System State Backup fails with error code 2155348237

October 12th, 2009, Author: Colin, Categories: How-to, Technology, Windows 2008

Since upgrading one of my domain controllers to Windows 2008 I had noticed a couple of errors related to VSS around the normal backup times, so I decided to investigate these. The primary message I was receiving was:

Backup started at ‘dd/mm/yyyy time’ failed with the following error code ‘2155348237′ (Enumeration of files failed.). Please rerun backup once issues resolved.

This error message does not help you locate the issue at all. The backup log files in c:\windows\logs\WindowsServerBackup were empty as well. So no help at all.

I did some research, not coming up with any real solution, just some remarks about it being caused by a third party application. Trend Micro was one of these third party applications. I am running Trend Micro OfficeScan on the server in question but because in the message threads the removal of Trend didn’t fix their problem I ignored it.

Eventually I came across a helpful post at social Technet forums.

http://social.technet.microsoft.com/Forums/en/windowsbackup/thread/4be0aae2-797c-453b-8a1f-bf7f70e52266

What is useful in this post is that a MSFT provided some useful information regarding how to find the culprit service that has an incorrect file path. To re-iterate the instructions:

Download the Microsoft Windows SDK
Open an elevated command window
Run the command vshadow.exe -wm2 > out.txt
Search the out.txt file for the string “\..\”
uninstall the service in question.

Another way to find this service is to open regedit and go to HK_LOCAL_MACHINE and search system for “\..\”

This is how I found the service that was causing my issue. In this case it was the Trend Micro Unauthorized Change prevention service.

The Homedir and Imagepath values contained \..\. To test this I removed the \..\ from the string and then re-ran the system state backup using the following command.

wbadmin start systemstatebackup -backuptarget:D:

It all worked now.

I would not remove Antivirus from the server because I could not run a system state backup but it would have been nice if the backup process logged the registry key and if we could simply ignore the error and continue anyway.

Tags: backup software, trend micro officescan, troubleshoot, Window Server 2008 R2, windows operating systems, WindowsServerBackup

2 Comments until now.

Jewel (#)
November 18th, 2009

Thanks for all of the informative details about System State Backup that you have posted here. At least now, I have an idea on what I should do with the errors. Thanks for giving the step by step instruction. I guess I can easily follow this when I upgrade the OS of my desktop or laptop computer.
Colin (#)
November 19th, 2009

Well thanks. I’m glad it was of some use for you.

Comment!

Rss Feedseed