SOLVED: BE VirtFile.sys Preventing Re-Installation
Hi all,
SUMMARY:
PS C:\Windows\system32> fltmc
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
FsDepends 8 407000 0
WdFilter 8 328010 0
VirtFile 3 280700 0
storqosflt 1 244000 0
wcifs 0 189900 0
CldFlt 0 180451 0
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 1 40700 0
and trying to remove virtfile.sys:
PS C:\Windows\system32> fltmc unload VirtFile
Unload failed with error: 0x801f0010
Do not detach the filter from the volume at this time.
I've got BE 21.2 R2 - but because it's a charity license (technically an NFR), there's no support, despite having a valid license slf. I've been using BE 20.x and 21.x for about a year now for this charity on a Windows 2019 box. All was fine until last month when backups would get stuck as Queued. They could stay queued for weeks! I'm a volunteer and the only admin. Pretty desperate for help.
I had previously tried everything to get jobs to actually run, including updating to 21.2 from 21.0. I didn't see any activity on any storage, and just to be sure, I added new USB storage and tried a new job to there = still queued forever.
The update to 21.2 (r2 1900) failed and it rolled back. I restarted, and tried again and it did update. But still, no backups would run, they'd just stay queued.
So I tried an uninstall - which failed. After that I couldn't even launch BE.
I've been trying to re-install since them without any luck. I can't even get the agent to install on this server.
+ 06-02-2021,12:42:15 : RAWS_SetLdsVffLogging - Failed to set the registry value 'SYSTEM\CurrentControlSet\Services\VirtFile\Parameters' - [Max Log Entry]=0. Ensure this value is manually set. - Error code 5: Access is denied.
+ 06-02-2021,12:42:20 : RAWS_SetLdsVffLogging - Failed to set the registry value 'SYSTEM\CurrentControlSet\Services\VirtFile\Parameters' - [Max Log Entry]=0. Ensure this value is manually set. - Error code 5: Access is denied.
+ 06-02-2021,12:42:25 : RAWS_SetLdsVffLogging - Failed to set the registry value 'SYSTEM\CurrentControlSet\Services\VirtFile\Parameters' - [Enable Logging]=0. Ensure this value is manually set. - Error code 5: Access is denied.
I've taken ownership of hklm\system\currentcontrolset\serves\virtfile, but I cannot delete that key, I assume because virtfile.sys is running and that appears to have something to do with the lockdown service. Beyond that, I'm lost (as if you couldn't tell)....
Any guidance would be greatly appreciated. I cannot open a case with support because it's a charity license.
Thanks
Safe mode with command prompt. Renamed virtfile.sys, restarted. Then I was able to delete the registry key and 21.2 installed.