Life of a Geek Admin

The Daily adventures of a true geek administrator

Life of a Geek Admin - The Daily adventures of a true geek administrator

Tag Archives: errors

Logging Windows Events using eventcreate.exe

With using batch files and other scripting tools it allows us to automate, one thing we lose with the autromation is the ability to have an event recorded when it fails. Eventcreate.exe enables an administrator to create a custom event in a specified event log.

One use would be with a command script that deletes old logfiles.

The beginning before the execution of cleanup we would write to the application log as an informational alert for the beginning and end of the script.

REM **  put Starting message in Application Log
%SYSTEMROOT%\system32\eventcreate.exe  /T INFORMATION /L APPLICATION /SO Deletelogs /ID 101 /D

‘Delete commands here’

REM **  put Completion message in Application Log
%SYSTEMROOT%\system32\eventcreate.exe  /T INFORMATION /L APPLICATION /SO Deletelogs /ID 201 /D “Completed-Scheduled-Task-to-maintain-Log-files”

More information on the syntax available can be found at Microsoft Technet Article.

This is very helpful in scripts as well as a scheduled tasks and other operations to know what is happening with the system. This works on Windows XP and up.

Virtual Disk Servce Crash on Windows 2003 Issue

Recently been seeing popup errors on Windows 2003 R2 servers running Microsoft SQL 2005 running giving Virtual Disk Service errors. When looking at the event log there are Application errors showing event id 1000. In doing some research found KB949001which a hotfix for the very error.

This hotfix should only be applied to servers experiencing this issue and requires a reboot after applying. According to the article you could see several errors in the event log.

On a Windows Server 2003-based computer, Virtual Disk Service (VDS) experiences an access violation. Then, VDS crashes when the service tries to close. This issue typically occurs when VDS is running under a heavy load.

Additionally, the following events are logged in the Application log and in the System log:

Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: Date
Time: Time
User: N/A
Computer: Computer Name
Description: Faulting application vds.exe, version 5.2.3790.4139, faulting module ntdll.dll, version 5.2.3790.3959, fault address fault address
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: Date: Date
Time: Time
User: N/A
Computer: Computer Name
Description: The Virtual Disk Service terminated unexpectedly. It has done this number time(s).
 
Event Type: Error
Event Source: Virtual Disk Service
Event Category: None
Event ID: 1
Date: Date
Time: Time
User: N/A
Computer: Computer Name
Description: Unexpected failure. Error code: exception code
 
Event Type: Error
Event Source: VDS Basic Provider 1.0
Event Category: None
Event ID: 1
Date: Date
Time: Time
User: N/A Computer: Computer Name
Description: Unexpected failure. Error code: exception code
 
This problem occurs because of a timing issue between two threads in VDS.

VDS maintains a list of software providers. When VDS closes, it releases the reference to software provider objects first. If a disk layout notification message arrives when some objects are freed but when the list is not freed, VDS may access an invalid software provider object. An access violation occurs when VDS accesses this list.

 
After applying the hotfix and rebooting the servers and the errors stopped.

Switch to our mobile site