Event Log stopped working - Error 1747 : The Authentication Service is Unknown
I reccently noticed that my scheduled tasks were no longer running. I tried to bring up the task scheduler and it said the service was not running. I checked the service and sure enough, it was not running. I tried to start it and it failed because the windows event log service, which is a dependency, was also not running. I tried to start the event log service, and gave the error above in the subject line.
The event log service uses a log on of "Local Service". There are other services that use the same log on and they start up with no problem. I have searched the internet for a solution to this and have tried several things I found with no luck. One was to run SFC, another was to delete the Windows/Logs and Windows/System32/Logfiles folders so they would be re-created on startup. I also tried subinacl to reset the ACLs on registry branches and the subfolders of %SystemDrive% as recommeded in another forum.
I am running Vista Home Premium and all the latest updates have neen applied. Anyone have any further ideas? (short of re-installing Vista).
Thanks.
Réponses
The official recommended solution i got from opening my case was to format and reload Vista. I offered to send them an image of my pc to troubleshoot the problem themselves but they never took me up on the offer.
3 days of downtime was too much so i reloaded the OS. Not an acceptable solution but i had no choice.
Toutes les réponses
- I am having the same problem. Searched high and low as well.
I am currently trying the permission fixes that we both found but i doubt they will work as the permissions seem to be setup correctly.
Running Vista Business. We have support contract with microsoft, before i reload vista i will call them and post here my finding.
(Errors for Google)
Windows could not start the Windows Event Log service on Local Computer.
Error 1747: The authentication service is unknown. Hi,
Thanks for your post. This issue may occur if the system service components are corrupted or certain 3rd party program is inflecting them from running normally. To resolve it, let's try the following steps:
Step 1: Check user permissions
============================
Please open System Registry to check the permissions of the two services and make sure your current user has full permissions.
Task Schedule service:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule
Windows Event log service:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
If the services permissions are set correctly, we can then try a "Clean Boot" to narrow down the cause and troubleshoot it.
Step 2: Try a Clean Boot
============================
Let’s disable all startup items and third party services when booting. This method will help us determine if this issue is caused by a loading program or service. Please perform the following steps:
1. Click the Start Button type "msconfig" (without quotation marks) in the Start Search box, and then press Enter.
Note: If prompted, please click Continue on the User Account Control (UAC) window.
2. Click the "Services" tab, check the "Hide All Microsoft Services" box and click "Disable All" (if it is not gray).
3. Click the "Startup" tab, click "Disable All" and click "OK".
Then, restart the computer. When the "System Configuration Utility" window appears, please check the "Don't show this message or launch the System Configuration Utility when Windows starts" box and click OK.
Please test this issue in the Clean Boot environment, if the issue disappears in the Clean Boot environment, we can use a 50/50 approach to quickly narrow down which entry is causing the issue.
For more information about this step, please refer to the following KB article:
How to troubleshoot a problem by performing a clean boot in Windows Vista
http://support.microsoft.com//kb/929135
However, if the issue persists, please capture some related screenshot files of error messages then send to SCEDATA@microsoft.com including the following text.
Event Log stopped working - Error 1747 : The Authentication Service is Unknown
http://forums.microsoft.com/TechNet/ShowPost.aspx?siteid=17&PostID=2711319
Robbin Meng – MSFT
At the same time, if possible, please check if you can open the Event log console and if there is any related Event errors there. If any, please let me the detailed error information for further research. Thank you.
Sincerely,
Robbin Meng
Microsoft Online Community Support
Thank you for the response.
I have tried the steps you mentioned and the problem is still there. I also have a case open with Microsoft.
I have also tried the steps mentioned on page 2 of this thread:
Which did not solve my problem. Keep in mind his error, while trying to start the event log, is different than mine and the original poster in this thread.
I just ended 4 hours of troubleshooting with Microsoft and we have not gained any ground. Currently they are reviewing Process Monitor boot logs.
Our call continues in the AM, i will keep update this thread with any news.
Please let me know if you have any other ideas as well.
Thank you,
Matt
Hi,Please capture some related screenshot files of error messages then send to SCEDATA@microsoft.com including the following text.
Event Log stopped working - Error 1747 : The Authentication Service is Unknown
http://forums.microsoft.com/TechNet/ShowPost.aspx?siteid=17&PostID=2711319
Robbin Meng – MSFT
At the same time, if possible, please check if you can open the Event log console and if there is any related Event errors there. If any, please also send the saved event log files to me as well. Thank you.
Collecting Even log
============
1. Click "Start", input "eventvwr" (without quotation marks) in the Start Search bar and press Enter.
2. Right click on "Application" on the left frame, choose "Save Log file As"; in the pop-up window, click to choose the Desktop icon on the left frame, input "app" in the "File name" blank, and then click save.
3. Right click on "System", with the same method, save it as "sys".
4. Locate the two saved log files on the Desktop and send them to us at: SCEDATA@microsoft.com .
Sincerely,
Robbin Meng
Microsoft Online Community SupportRobbin, i appreciate the effort but please remember that my main issue is i cannot view the event logs.
I transfered them to another PC to view and that computer said the logs were corrupted.
Almost every utility and tool the guys on the phone had me try failed with some type of error.
Somehow my OS got corrupted enough that it is unrepairable but yet still bootable.
As much as i would like to fix this without formatting i cannot go any longer without my PC. Our 3,000+ XP machines will be running XP for a bit longer after this experience as well.
Sorry for no fix googlers.
Matt
The official recommended solution i got from opening my case was to format and reload Vista. I offered to send them an image of my pc to troubleshoot the problem themselves but they never took me up on the offer.
3 days of downtime was too much so i reloaded the OS. Not an acceptable solution but i had no choice.
Dear Matt,
Again, thanks for writing back to me and help me to clarify the current situations. I understand that you have already performed reinstallation on this machine and I understand that the process of checking each step is time-consuming.
We are sorry for the inconvenience this may have caused. I apologize my suggestions didn't assist in resolving this issue, I'm glad everything is working now. All the time and efforts you have invested in this issue are highly appreciated.
As we discussed, this issue may occur if the system service components are corrupted or certain 3rd party program is inflecting them from running normally. I have forwarded your feedback to the appropriate team. We strive to capture any and all product issues/feedback so as to ensure we are continuously developing Microsoft products to meet customer needs.
Though we were not able to fully resolve the issue at Microsoft Online Support Services, I hope you are still pleased with our services. If there is anything we could have done better, please feel free to put forward your feedback to me. Suggestions and ideas about how we can improve our service level are always welcome.
Based on the current status, if there is no further assistance I can provide, I will go ahead and achieve this thread as "self-resolved". If you have any further questions or concerns, please response at any time.
At the same time, I would like to share the following Web sites with you.
http://www.winvistaclub.com/t37.html
Again, thank you for using Microsoft Online Community Support Service.
Sincerely,
Robbin Meng
Microsoft Online Community Support
I had the same problem over here and found some clues to help:
- tried everything under the sun to fix Event Log
- noticed some errors on other services; almost everything has a dependency based on Windows Event Log, so at first I assumed the error were related to it, but the error in my case was:
"a system call that should never fail has failed"
which is a generic error when MS people run out on creative names for specific errors
Then, looking for a fix on this one, I found this:http://forums.techguy.org/windows-vista/607729-vista-error-10107-system-call.html
and led me to this
To make it short, open a command prompt with administrative rights and run
netsh winsock reset
Restart the computer and for me everything is fine now!
Good Luck
- Proposé comme réponsejohn vb lundi 14 septembre 2009 15:09
I have other problem. The Eventlog service is configured to start "automatic" but it never starts.
When trying to start manually it shows error as "error 5 Access denied"
I tried above "netsh winsock reset" in command prompt. I get message "The operation requires
elevation"
I cant see any log of events as the log service has stopped.
please help.
I have similar situation that eventlog not started and DHCP client not started due to the depending service.
Tried your NETSH methold, but encountered elevation error. Did a serach in Microsoft for the error without result.
Glorified Google search return Microsoft link to resolve:
http://support.microsoft.com/kb/811259
Reboot, things backed to normal.
Thanks
Bravo Al...
I had these same issues afecting MANY automatic services, Network Card, IPSec, EventLog, Authentication... Running Windows Vista Business.
It would boot, very slowly mind you, but the OS was useless.
I ran the "netsh winsock reset" , rebooted and PRESTO. No further issues. Everyone with this issue, head to this digitallife website and say thank you. Thanks AL... well done
Purushottam you can right-click on the Command Line link and select Run As Administrator. Then run the Netsh Winsock Reset command.
Al you are a life saver.
It is very necessarily important to reconstruct the crime scene. We should attempt to make the effect show up the same fault, perhaps it would be reappear.
Step 1. Install Bonjour
Install any software of the Adobe CS 3, for example install Photoshop CS3, Illustrator CS3, InDesign CS3, Flash CS3, etc. Bonjour also with installed.
When you install any edition of the Adobe Creative Suite 3 family or a Creative Suite 3 component on Windows, Bonjour for Windows is installed as a service on the machine. Bonjour is Apple's open source implementation of zero-configuration networking software. It is used by Adobe Version Cue CS3 client applications to dynamically discover Version Cue Servers on the
local network.Installed folder
C:\Program Files\Bonjour
Installed files
mdnsNSP.dll
mDNSResponder.exeRegistry change
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"="C:\Program Files\Bonjour\mDNSResponder.exe"
"DisplayName"="##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##"
"DependOnService"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00
"ObjectName"="LocalSystem"
"Description"="##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service\Parameters]
"ManageLLRouting"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service\Enum]
"0"="Root\\LEGACY_BONJOUR_SERVICE\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001For more information about Bonjour, see Apple's Bonjour technology brief: http://images.apple.com/macosx/pdf/MacOSX_Bonjour_TB.pdf
Step 2. Uninstall Bonjour
Removing Bonjour for Windows as following:
http://kb.adobe.com/selfservice/viewContent.do?externalId=kb400982&sliceId=2To remove Bonjour:
Open a Windows command prompt and type the following command:
"C:\Program Files\Bonjour\mDNSResponder.exe -remove"
Navigate to the following folder in Windows Explorer: C:\Program Files\Bonjour
Rename the mdnsNSP.dll file in that folder to mdnsNSP.old
Restart your computer
Delete the the Program Files\Bonjour folderNote: Removing Bonjour prevents Version Cue clients (Photoshop, Illustrator, InDesign, Flash, Bridge) from automatically discovering Version Cue Servers and Version Cue projects in your local network. You will need to connect manually using Connect to Server and the URL or IP address of the machine running Version Cue Server instead.
Step 3. Delete related "Bonjour" in registry
Click the Start Button and type "regedit" (without quotation marks) or "regedt32" (without quotation marks) in the Start Search box, and then press Enter key, then the registry editor Launched.
Navigate to the root in registry editor, select Find from the Edit menu, searth the "Bonjour" from root, select and delete each hivekey founded with this characterstring, hit F3 key to search for the next occurrence, and delete, repeat press F3 key, select founded hivekey and delete it util no found to end. Close the registry editor.
Step 4. Restart your computer
Now the fault would maybe reappear.
Winsock catalog corruption is surely the cause of these failures.
To repair the winsock catalog, delete the Winsock & Winsock2 service's hivekey in Registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2
Click the Start Button and type "regedit" (without quotation marks) or "regedt32"(without quotation marks) in the Start Search box, and then press Enter key. Pls expand to above two hivekey, delete them. Restart. OK all right. good luck.
Hei there,
I am a torubleshooter,
this system could not gain acces to internet.
but a ping to a internet IP adress works fine,
pinging to a url does not, no adres resolving.
the probable reason was removing some software which does not have
a good removal program. the program was some PCtools stuff
and had it self hooked in the thirst three layers of the LSA stack
modyfing the LSA stack by hand did not solved my problem
netsh winsock reset works perfect
thanks.
I had the problem on a machine after an attempted Windows Vista Home Premium update to SP1 failed.
Thank you to Al Oliveira the netsh winsock reset solution worked first time, the quickest solution to a windows problem I have had in a while. Now I can get back to the other issue of why SP1 failed.
I am having this problem as well. Happened shortly after automatic updates were installed on 9/9/08. Also, within the previous week, I had installed I-tunes. This raised my curiousity because I have seen related posts targeting apple's Bonjour service (some sort of zero-configuration network service). I have since removed all apple software, but to no avail. However, I doubted that was the problem to begin with, because the event log, one of the most fundamental services in windows and one of the first to start up, shouldn't be dependent upon any networking services.
Judging from your experience, I shouldn't expect too much help from MS. I do have a backup of my system, but it is a little old. Maybe I'll try to restore from there.
Dan
Hi all. I am an IT technician & have recently been troubleshooting a customer's Windows Vista Home Premium laptop in a wireless home network.
In a nutshell the laptop suddenly stopped connecting to the wireless router; upon investigation I found lots of windows services were not starting; this sent me on a bit of a wild goose chase as this showed all signs of some kind of trojan / malware infection hogging the system. Here are some of the things I saw:
1). Norton 360 wasn't even running correctly & I was unable to view it's firewall status.
2). Windows firewall was disabled & I was unable to start it (service failed error message).
3). I was unable to view windows event logs & received "Error 1747 : The Authentication Service is Unknown"
4). Windows Side Bar was all blanked out & not showing any gadgets
5). I attempted a system restore but that failed (I saw references in system restore that the Bonjour service had been un-installed)
I did loads of further investigation & found this thread. It would appear that removing, or even trying to remove / un-install the Bonjour service may cause the above mentioned issues in windows Vista. I have not seen this kind of errata in windows XP.
I have heard of people pulling their hair out & re-installing the operating system possibly due to experiencing these issues.
Please Read On....
Resolution that worked for me:
I ran the Winsock corruption fix that is mentioned in previous threads as per microsoft's instructions found at the following URL: http://support.microsoft.com/kb/811259
--------------------------------------------------------------------------------------------------------------------------------
Manual steps to recover from Winsock2 corruption for Windows Vista users
Winsock corruption can cause connectivity problems. To resolve this issue by using Network Diagnostics in Windows Vista, follow these steps:
Note You may also access the Network and Sharing Center in Control Panel.1. Click , and then click Network. 2. Click Network and Sharing Center. 3. In the Network and Sharing Center box, click Diagnose and Repair.
If the Network and Diagnostic tool was unable to find a problem, you can manually repair or reset Winsock.Manual steps to repair or to reset Winsock for Windows Vista users
1. Click , type cmd in the Start Search box, right-click cmd.exe, click Run as administrator, and then press Continue. 2. Type netsh winsock reset at the command prompt, and then press ENTER.
Note If the command is typed incorrectly, you will receive an error message. Type the command again. When the command is completed successfully, a confirmation appears, followed by a new command prompt. Then, go to step 3.3. Type exit, and then press ENTER Hey Presto!!!! After re-booting everything is back online & all necessary windows services & norton 360 are starting as normal.
Further Information on Bonjour Service:
http://en.wikipedia.org/wiki/Bonjour_(software)
As I understand & in my experience the Bonjour service is installed as a sub-aplet with certain 3rd party software applications including Apples itunes & Adobe newest Creative Suite 3 installs Apple’s Bonjour service even if you don’t install Version Cue. Its main goal is to provide zero-configuration connectivity between Version Cue server and the suite’s applications.
A bit more CSi & i've established how to un-install Bonjour service; there is a great topic on this subject at the following URL: http://www.raymond.cc/blog/archives/2008/02/10/how-to-uninstall-or-remove-bonjour-mdnsresponderexe/
Thanks to all for your post & input...it has really helped to get this issue resolved (well for me anyway) & has of course save a re-install!!!!
I will keep an eye on this thread...please post your resolutions / experiences to help others.
Kind regards
Wow I thought for sure that a winsock fix would NEVER resolve a problem with EventLog service not being able to start. Will have to try this fix more often for the odd windows problems that popup from time-to-time. Good catch!! Saved me from doing a reload on a clients computer. Thanks!!
Thank you! this solution solved my problem.
- I finally gave up on this problem, and decided to reinstall Vista from scratch. Actually, I purchased a new hard drive and installed to that (perfect time to expand!) Anyway, I still have the old hard drive with the old installation on in and will try the winsock repair. I'll let you know how it goes.
Dan - Running
netsh winsock reset
fixed my problem. I too had the event service not starting problem.
Uday Hi there Robin. I am an IT Technician & felt that I needed to begin communication with you regarding this issue. I recently made a post in this thread detailing my issues & found resolution. I just wanted to share my post with you & hope that the information is useful to others that need to resolve these issues without re-installing their operating systems. Please find my post below:
Hi all. I am an IT technician & have recently been troubleshooting a customer's Windows Vista Home Premium laptop in a wireless home network.
In a nutshell the laptop suddenly stopped connecting to the wireless router; upon investigation I found lots of windows services were not starting; this sent me on a bit of a wild goose chase as this showed all signs of some kind of trojan / malware infection hogging the system. Here are some of the things I saw:
1). Norton 360 wasn't even running correctly & I was unable to view it's firewall status.
2). Windows firewall was disabled & I was unable to start it (service failed error message).
3). I was unable to view windows event logs & received "Error 1747 : The Authentication Service is Unknown"
4). Windows Side Bar was all blanked out & not showing any gadgets
5). I attempted a system restore but that failed (I saw references in system restore that the Bonjour service had been un-installed)
I did loads of further investigation & found this thread. It would appear that removing, or even trying to remove / un-install the Bonjour service may cause the above mentioned issues in windows Vista. I have not seen this kind of errata in windows XP.
I have heard of people pulling their hair out & re-installing the operating system possibly due to experiencing these issues.
Please Read On....
Resolution that worked for me:
I ran the Winsock corruption fix that is mentioned in previous threads as per microsoft's instructions found at the following URL: http://support.microsoft.com/kb/811259
--------------------------------------------------------------------------------------------------------------------------------
Manual steps to recover from Winsock2 corruption for Windows Vista users
Winsock corruption can cause connectivity problems. To resolve this issue by using Network Diagnostics in Windows Vista, follow these steps:
1.
Click , and then click Network.
2.
Click Network and Sharing Center.
3.
In the Network and Sharing Center box, click Diagnose and Repair.
Note You may also access the Network and Sharing Center in Control Panel.
If the Network and Diagnostic tool was unable to find a problem, you can manually repair or reset Winsock.Manual steps to repair or to reset Winsock for Windows Vista users
1.
Click , type cmd in the Start Search box, right-click cmd.exe, click Run as administrator, and then press Continue.
2.
Type netsh winsock reset at the command prompt, and then press ENTER.
Note If the command is typed incorrectly, you will receive an error message. Type the command again. When the command is completed successfully, a confirmation appears, followed by a new command prompt. Then, go to step 3.3.
Type exit, and then press ENTER
Hey Presto!!!! After re-booting everything is back online & all necessary windows services & norton 360 are starting as normal.
Further Information on Bonjour Service:
http://en.wikipedia.org/wiki/Bonjour_(software)
As I understand & in my experience the Bonjour service is installed as a sub-aplet with certain 3rd party software applications including Apples itunes & Adobe newest Creative Suite 3 installs Apple’s Bonjour service even if you don’t install Version Cue. Its main goal is to provide zero-configuration connectivity between Version Cue server and the suite’s applications.
A bit more CSi & i've established how to un-install Bonjour service; there is a great topic on this subject at the following URL: http://www.raymond.cc/blog/archives/2008/02/10/how-to-uninstall-or-remove-bonjour-mdnsresponderexe/
Thanks to all for your post & input...it has really helped to get this issue resolved (well for me anyway) & has of course save a re-install!!!!
I will keep an eye on this thread...please post your resolutions / experiences to help others.
Kind regards
- netsh winsock reset
worked perfectly for me also. Thanks! I had the same error today. Event Log won't start even restarting 3 times. I have Windows Vista Business. This notebook symthoms were:
- I was unable to browse Internet because network adapters did not take IP.
- Windows Firewall was unable to start
- And the main problem Event Log service gave me Error 1747: The Authentication Service is Unknown.
I apply Manual steps to recover from Winsock corruption- Clic start, type cmd in Search box, right clic cmd.exe, clic Run as Administrator and press Continue.
- Type netsh winsock reset at command prompt, and press ENTER. This gave me an error about a DLL and I run it again without problems.
- Then I type exit and press ENTER and reboot.
After reboot everything works as usual. Thanks for the help Pabs0502.
- hi, i'm experiencing the same trouble:
- Wireless stop working
- Norton show 2 errors that is not able to recover ((Symantec email proxy is not able to execute the e-mail e-mail message scan because the network is not correctly configured) this message show up in both cases (incoming e-mail scan, and outcoming e-mail scan, the 2 norton errors)
- it is impossible to start the event register, it is reporting an error 1747: autentication service unknown
- i follow the suggestion of Mr Robin Meng about the clean boot and the autorization (hkey_local_machine\system\currentcontrolset\serices\enventlog) and i found out the i got the autorization
- i run CMD (with administrator privileges) and i run netsh winsock reset
- in this case i got the following error message;
- impossible to start initialization function InitHelperDll into NSHHTTP.DLL error code 11003.
- the message is continuing with the following sentence:
- Winsock catalog reset completed. re-boot computer to complete the operation
- i run EVENTVWR but i got an error (just for a change!) again: event register service not available. check if the service is in execution
- i run also Clean Boot: hide all microsoft services. No changes
- if a put the mouse on the wireless icon (low left) the pop up is telling: connection status: unknown, start of the group or dependency service non riuscito
- no side bar pictures and gadgets on my desktop
- i cannot recover the Vista operation system. I try to recover the operating system at one point of 3 days ago but i got error messages: impossible to complete system configuration register. Data have not been changed. Details: access denied. (0x80070005)
this is what i got so far, apologize for the English translation.
best regards,
Beppe Montevecchi Hi all,
Thanks for your valuable sharing! I believe it will help a lot for others who encounter similar issues.
Thanks again.- Dear Mr Meng, thanks for your words, however i'm still down with my PC. Could you give me any clue to solve this difficult task?
best regards
Giuseppe - I found the answer to this problem on the it guy forum also. I am almost in disbelief that the classic "Winsock Repair" fixes these service startup problems in vista. Why do these services now rely on Winsock and Why doesn't Microsoft have a knowlege base answer. and to give someone the reply of reormatting and reloading the OS is unacceptable as far as I am concerned.
The thing that is most annoying however is I cannot explain to my customer why the problem occured in the first place nor why reseting the winsock catalogue corrects the problem.
I had an argument with a microsoft engineer about why I thought vista was so pants and how am I suposed to sell/reccomend a product that I dont beleive works properly. His only answer was there were problems with vista pre SP1 but now SP1 is out it is alot better.
However This machine had SP1 and it would appear so did everyone elses.
If someone can explain why the Winsock Catalogue has such a critical role to play in vista's day to day running I would be grateful.
Bob - Holy cow, so many services not working, many seemingly unrelated to networking, and a simple "netsh winock reset" does the trick! Thanks to whoever figured this out!
- Thank you Al Oliveira for posting this solution, "netsh winsock reset". It saved me a ton of headaches this morning with one of the members of my sales team at a client visit. His laptop lost power suddenly causing an unclean shutdown. He plugged laptop into power source and started receiving these 1747 errors and none of his services would start. Your solution fixed the problem. Now if MS couldn't figure this out, why did you and wtf is MS doing with flippin winsock affecting every other service running on the PC?? Crazy.
Cheers,
jjardina - Beautiful! you just saved MONTHs of my hard work! "netsh winsock reset" worked perfectly!!!!!!
- Also, I had to uninstall and reinstall my LAN card driver. Don't know why, but it worked
Thanks a bunch - Finally, a solution has come. I'll definitely remember to run the netsh winsock reset cmd as admin to fix those unnerving Vista issues. Thanks.
- Thanks Robbin and Al, had the same problem and this thread helped me solve it swiftly
- yes, thanks for your help!
I had the same problem over here and found some clues to help:
- tried everything under the sun to fix Event Log
- noticed some errors on other services; almost everything has a dependency based on Windows Event Log, so at first I assumed the error were related to it, but the error in my case was:
"a system call that should never fail has failed"
which is a generic error when MS people run out on creative names for specific errors
Then, looking for a fix on this one, I found this:http://forums.techguy.org/windows-vista/607729-vista-error-10107-system-call.html
and led me to this
To make it short, open a command prompt with administrative rights and run
netsh winsock reset
Restart the computer and for me everything is fine now!
Good Luck
If the above did not work you may have disable Kerberos(to eliminate the kerberos error from the event log) which produces this error
Well i have read right though all the posts here without a solution to fix it, i was at the point of reinstalling, when i did another system restore even further back. This fix it but im not happy with that by not knowing what caused it.
I managed to reproduced it by disabling Kerberos. I found this info here(trying to get rid of the kerberos error from the event log) http://social.technet.microsoft.com/Forums/en-US/itprovistasp/thread/83cdec01-6a5a-4558-9104-23934d231964
By re-enabling the Kerberos with systernals Autoruns fixes it(since i used autoruns originally to disable it) and event log is back to normal. Doing the above steps will reproduce it
Unable to start event log
Error 1747: The Authentication Service is Unknown.
The error that should be safely ignored(why dont they make a filter so we can hide these?)
Event ID 15016 Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
- This same error just struck my Windows 7. The "netsh winsock reset" fix worked just fine.
- Okay after spending hours...HOURS on the phone with my company's outsourced tech help and then never receiving a call back from the main office in Dallas...I finally found this solution to Error 1747 by doing a simple google and finding AL...thanks man! if you are ever in Chicago I owe you a beer!
