SRUDB.dat Event Log - about 117 per hour!

After getting my first Windows 8 Blue Screen (I made it one year and one month from the purchase of a new Lenovo Laptop) I checked the event log.  I am getting approximately 2 of these errors EVERY MINUTE!

I looked up what was running under this process id and these are the services:

svchost.exe                   1724 BFE, DPS, MpsSvc

Base Filtering Engine, Diagnostic Policy Service, Windows Firewall

Makes me think this is a network driver issue, but my wireless and cabled network both perform well.

svchost (1724) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 7938048 (0x0000000000792000) (database page 1937 (0x791)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch.  The stored checksum was [a042abbbf0884b06] and the computed checksum was [00000791fd3b01cb].  The read operation will fail with error -1018 (0xfffffc06).  If this condition persists then please restore the database from a previous backup.  This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Ran checkdisk in offline mode "chkdsk /f /r" with no bad sectors reported.  Also ran system file checker "sfc /scannow "  and Deployment Image Servicing and Management "DISM.exe /Online /Cleanup-Image /RestoreHealth " successfully.

Updated Anti-Virus (Avast Free) and ran boot time scan which shows 1 CAB file as corrupted. 

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp>dir
 Volume in drive C is Windows8_OS
 Volume Serial Number is 706C-5AB7

 Directory of C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp

03/11/2015  11:27 PM       127,159,032 mpam-8ca7e919.exe
03/23/2015  08:23 PM        22,913,024 mpam-abc6940c.exe
03/23/2015  08:25 PM             8,642 MpCmdRun.log
               3 File(s)    150,080,698 bytes
               2 Dir(s)  857,925,300,224 bytes free

Any idea how to repair this file assuming that is the issue?

Otherwise, how to stop the twice a minute event logs? 

  • Edited by JamesVMoore Tuesday, March 24, 2015 2:11 PM adding addtional trouble shooting information
March 23rd, 2015 5:30pm

Hi,

To fix this problem, firstly, please try to use Dism command below to fix system component for test:

DISM /Online /Cleanup-Image /RestoreHealth

If no use, try to use system restore to revert your system to a former normal time point for test.

Free Windows Admin Tool Kit Click here and download it now
March 26th, 2015 3:58am

Unfortunately, I don't have a restore point far enough back.  I have made a full image backup so I can always restore to the place I was before I started trouble shooting this issue.  I re-installed all manufacturer's drivers, ran windows updates.  Still get 120 ESENT errors per hour.  I will respond with the status of the DISM.  Thank you for your help. Re-Running DISM /Online /Cleanup-Image /RestoreHealth
March 27th, 2015 5:33pm

DIR of %/SRU/Ran both DSIM and SFC  below are the results.  Still see recent Events for ESENT same as before.  I haven't rebooted yet.  I am tempted to delete the DAT file but this is my primary work computer and I can't be offline for even a day.

Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>cd sru

C:\Windows\System32\sru>dir
 Volume in drive C is Windows8_OS
 Volume Serial Number is 706C-5AB7

 Directory of C:\Windows\System32\sru

03/27/2015  02:10 PM    <DIR>          .
03/27/2015  02:10 PM    <DIR>          ..
03/27/2015  02:10 PM             8,192 SRU.chk
03/27/2015  02:10 PM            65,536 SRU.log
03/27/2015  02:10 PM            65,536 SRU0D0E8.log
03/25/2015  08:00 AM        35,135,488 SRUDB.dat
03/18/2014  03:00 AM            65,536 SRUres00001.jrs
03/18/2014  03:00 AM            65,536 SRUres00002.jrs
03/27/2015  02:09 PM            65,536 SRUtmp.log
               7 File(s)     35,471,360 bytes
               2 Dir(s)  856,290,320,384 bytes free

C:\Windows\System32\sru>eseutil /p
'eseutil' is not recognized as an internal or external command,
operable program or batch file.

C:\Windows\System32\sru>

C:\Windows\System32\sru>cd ..

C:\Windows\System32>eseutil /P
'eseutil' is not recognized as an internal or external command,
operable program or batch file.

C:\Windows\System32>DISM /Online /Cleanup-Image /RestoreHealth

Deployment Image Servicing and Management tool
Version: 6.3.9600.17031

Image Version: 6.3.9600.17031

[==========================100.0%==========================]
The restore operation completed successfully. The component store corruption was
 repaired.
The operation completed successfully.

C:\Windows\System32>SFC.EXE /SCANNOW

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\Windows\System32>

Free Windows Admin Tool Kit Click here and download it now
March 27th, 2015 6:15pm

Thank You.  I have already downloaded the appropriate software from the hard drive manufacturer because I suspected this might be the issue. I will run that application and see if my disk needs replacing.  Made a full system image earlier just in case.  As soon as the routine completes I will post my results on this forum.

Re-Running the tools after a MSCONFIG limited boot to only Microsoft services and start up items all disabled I get these results below.

Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>sfc /?

Microsoft (R) Windows (R) Resource Checker Version 6.0
Copyright (C) Microsoft Corporation. All rights reserved.

Scans the integrity of all protected system files and replaces incorrect version
s with
correct Microsoft versions.

SFC [/SCANNOW] [/VERIFYONLY] [/SCANFILE=<file>] [/VERIFYFILE=<file>]
    [/OFFWINDIR=<offline windows directory> /OFFBOOTDIR=<offline boot directory>
]

/SCANNOW        Scans integrity of all protected system files and repairs files
with
                problems when possible.
/VERIFYONLY     Scans integrity of all protected system files. No repair operati
on is
                performed.
/SCANFILE       Scans integrity of the referenced file, repairs file if problems
 are
                identified. Specify full path <file>
/VERIFYFILE     Verifies the integrity of the file with full path <file>.  No re
pair
                operation is performed.
/OFFBOOTDIR     For offline repair specify the location of the offline boot dire
ctory
/OFFWINDIR      For offline repair specify the location of the offline windows d
irectory

e.g.

        sfc /SCANNOW
        sfc /VERIFYFILE=c:\windows\system32\kernel32.dll
        sfc /SCANFILE=d:\windows\system32\kernel32.dll /OFFBOOTDIR=d:\ /OFFWINDI
R=d:\windows
        sfc /VERIFYONLY

C:\WINDOWS\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\WINDOWS\system32>Dism /Online /Cleanup-Image /RestoreHealth

Deployment Image Servicing and Management tool
Version: 6.3.9600.17031

Image Version: 6.3.9600.17031

[==========================100.0%==========================]
The restore operation completed successfully. The component store corruption was
 repaired.
The operation completed successfully.

C:\WINDOWS\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

April 15th, 2015 10:53am

Ran Seagate Disk Tools for Windows and failed the most basic, fast checks.  Will try running the fix program after work (once I do a full back up) - that could take hours. Surprised the drive is failing after 1 year but it does get used 24/7/265.
Free Windows Admin Tool Kit Click here and download it now
April 15th, 2015 11:40am

James

most HDs are rated less than 100% utilization time (most ~10%)so if yours is on 24/7/365 that is 8760 hours and if you use your more than 10% of the  time it is approaching the mean time between failures a commercial driver of around 15000 hours.

April 15th, 2015 12:11pm

Excellent point.  This weekend I swapped drives and imaged a copy of my OS / files onto the new "disk".

Replaced 1 TB Seagate hard drive with 250 GB Samsung 850 SSD. The errors continue. This leads me to believe the issue is OS or Software related.  I attempted to rename the file in question and got a prompt that it was in use by BFE (Base Filtering Engine).  I might have luck trouble shooting this is if I knew what SRUdb.dat was supposed to be doing but I don't see any useful information online. 

Would have liked to re-install Windows 8 but my Lenovo recovery partition doesn't appear to support that function.  In fact, it appears to serve no other purpose that taking up space. 

Thank You. 

To summarize, the replacement of my hard disk with a SSD running a sector by sector (Acronis) copy of the drive has made no difference what so ever. 

Free Windows Admin Tool Kit Click here and download it now
April 20th, 2015 6:12pm

Went as far as deleting the offending file. Have no idea what it really does because there doesn't appear to be any clear indication of its purpose. After the deletion I no longer get the error messages. System boots much faster from SSD but at a sacrifice of 1 TB for < 250 GB (a lot less because Lenovo has a large number of hidden partitions and no way to do a clean installation of Windows).

I am closing this thread unanswered. 

  • Marked as answer by JamesVMoore 6 hours 13 minutes ago
April 29th, 2015 9:11pm

Went as far as deleting the offending file. Have no idea what it really does because there doesn't appear to be any clear indication of its purpose. After the deletion I no longer get the error messages. System boots much faster from SSD but at a sacrifice of 1 TB for < 250 GB (a lot less because Lenovo has a large number of hidden partitions and no way to do a clean installation of Windows).

I am closing this thread unanswered. 

  • Marked as answer by JamesVMoore Thursday, April 30, 2015 1:09 AM
Free Windows Admin Tool Kit Click here and download it now
April 30th, 2015 1:09am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics