STOP C000026C

Ewwww, ne'r rains but it pours. Installed the latest Windws Update from MS for my Windows 2000 Server (fixes the DirectX flaw by upgrading to 9.0b) and upon reboot was presented with:

STOP: C000026C Unable to Load Device Driver ... \redbook.sys

Which according to Microsoft's web site supposedly means that there's a damage device driver on the hard disk. My copy of redbook.sys was dated Jun-19-2003 and was 35,344 bytes - on the other Win2K server it's 35,344 bytes. So it's the same size, but perhaps not the same content.

One solution says to boot the setup CD, then go to Recovery (R) and Console (C), pick the number of the installation you wish to use and enter the administrator password. Then type disable xxxxxx.sys where "xxxxxx.sys" is the name of the driver that failed.

Well, I got an error saying that it couldn't find the registry entry for service redbook.sys. I also was unable to copy redbook.sys from \WINNT\$NTServicePackUninstall$ and get it to boot. So finally, I renamed redbook.sys to redbook.bad and got the server to boot.

Not 100% sure what the next step is - guess I'll try copying the redbook.sys from the other Win2K server and see if I can get a boot. (But first, I'll update my ERDs!) -- Well, copying the file from the other server results in BSOD again, so the file that I had on the hard drive was already the proper file. That points to registry as the problem (probably have to uninstall/reinstall the CD-ROM driver as a guess).

So, searching through the registry on the other server for "redbook.sys", I see it occuring under a key that also has "Digital CD Audio Playback Filter Driver" as a value (good find), as well as entries under the EventLog where the different events are defined by the various applications (not important find). Kind-of confirms my guess that I'll need to uninstall/re-install the CD-ROM drivers.

Uninstalling/reinstalling CD-ROM caused the error again. pcAnywhere is also refusing to load the host service when I try to remote in rather then stand at the console. At this point, I've renamed the driver file again, have the system booted up and I'm going to spend some time doing backups and getting the data safely stored before I try other things. (This is my 275Gb RAID5 box, so I'll be rather peeved if I have to rebuild it or I should happen to scramble the disks. I already use an external 120Gb USB2.0 drive as a backup for the contents, so I'd never lose more then a single day.)

Update: Ultimately, I never managed to find/fix the root cause of the issue. Renaming redbook.sys out of the way using the Recovery Console allowed me to boot the server and continue using it normally except for functionality provided by redbook.sys. The server finally crashed hard over the Labor Day weekend requiring me to rebuild it anyway.