SWEEPSRV.SYS
3368 SWNETSUP.EXE
2952 SWUPDATE.EXE
1856 Explorer.EXE
764 jusched.exe
3936 ICMON.EXE
2800 dllhost.exe
416 msdtc.exe
1800 WMIADAP.EXE
2972 helpctr.exe
1544 HelpSvc.exe
3464 rstrui.exe
2672 drwtsn32.exe

*----> Module List <----*
(0000000001000000 - 000000000105e000: C:\WINDOWS\system32
\restore\rstrui.exe
(000000005ad70000 - 000000005ada4000: C:\WINDOWS\System32
\uxtheme.dll
(000000005c020000 - 000000005c05c000: C:\WINDOWS\System32
\SRRSTR.dll
(000000005c060000 - 000000005c072000: C:\WINDOWS\System32
\srclient.dll
(00000000692c0000 - 00000000692ee000: C:\WINDOWS\System32
\Wbem\framedyn.dll
(0000000070a70000 - 0000000070ad5000: C:\WINDOWS\system32
\SHLWAPI.dll
(0000000071950000 - 0000000071a34000:
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-
Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
\comctl32.dll
(0000000071bf0000 - 0000000071c01000: C:\WINDOWS\System32
\SAMLIB.dll
(0000000076360000 - 000000007636f000: C:\WINDOWS\System32
\WINSTA.dll
(0000000076f90000 - 0000000076fa0000: C:\WINDOWS\System32
\Secur32.dll
(0000000077120000 - 00000000771ab000: C:\WINDOWS\system32
\OLEAUT32.dll
(00000000771b0000 - 00000000772d1000: C:\WINDOWS\system32
\ole32.dll
(0000000077340000 - 00000000773cb000: C:\WINDOWS\system32
\COMCTL32.dll
(00000000773d0000 - 0000000077bc2000: C:\WINDOWS\system32
\SHELL32.dll
(0000000077c00000 - 0000000077c07000: C:\WINDOWS\system32
\VERSION.dll
(0000000077c10000 - 0000000077c63000: C:\WINDOWS\system32
\msvcrt.dll
(0000000077c70000 - 0000000077cb0000: C:\WINDOWS\system32
\GDI32.dll
(0000000077d40000 - 0000000077dcc000: C:\WINDOWS\system32
\USER32.dll
(0000000077dd0000 - 0000000077e5d000: C:\WINDOWS\system32
\ADVAPI32.dll
(0000000077e60000 - 0000000077f46000: C:\WINDOWS\system32
\kernel32.dll
(0000000077f50000 - 0000000077ff7000: C:\WINDOWS\System32
\ntdll.dll
(0000000078000000 - 0000000078086000: C:\WINDOWS\system32
\RPCRT4.dll

*----> State Dump for Thread Id 0xb24 <----*

eax=0008eeb8 ebx=010047f8 ecx=00000000 edx=7ffe0304
esi=00000000 edi=00000000
eip=5c0295fa esp=0006e850 ebp=0006e868 iopl=0 nv
up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038
gs=0000 efl=00000246

*** ERROR: Symbol file could not be found. Defaulted to
export symbols for C:\WINDOWS\System32\SRRSTR.dll -
function: SRRSTR!PrepareRestore
5c0295e6 e001 loopne SRRSTR!
PrepareRestore+0x238 (5c0295e9)
5c0295e8 c3 ret
5c0295e9 8b01 mov eax,[ecx]
5c0295eb d1e8 shr eax,1
5c0295ed 83e001 and eax,0x1
5c0295f0 c3 ret
5c0295f1 8b01 mov eax,[ecx]
5c0295f3 c1e803 shr eax,0x3
5c0295f6 83e001 and eax,0x1
5c0295f9 c3 ret
FAULT ->5c0295fa 8b01 mov eax,
[ecx] ds:0023:00000000=????????
5c0295fc 83e001 and eax,0x1
5c0295ff c3 ret
5c029600 b8b015045c mov eax,0x5c0415b0
5c029605 e8a6be0000 call SRRSTR!
SRGetCplPropPage+0x4f8 (5c0354b0)
5c02960a 83ec0c sub esp,0xc
5c02960d 8365f000 and dword ptr [ebp-
0x10],0x0
5c029611 56 push esi
5c029612 8d7104 lea esi,[ecx+0x4]
5c029615 8bce mov ecx,esi
5c029617 e8bf9b0000 call SRRSTR!
InitializeChangeNotify+0x99e (5c0331db)

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found. Defaulted to
export symbols for C:\WINDOWS\system32
\restore\rstrui.exe -
WARNING: Stack unwind information not available.
Following frames may be wrong.
ChildEBP RetAddr Args to Child
0006e868 01012558 00000001 00000800 00000000 SRRSTR!
PrepareRestore+0x249
0006f4b8 00000000 00020019 0006f52c 00000000
rstrui+0x12558

*----> Raw Stack Dump <----*
000000000006e850 88 93 02 5c 00 00 00 00 - 02 00 00 80
08 00 00 00 ...\............
000000000006e860 03 00 00 00 b8 ee 08 00 - b8 f4 06 00
58 25 01 01 ............X%..
000000000006e870 01 00 00 00 00 08 00 00 - 00 00 00 00
49 00 4e 00 ............I.N.
000000000006e880 45 00 5c 00 53 00 4f 00 - 46 00 54 00
57 00 41 00 E.\.S.O.F.T.W.A.
000000000006e890 52 00 45 00 5c 00 43 00 - 6c 00 61 00
73 00 73 00 R.E.\.C.l.a.s.s.
000000000006e8a0 65 00 73 00 5c 00 49 00 - 6e 00 74 00
65 00 72 00 e.s.\.I.n.t.e.r.
000000000006e8b0 66 00 61 00 63 00 65 00 - 5c 00 7b 00
45 00 30 00 f.a.c.e.\.{.E.0.
000000000006e8c0 37 00 33 00 32 00 43 00 - 41 00 32 00
2d 00 38 00 7.3.2.C.A.2.-.8.
000000000006e8d0 30 00 44 00 43 00 2d 00 - 31 00 31 00
44 00 33 00 0.D.C.-.1.1.D.3.
000000000006e8e0 2d 00 42 00 39 00 45 00 - 36 00 2d 00
30 00 30 00 -.B.9.E.6.-.0.0.
000000000006e8f0 43 00 30 00 34 00 46 00 - 37 00 39 00
45 00 33 00 C.0.4.F.7.9.E.3.
000000000006e900 39 00 39 00 7d 00 5c 00 - 54 00 79 00
70 00 65 00 9.9.}.\.T.y.p.e.
000000000006e910 4c 00 69 00 62 00 00 00 - 00 00 06 00
e0 eb 06 00 L.i.b...........
000000000006e920 04 00 00 c0 03 00 00 00 - 00 00 00 00
02 00 00 00 ................
000000000006e930 d5 96 f8 77 16 ea 06 00 - fc eb 06 00
04 00 00 c0 ...w............
000000000006e940 8d cc c4 7e 70 00 00 00 - 28 ec 06 00
7b df f5 77 ...~p...(...{..w
000000000006e950 84 e9 06 00 00 00 36 00 - 33 00 35 00
32 00 36 00 ......6.3.5.2.6.
000000000006e960 31 00 34 00 31 00 31 00 - 00 00 08 00
a0 e9 06 00 1.4.1.1.........
000000000006e970 00 00 36 00 33 00 35 00 - 32 00 36 00
31 00 34 00 ..6.3.5.2.6.1.4.
000000000006e980 31 00 31 00 00 00 08 00 - 78 e9 06 00
34 e9 06 00 1.1.....x...4...

==================================================

.... plus this from the Error Dialog:

AppName: rstrui.exe
AppVer: 5.1.2600.1106
ModName: srrstr.dll
ModVer: 5.1.2600.1142
Offset: 000095fa
 
Rstrui.exe is what loads your Restore points . Read this & see if you have
it set up correctly:

1. In My Computer, click the Tools menu -> Folder Options.
2. On the View tab, make sure to check the option "Hide extensions for known file types".
3. Click OK.
4. Click the Start menu -> Run. Type: " %windir%\inf " (Without quotation
marks) in the Open field. Click OK.
5. Locate and select the file " sr.inf ". Right-click it and then click Install.

Troubleshooting System Restore in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;302796

System Restore for Windows XP
http://www.kellys-korner.com/xp_restore.htm

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

-------------------------------------------------------------------------------


| Can anyone help please?
|
| System Restore in XP Pro crashes with an Error Dialog,
| and also leaves the following Dr.Watson...
|
| ===============================================
|
| Application exception occurred:
| App: C:\WINDOWS\system32\restore\rstrui.exe (pid=3464)
| When: 26/03/2004 @ 16:17:29.285
| Exception number: c0000005 (access violation)
|
| *----> System Information <----*
| Computer Name: W094
| User Name: WAdmin
| Terminal Session Id: 0
| Number of Processors: 1
| Processor Type: x86 Family 6 Model 8 Stepping 6
| Windows Version: 5.1
| Current Build: 2600
| Service Pack: 1
| Current Type: Uniprocessor Free
| Registered Organization: Murray Beith Murray WS
| Registered Owner: IS Group
|
| *----> Task List <----*
| 0 System Process
| 4 System
| 428 smss.exe
| 492 csrss.exe
| 516 winlogon.exe
| 560 services.exe
| 572 lsass.exe
| 740 svchost.exe
| 792 svchost.exe
| 872 svchost.exe
| 924 svchost.exe
| 972 spoolsv.exe
| 1156 LogWatNT.exe
| 1172 nvsvc32.exe
| 1316 locator.exe
| 1416 SLClient.exe
| 1468 snmp.exe
| 3840 svchost.exe
| 1020 SWEEPSRV.SYS
| 3368 SWNETSUP.EXE
| 2952 SWUPDATE.EXE
| 1856 Explorer.EXE
| 764 jusched.exe
| 3936 ICMON.EXE
| 2800 dllhost.exe
| 416 msdtc.exe
| 1800 WMIADAP.EXE
| 2972 helpctr.exe
| 1544 HelpSvc.exe
| 3464 rstrui.exe
| 2672 drwtsn32.exe
|
| *----> Module List <----*
| (0000000001000000 - 000000000105e000: C:\WINDOWS\system32
| \restore\rstrui.exe
| (000000005ad70000 - 000000005ada4000: C:\WINDOWS\System32
| \uxtheme.dll
| (000000005c020000 - 000000005c05c000: C:\WINDOWS\System32
| \SRRSTR.dll
| (000000005c060000 - 000000005c072000: C:\WINDOWS\System32
| \srclient.dll
| (00000000692c0000 - 00000000692ee000: C:\WINDOWS\System32
| \Wbem\framedyn.dll
| (0000000070a70000 - 0000000070ad5000: C:\WINDOWS\system32
| \SHLWAPI.dll
| (0000000071950000 - 0000000071a34000:
| C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-
| Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
| \comctl32.dll
| (0000000071bf0000 - 0000000071c01000: C:\WINDOWS\System32
| \SAMLIB.dll
| (0000000076360000 - 000000007636f000: C:\WINDOWS\System32
| \WINSTA.dll
| (0000000076f90000 - 0000000076fa0000: C:\WINDOWS\System32
| \Secur32.dll
| (0000000077120000 - 00000000771ab000: C:\WINDOWS\system32
| \OLEAUT32.dll
| (00000000771b0000 - 00000000772d1000: C:\WINDOWS\system32
| \ole32.dll
| (0000000077340000 - 00000000773cb000: C:\WINDOWS\system32
| \COMCTL32.dll
| (00000000773d0000 - 0000000077bc2000: C:\WINDOWS\system32
| \SHELL32.dll
| (0000000077c00000 - 0000000077c07000: C:\WINDOWS\system32
| \VERSION.dll
| (0000000077c10000 - 0000000077c63000: C:\WINDOWS\system32
| \msvcrt.dll
| (0000000077c70000 - 0000000077cb0000: C:\WINDOWS\system32
| \GDI32.dll
| (0000000077d40000 - 0000000077dcc000: C:\WINDOWS\system32
| \USER32.dll
| (0000000077dd0000 - 0000000077e5d000: C:\WINDOWS\system32
| \ADVAPI32.dll
| (0000000077e60000 - 0000000077f46000: C:\WINDOWS\system32
| \kernel32.dll
| (0000000077f50000 - 0000000077ff7000: C:\WINDOWS\System32
| \ntdll.dll
| (0000000078000000 - 0000000078086000: C:\WINDOWS\system32
| \RPCRT4.dll
|
| *----> State Dump for Thread Id 0xb24 <----*
|
| eax=0008eeb8 ebx=010047f8 ecx=00000000 edx=7ffe0304
| esi=00000000 edi=00000000
| eip=5c0295fa esp=0006e850 ebp=0006e868 iopl=0 nv
| up ei pl zr na po nc
| cs=001b ss=0023 ds=0023 es=0023 fs=0038
| gs=0000 efl=00000246
|
| *** ERROR: Symbol file could not be found. Defaulted to
| export symbols for C:\WINDOWS\System32\SRRSTR.dll -
| function: SRRSTR!PrepareRestore
| 5c0295e6 e001 loopne SRRSTR!
| PrepareRestore+0x238 (5c0295e9)
| 5c0295e8 c3 ret
| 5c0295e9 8b01 mov eax,[ecx]
| 5c0295eb d1e8 shr eax,1
| 5c0295ed 83e001 and eax,0x1
| 5c0295f0 c3 ret
| 5c0295f1 8b01 mov eax,[ecx]
| 5c0295f3 c1e803 shr eax,0x3
| 5c0295f6 83e001 and eax,0x1
| 5c0295f9 c3 ret
| FAULT ->5c0295fa 8b01 mov eax,
| [ecx] ds:0023:00000000=????????
| 5c0295fc 83e001 and eax,0x1
| 5c0295ff c3 ret
| 5c029600 b8b015045c mov eax,0x5c0415b0
| 5c029605 e8a6be0000 call SRRSTR!
| SRGetCplPropPage+0x4f8 (5c0354b0)
| 5c02960a 83ec0c sub esp,0xc
| 5c02960d 8365f000 and dword ptr [ebp-
| 0x10],0x0
| 5c029611 56 push esi
| 5c029612 8d7104 lea esi,[ecx+0x4]
| 5c029615 8bce mov ecx,esi
| 5c029617 e8bf9b0000 call SRRSTR!
| InitializeChangeNotify+0x99e (5c0331db)
|
| *----> Stack Back Trace <----*
| *** ERROR: Symbol file could not be found. Defaulted to
| export symbols for C:\WINDOWS\system32
| \restore\rstrui.exe -
| WARNING: Stack unwind information not available.
| Following frames may be wrong.
| ChildEBP RetAddr Args to Child
| 0006e868 01012558 00000001 00000800 00000000 SRRSTR!
| PrepareRestore+0x249
| 0006f4b8 00000000 00020019 0006f52c 00000000
| rstrui+0x12558
|
| *----> Raw Stack Dump <----*
| 000000000006e850 88 93 02 5c 00 00 00 00 - 02 00 00 80
| 08 00 00 00 ...\............
| 000000000006e860 03 00 00 00 b8 ee 08 00 - b8 f4 06 00
| 58 25 01 01 ............X%..
| 000000000006e870 01 00 00 00 00 08 00 00 - 00 00 00 00
| 49 00 4e 00 ............I.N.
| 000000000006e880 45 00 5c 00 53 00 4f 00 - 46 00 54 00
| 57 00 41 00 E.\.S.O.F.T.W.A.
| 000000000006e890 52 00 45 00 5c 00 43 00 - 6c 00 61 00
| 73 00 73 00 R.E.\.C.l.a.s.s.
| 000000000006e8a0 65 00 73 00 5c 00 49 00 - 6e 00 74 00
| 65 00 72 00 e.s.\.I.n.t.e.r.
| 000000000006e8b0 66 00 61 00 63 00 65 00 - 5c 00 7b 00
| 45 00 30 00 f.a.c.e.\.{.E.0.
| 000000000006e8c0 37 00 33 00 32 00 43 00 - 41 00 32 00
| 2d 00 38 00 7.3.2.C.A.2.-.8.
| 000000000006e8d0 30 00 44 00 43 00 2d 00 - 31 00 31 00
| 44 00 33 00 0.D.C.-.1.1.D.3.
| 000000000006e8e0 2d 00 42 00 39 00 45 00 - 36 00 2d 00
| 30 00 30 00 -.B.9.E.6.-.0.0.
| 000000000006e8f0 43 00 30 00 34 00 46 00 - 37 00 39 00
| 45 00 33 00 C.0.4.F.7.9.E.3.
| 000000000006e900 39 00 39 00 7d 00 5c 00 - 54 00 79 00
| 70 00 65 00 9.9.}.\.T.y.p.e.
| 000000000006e910 4c 00 69 00 62 00 00 00 - 00 00 06 00
| e0 eb 06 00 L.i.b...........
| 000000000006e920 04 00 00 c0 03 00 00 00 - 00 00 00 00
| 02 00 00 00 ................
| 000000000006e930 d5 96 f8 77 16 ea 06 00 - fc eb 06 00
| 04 00 00 c0 ...w............
| 000000000006e940 8d cc c4 7e 70 00 00 00 - 28 ec 06 00
| 7b df f5 77 ...~p...(...{..w
| 000000000006e950 84 e9 06 00 00 00 36 00 - 33 00 35 00
| 32 00 36 00 ......6.3.5.2.6.
| 000000000006e960 31 00 34 00 31 00 31 00 - 00 00 08 00
| a0 e9 06 00 1.4.1.1.........
| 000000000006e970 00 00 36 00 33 00 35 00 - 32 00 36 00
| 31 00 34 00 ..6.3.5.2.6.1.4.
| 000000000006e980 31 00 31 00 00 00 08 00 - 78 e9 06 00
| 34 e9 06 00 1.1.....x...4...
|
| ==================================================
|
| ... plus this from the Error Dialog:
|
| AppName: rstrui.exe
| AppVer: 5.1.2600.1106
| ModName: srrstr.dll
| ModVer: 5.1.2600.1142
| Offset: 000095fa
|
|
 
Back
Top