Event Source: a

Source:

Application Error

Message:

Faulting application test.exe, version 1.00.0.400, faulting module test.exe, version 1.00.0.400, fault address 0x00031112.

More information

Event ID:

1015

Source:

MsiInstaller

Message:

Failed to connect to server

More information

Event ID:

Source:

NTBackup

Message:

The 'ESE API' returned 'Unable to perform the operation. Either you can not connect to the specified server
or the service you are trying to connect to is not running.
' from a call to 'HrESEBackupRestoreNodes()' additional data ''

More information

Event ID:

Source:

atapi

Message:

The device, \Device\ScsiPort0, did not respond within the timeout period.

More information

Event ID:

Source:

atapi

Message:

The driver detected a controller error on Device\ScsiPort0.

More information

Event ID:

Source:

atapi

Message:

A parity error was detected on [device name].

More information

Event ID:

Source:

Blue Screen Trap

Message:

The firmware update, Version 4.09 P29-09/15/2004, contains critical bug fixes and is the minimum version required. Please perform the update at your earliest convenience. Click on the underlined Version to view more details on the fixes.

Fixes

ProLiant DL380 G3 ROM P29 (09/15/2004)
Updated to integrate the latest Intel processor support code into the System ROM. This works around an issue with the Intel Xeon processor that could cause unexpected behavior or system hang.

More information

Event ID:

20187

Source:

RemoteAccess

Message:

The user xxx\xxx failed an authentication attempt due to the following reason: The user could not be authenticated using Challenge Handshake Authentication Protocol (CHAP). A reversibly encrypted password does not exist for this user account. To ensure that reversibly encrypted passwords are enabled, check either the domain password policy or the password settings on the user account.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

More information

Event ID:

108

Source:

Application Management

Message:

MSI Error - 2755 -

Failed to apply changes to software installation settings. Software changes could not be applied. A previous log entry with details should exist. The error was : The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder.

More information

Event ID:

1507

Source:

OMA Windows 2003

Message:

An unknown error occurred while processing the current request: Exception of type Microsoft.Exchange.OMA.DataProviderInterface.ProviderException was thrown.

Stack trace:
at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)
at System.Web.SessionState.SessionStateModule.CompleteAcquireState()
at System.Web.SessionState.SessionStateModule.BeginAcquireState(Object source, EventArgs e, AsyncCallback cb, Object extraData)
at System.Web.AsyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Error: Exception has been thrown by the target of an invocation.

Stack trace:
at System.Reflection.RuntimeConstructorInfo.InternalInvoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean isBinderDefault)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)

Inner Error: The remote server returned an error: (403) Forbidden.

Stack trace:
at Microsoft.Exchange.OMA.ExchangeDataProvider.OmaWebRequest.GetRequestStream()
at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices.GetSpecialFolders()
at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices..ctor(UserInfo user)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

More information

Event ID:

9143

Source:

MSExchangeSA

Message:

Referral Interface cannot contact any Global Catalog that supports the NSPI Service. Clients making RFR requests will fail to connect until a Global Catalog becomes available again. After a Domain Controller is promoted to a Global Catalog, it must be rebooted to support MAPI Clients.

More information

Event ID:

21083

Source:

Microsoft Operations Manager

Message:

The MOM Server failed to install agent on remote computer xxxx-cb00.xxxx.local.

Error Code: -2147024891

Error Description: Access is denied.

Microsoft Installer Error Description: No Description Available

More information

Event ID:

Source:

MOM Operator Console

Message:

The response processor failed to execute a response. The response returned the error message: The remote procedure call failed.

Response Details:

Rule ID: {xxx-xxx-xx-x-x-x-x-x}
Response description: script: bla
Time of Last Event: 1/14/2005 8:32:42 AM
Time Raised: 1/14/2005 8:32:33 AM
Rule Name: The rule response failed to execute
Modified By: NT AUTHORITY\NETWORK SERVICE

More information

Event ID:

1503

Source:

MSExchangeOMA

Message:

An unknown error occurred while processing the current request:
Message: The remote server returned an error: (403) Forbidden.
Source: Microsoft.Exchange.OMA.ExchangeDataProvider
Stack trace:
at Microsoft.Exchange.OMA.ExchangeDataProvider.OmaWebRequest.GetRequestStream()
at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices.GetSpecialFolders()
at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices..ctor(UserInfo user)

Message: Exception has been thrown by the target of an invocation.
Source: mscorlib
Stack trace:
at System.Reflection.RuntimeConstructorInfo.InternalInvoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean isBinderDefault)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)

Message: Exception of type Microsoft.Exchange.OMA.DataProviderInterface.ProviderException was thrown.
EventMessage:
UserMessage: A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.
Source: Microsoft.Exchange.OMA.UserInterface
Stack trace:
at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)
at System.Web.SessionState.SessionStateModule.RaiseOnStart(EventArgs e)
at System.Web.SessionState.SessionStateModule.CompleteAcquireState()
at System.Web.SessionState.SessionStateModule.BeginAcquireState(Object source, EventArgs e, AsyncCallback cb, Object extraData)
at System.Web.AsyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

More information

Event ID:

8012

Source:

NTBackup

Message:

The 'Active Directory' returned 'A disk I/O error occurred.
' from a call to 'BackupTruncateLogs()' additional data '-'.

More information

Event ID:

322

Source:

SQLSERVERAGENT

Message:

The data portion of event 19002 from MSSQLSERVER is invalid.

More information

Event ID:

277

Source:

PureMessage

Message:

Spam rules update error (CopyFile, dwError = 32) (Error code 0x80041F04) occurred.

More information

Event ID:

Source:

Service Control Manager

Message:

The Microsoft Exchange Routing Engine service failed to start due to the following error:
The executable program that this service is configured to run in does not implement the service.

More information

Event ID:

7024

Source:

Service Control Manager

Message:

The Microsoft Exchange Information Store service terminated with service-specific error 0 (0x0).

More information

Event ID:

40961

Source:

LSASRV

Message:

The Security System could not establish a secured connection with the server DNS/lyra.u.arizona.edu. No authentication protocol was available

More information

Event ID:

Source:

AutoEnrollment

Message:

Automatic certificate enrollment for local system failed to enroll for one Enrollment Agent (Computer) certificate (0x80094012). The permissions on the certificate template do not allow the current user to enroll for this type of certificate.

More information

Event ID:

7010

Source:

MSExchangeTransport

Message:

More information

Event ID:

6004

Source:

MSExchangeTransport

Message:

The categorizer is unable to categorize messages due to a retryable error.

More information

Event ID:

Source:

Service Control Manager

Message:

The PfModNT service failed to start due to the following error:
The system cannot find the file specified.

More information

Event ID:

5008

Source:

MSExchangeSA

Message:

More information

Event ID:

4081

Source:

EM Library

Message:

The "\\SERVER\SophosSBE\" library update task has failed. INDEX 0x8000ffff
Update failed. Parent could not be accessed. Check the parent address/path and access settings. INDEX 0x8000ffff
Could not read the EM Library database. MCID 0x80040403
Could not open requested resource "/update/index/00000000.db". VFS 0x80040403
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Failed to make a connection. VFS 0x80040407
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Could not open requested resource "/update/index/db.inf". VFS 0x80040403
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

More information

Event ID:

7031

Source:

Service Control Manager

Message:

The ServiceABC service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: No action.

More information

Event ID:

Source:

Active Server Pages

Message:

Error: The Template Persistent Cache initialization failed for Application Pool 'DefaultAppPool' because of the following error: Could not create a Disk Cache Sub-directory for the Application Pool. The data may have additional error codes..

More information

Event ID:

Source:

Norton Antivirus

Message:

An infected file has been found.

More information

Event ID:

8000

Source:

NTBackup

Message:

Begin Backup of SERVER\Microsoft Information Store\First Storage Group' Verify: Off Mode: Append Type: Normal

More information

Event ID:

8001

Source:

NTBackup

Message:

End Backup of 'SERVER\Microsoft Information Store\First Storage Group' Verify: Off Mode: Append Type: Normal

More information

Event ID:

Source:

Active Server Pages

Message:

More information

Event ID:

318

Source:

SQLSERVERAGENT

Message:

Unable to read local eventlog (reason: The data area passed to a system call is too small).

More information

Event ID:

11708

Source:

MsiInstaller

Message:

Product: J2SE Runtime Environment 5.0 Update 4 -- Installation failed.

More information

Event ID:

Source:

AutoEnrollment

Message:

Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted.
Enrollment will not be performed.

More information

Event ID:

1030

Source:

MSExchangeIS Public Store

Message:

user@domain.com failed an operation on folder /O=ORG/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=OAB VERSION 3AD24215E446FED006D7E903A387A01BE4002721 on database "First Storage Group\Public Folder Store (SERVER)" because the user did not have the following access rights:
'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item' 'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security Descriptor' 'Contact'
The entry ID of the folder is in the data section of this event.

More information

Event ID:

1022

Source:

IMAP4SVC

Message:

DS lookup for user [USERNAME], connecting from 10.10.10.1, failed with error 0x80040920.

More information

Event ID:

1011

Source:

IMAP4SVC

Message:

Authentication attempt from 10.10.10.1 to [USERNAME] has failed with error 0x52e.

More information

Event ID:

3006

Source:

EvntAgnt

Message:

Error reading log event record. Handle specified is %d. Return code from ReadEventLog is 122.

More information

Event ID:

34113

Source:

Backup Exec

Message:

Backup Exec Alert: Job Failed(Server:

More information

Event ID:

1015

Source:

MsiInstaller

Message:

Failed to connect to server. Error: 0x800401F0

More information

Event ID:

5202

Source:

MegaServ.Log

Message:

Adapter 1: Battery Voltage LOW.

More information

Event ID:

101

Source:

Application Management

Message:

The assignment of application Command AntiVirus for Windows Enterprise from policy Command AV failed. The error was: The group policy framework should call the extension in the synchronous foreground policy refresh.

More information

Event ID:

102

Source:

Application Management

Message:

The install of application "application name" from policy "policy name" failed. The error was : The installation source for this product is not available. Verify that the source exists and that you can access it.

More information

Event ID:

9567

Source:

MSExchangeIS

Message:

Unexpected error 0x8004010f occurred in

More information

Event ID:

1232

Source:

NTDS Replication

Message:

Active Directory attempted to perform a remote procedure call (RPC) to the following server. The call timed out and was cancelled.

Server:
6d0f4d18-521c-4429-8d8e-06faf22b4f57._msdcs.ds.han.xx
Call Timeout (Mins):
5
Thread ID:
fcc

Additional Data
Internal ID:
5001047

More information

Event ID:

65313

Source:

Backup Exec

Message:

Backup Exec Alert: Tape Alert Warning
(Server: "FILE") (Job: "Company - Differential Slot 6") Warning - Library security has been compromised.
Robotic Library for Device: DELL 3

More information

Event ID:

2312

Source:

Navisphere Agent

Message:

Time Stamp 12/31/05 18:59:05 Event Number 908 Severity Error Host CX300_SPB Storage Array APM00050506804 SPB Device SP B Description Fault - Cache Disabling

More information

Event ID:

100

Source:

vmauthd

Message:

VMware process did not start properly.

More information

Event ID:

40968

Source:

LSASRV

Message:

The Security System has received an authentication request that could not be decoded. The request has failed.

More information

Event ID:

Source:

IAS

Message:

A RADIUS message was received from the invalid RADIUS client IP address 192.168.6.60.

More information

Event ID:

6033

Source:

LSASRV

Message:

An anonymous session connected from 192.168.6.60 has attempted to open an LSA policy handle on this machine. The attempt was rejected with STATUS_ACCESS_DENIED to prevent leaking security sensitive information to the anonymous caller.
The application that made this attempt needs to be fixed. Please contact the application vendor. As a temporary workaround, this security measure can be disabled by setting the \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD value to 1.
This message will be logged at most once a day.

More information

Event ID:

Source:

Windows Update Agent

Message:

Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Flash Player (KB913433).

More information

Event ID:

Source:

AutoEnrollment

Message:

Automatic certificate enrollment for local system failed to enroll for one Directory Email Replication certificate (0x80070005). Access is denied.

More information

Event ID:

34113

Source:

Backup Exec

Message:

Backup Exec Alert: Job Failed(Server: 'CWBAPP01') (Job: 'SQL SERVER DAILY - FULL') SQL SERVER DAILY - FULL -- The job failed with the following error: A failure occurred querying the Writer status. For more information, click the following link: http://eventlookup.veritas.com/eventlookup/EventLookup.jhtml

More information

Event ID:

Source:

Windows Update Agent

Category:

Installation

Message:

Installation Failure: Windows failed to install the following update with error 0x80070003: Security Update for Windows XP (KB873339).

More information

Event ID:

318

Source:

SQLAgent

Category:

Alert Engine

Message:

Unable to read local eventlog (reason: The data area passed to a system call is too small).

More information

Event ID:

Source:

VolSnap

Message:

The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

More information

Event ID:

8528

Source:

MSExchangeIS

Category:

General

Message:

The mailbox for /o=First Organization/ou=first administrative group/cn=Recipients/cn=USERNAME has exceeded the maximum mailbox size. This mailbox cannot send or receive messages. Incoming messages to this mailbox are returned to sender. The mailbox owner should be notified about the condition of the mailbox as soon as possible.

More information

Event ID:

3005

Source:

Server ActiveSync

Message:

Unexpected Exchange mailbox Server error: Server: [EXCHANGE.yourdomain.local] User: [youruser@yourdomain.com] HTTP status code: [409]. Verify that the Exchange mailbox Server is working correctly.

More information

Event ID:

Source:

Application Error

Message:

Faulting application iexplore.exe, version 7.0.5730.11, faulting module flash9b.ocx, version 9.0.28.0, fault address 0x00072826.

More information

Event ID:

11718

Source:

MsiInstaller

Message:

Product: Microsoft Visual Studio 2005 Premier Partner Edition - ENU -- Error 1718.File C:\WINDOWS\Installer\236249.msp did not pass the digital signature check. For more information about a possible resolution for this problem, see http://go.microsoft.com/fwlink/?LinkId=73863.

More information

Event ID:

1008

Source:

MsiInstaller

Message:

The installation of C:\WINDOWS\Installer\236249.msp is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

More information

Event ID:

Source:

Windows Update Agent

Category:

Installation

Message:

Installation Failure: Windows failed to install the following update with error 0x80070643: Visual Studio 2005 Service Pack 1.

More information

Event ID:

36882

Source:

Schannel

Message:

The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

More information

Event ID:

2000

Source:

MSExchangeIS Mailbox Store

Category:

MTA Connections

Message:

Verify that the Microsoft Exchange MTA service has started. Consecutive ma-open calls are failing with error 3051.

More information

Event ID:

Source:

PlugPlayManager

Category:

System

Message:

The device Root\LEGACY_ERASERUTILDRV10710\0000 disappeared from the system without first being prepared for removal.

More information

Event ID:

2436

Source:

Office Server Search

Category:

Gatherer

Message:

The start address <http://xxx> cannot be crawled.
Context: Application 'ABC', Catalog 'Portal_Content'
Details:
Element not found.
(0x8002802b)

More information

Event ID:

32068

Source:

Microsoft Fax

Category:

Initialization/Termination

Message:

Event Type: Warning
Event Source: Microsoft Fax
Event Category: Initialization/Termination
Event ID: 32026
Date: 16/11/2005
Time: 05:40:54
User: N/A
Computer: HOUSINGXP
Description:
Fax Service failed to initialize any assigned fax devices (virtual or
TAPI). No faxes can be sent or received until a fax device is
installed.

More information

Event ID:

324

Source:

SQLAgent$SHAREPOINT

Category:

Alert Engine

Message:

SQLAgent is not allowed to run.

More information

Event ID:

2089

Source:

NTDS Replication

Category:

Backup

Message:

This directory partition has not been backed up since at least the following number of days.

Directory partition:
DC=testdcgrnd,DC=local

'Backup latency interval' (days):
90

It is recommended that you take a backup as often as possible to recover from accidental loss of data. However if you haven't taken a backup since at least the 'backup latency interval' number of days, this message will be logged every day until a backup is taken. You can take a backup of any replica that holds this partition.

By default the 'Backup latency interval' is set to half the 'Tombstone Lifetime Interval'. If you want to change the default 'Backup latency interval', you could do so by adding the following registry key.

'Backup latency interval' (days) registry key:
System\CurrentControlSet\Services\NTDS\Parameters\Backup Latency Threshold (days)

More information

Event ID:

2057

Source:

Server Administrator

Category:

Storage Service

Message:

Virtual disk degraded: Virtual Disk 1 (Virtual Disk 1) Controller 0 (PERC 5/i Integrated)

More information

Event ID:

2049

Source:

Server Administrator

Category:

Storage Service

Message:

Physical disk removed: Physical Disk 0:0:0 Controller 0, Connector 0

More information

Event ID:

119

Source:

Software Installation

Message:

Software Installation encountered an unexpected error while reading from the MSI file \\server\Software\Firefox\Firefox-2.0.0.4-en-US.msi. The error was not serious enough to justify halting the operation. The following error was encountered: The operation completed successfully.

More information

Event ID:

4000

Source:

MSExchangeTransport

Category:

Connection Manager

Message:

Message delivery to the remote domain 'somedomain.com' failed for the following reason: Unable to bind to the destination server in DNS.

More information

Event ID:

1103

Source:

MetaFrameEvents

Category:

Printer Management

Message:

An error occured while retrieving client printer properties. Default printer properties will be used instead. Client name: () Printer: (Client/hostname#/printername) Printer driver: (Citrix Universal Printer)

More information

Event ID:

929

Source:

MSExchangeTransport

Message:

Failed in reading Connector's DS Info Process Id: 1100 Process location: C:\WINNT\System32\inetsrv\inetinfo.exe ConnectorDN: CN=External Mail,CN=Connections,CN=First Routing Group,CN=Routing Groups,CN=First Administrative Group,CN=Administrative Groups,CN=APM,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ad,DC=apm,DC=net,DC=au Hr:80040920 Attribute:[]

More information

Event ID:

1001

Source:

Application Hang

Message:

Fault bucket 431401983.

More information

Event ID:

57860

Source:

Backup Exec

Message:

An error occurred while attempting to log in to the following server: "SERVER04\DMD_SERVER".
SQL error number: "4818".
SQL error message: "Login failed for user 'WSM1\Administrator'.
".

More information

Event ID:

1106

Source:

MetaFrameEvents

Message:

Client printer auto-creation failed. The driver could not be installed. Possible reasons for the failure: The driver is not in the list of drivers on the server. The driver cannot be located. The driver has not been mapped. Client name: (CALPC01445) Printer: (HP LaserJet 1020 (from CALPC01445) in session 33) Printer driver: (HP LaserJet 1020)

More information

Event ID:

1106

Source:

MetaFrameEvents

Message:

Client printer auto-creation failed. The driver could not be installed. Possible reasons for the failure: The driver is not in the list of drivers on the server. The driver cannot be located. The driver has not been mapped. Client name: (YYZCHOSRVxxx) Printer: (CutePDF Writer (from YYZCHOSRVxxx) in session 112) Printer driver: (CutePDF Writer)

More information

Event ID:

4009

Source:

Domain Time Server

Message:

Another process has changed the clock rate from 156251/156250 to 156252/156250)

More information

Event ID:

111

Source:

Removable Storage Service

Message:

RSM could not load media in drive Drive 0 of library Iomega RRD2.

More information

Event ID:

7038

Source:

Service Control Manager

Message:

The ABC service was unable to log on as DOMAIN\service.account with the currently configured password due to the following error:
Logon failure: unknown user name or bad password.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

More information

Event ID:

2266

Source:

Server Administrator

Message:

Controller log file entry: VD 00/0 is now OPTIMAL: Virtual Disk 0 (Virtual Disk 0) Controller 0 (PERC 5/i Integrated)

More information

Event ID:

2123

Source:

Server Administrator

Message:

Redundancy lost: Virtual Disk 0 (Virtual Disk 0) Controller 0 (PERC 5/i Integrated)

More information

Event ID:

2048

Source:

Server Administrator

Message:

Device failed: Physical Disk 1:0:9 Controller 0, Connector 1

More information

Event ID:

2057

Source:

Server Administrator

Message:

Virtual disk degraded: Virtual Disk 0 (Virtual Disk 0) Controller 0 (PERC 5/i Integrated)

More information

Event ID:

9688

Source:

MSExchangeIS Mailbox Store

Category:

General

Message:

Exchange store 'First Storage Group\Mailbox Store (SERVER)': The logical size of this database (the logical size equals the physical size of the .edb file and the .stm file minus the logical free space in each) is 16 GB. This database size is approaching the size limit of 18 GB.

If the logical database size exceeds the maximum size limit, it will be dismounted on a regular basis.

For more information, click http://www.microsoft.com/contentredirect.asp.

More information

Event ID:

3201

Source:

NetRAID.Log

Message:

Adapter 0 Channel 0 Target 2: Media Error Count=1, Other Error Count=0

More information

Event ID:

9325

Source:

MSExchangeSA

Message:

OALGen will skip user entry '@ I-Tek GM-TIS Prod TivTalk' in address list '\Global Address List' because the SMTP address '' is invalid. - Default Offline Address List For more information, click http://www.microsoft.com/contentredirect.asp.

More information

Event ID:

9006

Source:

MetaFrame

Message:

Auto Client Reconnect attempted but failed due to incorrect cookie data. NOTE: If this error occurs frequently it may indicate an attempt to gain unauthorized access to the system.

More information

Event ID:

2089

Source:

NTDS Replication

Message:

This directory partition has not been backed up since at least the following number of days. Directory partition: DC=BarrettHospital,DC=local 'Backup latency interval' (days): 30 It is recommended that you take a backup as often as possible to recover from accidental loss of data. However if you haven't taken a backup since at least the 'backup latency interval' number of days, this message will be logged every day until a backup is taken. You can take a backup of any replica that holds this partition. By default the 'Backup latency interval' is set to half the 'Tombstone Lifetime Interval'. If you want to change the default 'Backup latency interval', you could do so by adding the following registry key. 'Backup latency interval' (days) registry key: System\CurrentControlSet\Services\NTDS\Parameters\Backup Latency Threshold (days)

More information

Event ID:

11328

Source:

MsiInstaller

Message:

Product: QuickBooks -- Error 1328.Error applying patch to file C:\Config.Msi\PT43.tmp. It has probably been updated by other means, and can no longer be modified by this patch. For more information contact your patch vendor. System Error: -1072807676

More information

Event ID:

32003

Source:

ipnathlp

Message:

The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

More information

Event ID:

20050

Source:

RemoteAccess

Message:

The user DOMAIN\User connected to port VPN4-5 has been disconnected because no network protocols were successfully negotiated.

More information

Event ID:

2094

Source:

Server Administrator

Message:

Predictive Failure reported: Array Disk 0:4 Controller 0, Connector 0

More information

Event ID:

Source:

Unlocker application

Message:

\Device\UnlockerDriver5/

0000: 00 00 00 00 01 00 68 00 00 00 00 00 36 00 04 80
0001: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0002: 00 00 00 00 00 00 00 00

More information

Event ID:

Source:

AutoEnrollment

Message:

Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied.

More information

Event ID:

Source:

Windows Update Agent

Message:

Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)

More information

Event ID:

Source:

Windows Update Agent

Message:

Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)
Installation Error: the installation of the following update has failed with error 0x80070643: Security Update for Microsoft .NET Framework Verion 1.1 Service Pack 1 (KB928366)

More information

Event ID:

Source:

Microsoft-Windows-ApplicationExperienceInfrastructure

Message:

The application (OfficeScan Client, from vendor Trend Micro, INC.) has the following problem: OfficeScan Client is incompatible with this version of Windows. For more information, contact Trend Micro, INC..

More information

Event ID:

1334

Source:

ASP.NET 2.0.50727.0

Message:

An unhandled exception occurred and the process was terminated.

Application ID: /LM/W3SVC/1694288962/ROOT/ReportingWebService

Process ID: 5568

Exception: System.ArgumentOutOfRangeException

Message: Index was out of range. Must be non-negative and less than the size of the collection.
Parameter name: index

StackTrace:
Server stack trace:
at System.Collections.ArrayList.get_Item(Int32 index)
at System.Collections.Specialized.StringCollection.get_Item(Int32 index)
at Microsoft.UpdateServices.Internal.Reporting.ExtendedData.ToString()
at Microsoft.UpdateServices.Internal.Reporting.ReportingEvent.ToString()
at Microsoft.UpdateServices.Internal.Reporting.DebugEventHandler.HandleEvent(IReportingInformation[] itemList)
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]

More information

Event ID:

Source:

Application Error

Message:

Faulting application eventsentry_svc.exe, version 2.60.0.130, faulting module eventsentry_svc.exe, version 2.60.0.130, fault address 0x0002eafa.

More information

Event ID:

11001

Source:

.NET Runtime Optimization Service

Message:

.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: Microsoft.ReportingServices.QueryDesigners, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002

More information

Event ID:

9519

Source:

MSExchangeIS

Category:

General

Message:

Error 0xfffffde0 starting database "First Storage Group\Mailbox Store (SERVER)" on the Microsoft Exchange Information Store.

More information

Event ID:

9175

Source:

MSExchangeSA

Category:

MAPI Session

Message:

The MAPI call 'OpenMsgStore' failed with the following error:
The attempt to log on to the Microsoft Exchange Server computer has failed.
The MAPI provider failed.
Microsoft Exchange Server Information Store
ID no: 8004011d-0512-00000000

More information

Event ID:

1030

Source:

MSExchangeIS Public Store

Category:

Access Control

Message:

More information

Event ID:

44044

Source:

ati2mtag

Message:

I2c return failed

More information

Event ID:

Source:

Windows Update Agent

Category:

Installation

Message:

Installation Failure: Windows failed to install the following update with error 0x80070643: Update for .NET Framework 3.0: x86 (KB932471).

More information

Event ID:

1586

Source:

NTDS Replication

Message:

The Windows NT 4.0 or earlier replication checkpoint with the PDC emulator master was unsuccessful.

A full synchronization of the security accounts manager (SAM) database to domain controllers running Windows NT 4.0 and earlier might take place if the PDC emulator master role is transferred to the local domain controller before the next successful checkpoint.

The checkpoint process will be tried again in four hours.

Additional Data
Error value:
1722 The RPC server is unavailable.

More information

Event ID:

6801

Source:

Office SharePoint Server

Category:

Office Server Shared Services

Message:

490684
Application
Warning
Office SharePoint Server
Office Server Shared Services
6801
REPORT
5/28/2008 12:00:01 AM
The OSS SQM Data Collection Job encountered a problem.

Reason: The site with the id 6543302f-5713-47ba-ac93-ba38dd1d9cd6 could not be found.

Technical Support Details:
System.IO.FileNotFoundException: The site with the id 6543302f-5713-47ba-ac93-ba38dd1d9cd6 could not be found.
at Microsoft.SharePoint.SPSite..ctor(Guid id, SPFarm farm, SPUrlZone zone, SPUserToken userToken)
at Microsoft.SharePoint.SPSite..ctor(Guid id, SPFarm farm, SPUrlZone zone)
at Microsoft.SharePoint.SPSite.LookupUriInRemoteFarm(SPFarm farm, Guid id, SPUrlZone zone)
at Microsoft.Office.Server.Administration.SharedResourceProvider.GetAdministrationSiteUrl(SPUrlZone zone)
at Microsoft.Office.Server.ServerContext.GetAdministrationSiteUrl(SPUrlZone zone)
at Microsoft.Office.Server.Audience.AudienceSiteInfo..ctor(ServerContext serverContext, Boolean bCentral, Boolean bPublic, AudienceAccessRights AccessRights)
at Microsoft.Office.Server.Audience.AudienceManager.get_Audiences()
at Microsoft.Office.Server.Diagnostics.StaticSqmDataCollectionJob.RecordAudienceApplicationSspData(SharedResourceProvider ssp)
at Microsoft.Office.Server.Diagnostics.StaticSqmDataCollectionJob.RecordSspData(SharedResourceProvider ssp)

More information

Event ID:

11718

Source:

MsiInstaller

Message:

Product: Microsoft Visual Studio 2005 Professional Edition - ENU -- Error 1718.File C:\WINDOWS\Installer\a4cb8.msp did not pass the digital signature check. For more information about a possible resolution for this problem, see http://go.microsoft.com/fwlink/?LinkId=73863.

More information

Event ID:

7030

Source:

Service Control Manager

Message:

The APC UPS Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

More information

Event ID:

5032

Source:

Microsoft-Windows-Security-Auditing

Category:

Other System Events

Message:

Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

Error Code: 2

More information

Event ID:

6398

Source:

Windows SharePoint Services 3

Category:

Timer

Message:

The Execute method of job definition Microsoft.Office.Server.Administration.ApplicationServerAdministrationServiceJob (ID 693fe0b2-6c9f-47bf-9d1a-c6a2aa7cd3c3) threw an exception. More information is included below.

Attempted to read or write protected memory. This is often an indication that other memory is corrupt.

More information

Event ID:

4373

Source:

NtServicePack

Message:

Windows XP Service Pack 3 installation failed.
Access is denied.

More information

Event ID:

234

Source:

ActiveDocs Enterprise - Web Wizard

Message:

Error occured InitializeDeliveryServices services.Thread was being aborted. at DocumentDelivery.CheckQueues.CheckQueues() at DocumentDelivery.DeliveryServicesMonitor.RefreshDeliveryServices() at DocumentDelivery.DeliveryServicesMonitor.InitializeDeliveryServices() -

More information

Event ID:

982

Source:

ActiveDocs Enterprise - Web Wizard

Message:

An error occured in the ActiveDocs Enterprise Service while checking queues for the database 'activedocs' on Server 'PROV109\ACTIVEDOCS' [D:\Applications\ActiveDocs\DocGenerator\activedocs.config]. Thread was being aborted. at WWTManager.WWTManager.CheckConversionAndDeliveryTimeOuts() at DocumentDelivery.CheckQueues.CheckQueues() - PROV109\ACTIVEDOCS - activedocs

More information

Event ID:

2019

Source:

EvntAgnt

Message:

SNMP Event Log Extension Agent did not initialize correctly.

More information

Event ID:

1020

Source:

EvntAgnt

Message:

Error processing registry parameters. Extension agent terminating.

More information

Event ID:

3005

Source:

EvntAgnt

Message:

Error positioning to end of log file -- seek to end of log failed. Handle specified is 635992. Return code from ReadEventLog is 1500.

More information

Event ID:

2019

Source:

EvntAgnt

Message:

SNMP Event Log Extension Agent did not initialize correctly.

More information

Event ID:

17055

Source:

MSSQL$ACTIVEDOCS

Message:

3041 :BACKUP failed to complete the command BACKUP DATABASE [activedocs] TO DISK = N'd:\microsoft\mssqldata\MSSQL$ACTIVEDOCS\BACKUP\activedocs\activedocs_db_200809021915.BAK' WITH INIT , NOUNLOAD , NOSKIP , STATS = 10, NOFORMAT

More information

Event ID:

17055

Source:

MSSQL$ACTIVEDOCS

Message:

18210 :BackupMedium::ReportIoError: write failure on backup device 'd:\microsoft\mssqldata\MSSQL$ACTIVEDOCS\BACKUP\activedocs\activedocs_db_200809021915.BAK'. Operating system error 112(There is not enough space on the disk.).

More information

Event ID:

12291

Source:

SQLISPackage

Message:

Package 'transbackup' failed.

More information

Event ID:

103

Source:

Application Management Group Policy

Message:

The removal of the assignment of application MySQL Connector/ODBC 5.1 from policy Software Installation failed. The error was : The system cannot find the file specified.

More information

Event ID:

108

Source:

Application Management Group Policy

Message:

Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : The group policy framework should call the extension in the synchronous foreground policy refresh.

More information

Event ID:

3015

Source:

Server ActiveSync

Message:

IP-based AUTD failed to initialize because the processing of notifications could not be setup. Error code [0x80004005]. Verify that no other applications are currently bound to UDP port [2883], or try specifying a different port number.

More information

Event ID:

3024

Source:

Server ActiveSync

Message:

IP-based AUTD failed to initialize. Error code: [0x80004005].

More information

Event ID:

34114

Source:

Backup Exec

Message:

Backup Exec Alert: Job Cancellation
(Server: "servername") (Job: "Daily") The job was canceled because the response to a media request alert was Cancel, or because the alert was configured to automatically respond with Cancel, or because the Backup Exec Job Engine service was stopped.

For more information, click the following link:
http://eventlookup.veritas.com/eventlookup/EventLookup.jhtml

More information

Event ID:

Source:

volsnap

Message:

The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

More information

Event ID:

Source:

VWServicesPA

Message:

Source: Process AnalyzerCube Processing Status: DTSRun: Loading...DTSRun: Executing...DTSRun OnStart: DTSStep_DTSOlapProcess.Task_1DTSRun OnError: DTSStep_DTSOlapProcess.Task_1, Error = -2147221384 (80040078) Error string: More than the maximum of 64,000 dimension member children for a single parent (dimension 'Zaaknummer', level 'Zaaknummer', member '141715'). Error source: Zaaknummer Help file: Help context: 1000440Error Detail Records:Error: 0 (0)

More information

Event ID:

6398

Source:

Windows SharePoint Services 3

Message:

The Execute method of job definition Microsoft.Office.Server.Administration.ApplicationServerAdministrationServiceJob (ID a778c03a-b4d5-47ad-b0d5-6130b9c8ba14) threw an exception. More information is included below.

Attempted to read or write protected memory. This is often an indication that other memory is corrupt.

More information

Event ID:

9646

Source:

MSExchangeIS

Message:

Mapi session '/O=Stercomm/OU=Amsterdam/cn=Recipients/cn=OBlanc' exceeded the maximum of 500 objects of type 'objtFolder'. For more information, click http://www.microsoft.com/contentredirect.asp.

More information

Event ID:

45062

Source:

atikmdag

Category:

CRT

Message:

CRT invalid display type

More information

Event ID:

3015

Source:

MSExchangeTransport

Message:

A non-delivery report with a status code of 5.3.0 was generated for recipient rfc822

More information

Event ID:

Source:

Application Error

Message:

Faulting application NICA.exe, version 1.1.0.60823, faulting module NICA.exe, version 1.1.0.60823, fault address 0x0002af39.

More information

Event ID:

7009

Source:

Service Control Manager

Category:

None

Message:

Timeout (30000 milliseconds) waiting for the hpqwmiex service to connect.

More information

Event ID:

33152

Source:

Backup Exec

Category:

Message:

Adamm Mover Error: Unload Rewind Failure!
Error = ERROR_IO_DEVICE
Drive = "HP 2"
2E6FDCE6-51A8-4918-B499-9233C643E041
Media = ""
00000000-0000-0000-0000-000000000000
Read Mode: SingleBlock(0), ScsiPass(0)
Write Mode: SingleBlock(1), ScsiPass(1)

More information

Event ID:

1147

Source:

MS ExchangeIS Mailbox

Category:

Rules

Message:

Error 1245 while disabling rule on public folder with rule ID <rule id number>. The folder ID of the public folder is in the data section of this event.

More information

Event ID:

13042

Source:

Windows Server Update

Category:

Clients

Message:

Self-update is not working

More information

Event ID:

502

Source:

Share Point Portal Administration

Category:

None

Message:

An exception occured in the search synchronizer.

More information

Event ID:

15300

Source:

Microsoft-Windows-WPD-MTPClassDriver

Category:

Driver Initilization.

Message:

MTP WPD Driver has failed to start. Error 0x8007001f.

More information

Event ID:

5785

Source:

Sharepoint server 2007

Category:

Publishing Cache

Message:

Unable to connect publishing custom string handler for output caching. IIS Instance Id is '762598284', Url is 'http://spoint2007/....html'.

More information

Event ID:

40960

Source:

LSASRV

Category:

SPNEGO (Negotiator)

Message:

The Security System detected an authentication error for the server cifs/SERVER.domain.local. The failure code from authentication protocol Kerberos was "The specified user does not exist.
(0xc0000064)".

More information

Event ID:

333

Source:

Application Popup

Message:

An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in, or write out, or flush, one of the files that contain the system's image of the Registry.

More information

Event ID:

Source:

MSSOAP

Message:

Soap error: Restoring data into SoapMapper GetAuthenticationTicketResult failed.

More information

Event ID:

Source:

MSSOAP

Message:

Soap error: Unspecified client error..

More information

Event ID:

3030

Source:

APCPBEAgent

Message:

"Insufficient Runtime Available"

More information

Event ID:

4248

Source:

cpqasm2

Message:

Memory module #5 has exceeded its threshold of correctable errors. Subsequent correctable memory errors will continue to be corrected.

More information

Event ID:

2007

Source:

APCPBEAgent

Message:

"AVR Trim Active"

More information

Event ID:

3031

Source:

Windows Search Service

Category:

Gatherer

Message:

A document ID cannot be allocated.
Context: Windows Application, SystemIndex Catalog
Details:
The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (0x8004117f)

More information

Event ID:

11166

Source:

DnsApi

Message:

The system failed to register host (A or AAAA) resource records (RRs) for network adapter
with settings:

Adapter Name : 27E49756-7394-4750-8CDC-8D3EAF944953
Host Name : YOURSERVER
Primary Domain Suffix : yourdomain.local
DNS server list :
192.168.2.10, 192.168.2.11
Sent update to server : 192.168.2.10:53
IP Address(es) :
192.168.2.95

The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.

You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below.

More information

Event ID:

3299

Source:

Apache Service

Message:

The Apache service named reported the following error:
>>> httpd.exe: Syntax error on line 116 of C:/Program Files (x86)/CollabNet Subversion Server/httpd/conf/httpd.conf: Cannot load C:/Program Files (x86)/CollabNet Subversion Server/httpd/modules/mod_dav_svn.so into server: The specified module could not be found.

More information

Event ID:

4634

Source:

Microsoft-Windows-Security-Auditing

Category:

Logoff

Message:

An account was logged off.

Subject:
Security ID: TESTGROUND\cacheduser
Account Name: cacheduser
Account Domain: TESTGROUND
Logon ID: 0xbed3f1

Logon Type: 2

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.

More information

Event ID:

4647

Source:

Microsoft-Windows-Security-Auditing

Category:

Logoff

Message:

User initiated logoff:

Subject:
Security ID: TESTGROUND\cacheduser
Account Name: cacheduser
Account Domain: TESTGROUND
Logon ID: 0xbed3f1

This event is generated when a logoff is initiated but the token reference count is not zero and the logon session cannot be destroyed. No further user-initiated activity can occur. This event can be interpreted as a logoff event.

More information

Event ID:

1306

Source:

Server Administrator

Category:

Instrumentation Service

Message:

Redundancy lost
Redundancy unit: System Board PS Redundancy
Chassis location: Main System Chassis
Previous redundancy state was: Normal

More information

Event ID:

4173

Source:

cpqasm2

Message:

Power supply #1 has failed.

More information

Event ID:

1125

Source:

Server Agents

Category:

Events

Message:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system is in a failed state. Restore power or replace the failed power supply.
Chassis: '0'; Bay: '1'
[SNMP TRAP: 6050 in CPQHLTH.MIB]

More information

Event ID:

1126

Source:

Server Agents

Category:

Events

Message:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system has lost redundancy. Restore power or replace any failed or missing power supplies.
Chassis: '0'
[SNMP TRAP: 6032 in CPQHLTH.MIB]

More information

Event ID:

1118

Source:

Server Agents

Category:

Events

Message:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system has been returned to the OK state.
Chassis: '0'; Bay: '1'
[SNMP TRAP: 6048 in CPQHLTH.MIB]

More information

Event ID:

1029

Source:

Server Agents

Category:

Events

Message:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system has returned to a redundant state.
Chassis: '0'
[SNMP TRAP: 6054 in CPQHLTH.MIB]

More information

Event ID:

9241

Source:

ap_notify

Category:

1184 (no category messagefile registered)

Message:

Error (9241), SMTP notification error: smtplib.SMTPException: No suitable authentication method found. (failure)
pid="3756:236"

More information

Event ID:

7026

Source:

Service Control Manager

Message:

The following boot-start or system-start driver(s) failed to load: storflt

More information

Event ID:

7011

Source:

Service Control Manager

Category:

Error

Message:

EVENT # 9697313
EVENT LOG System
EVENT TYPE Error
SOURCE Service Control Manager
EVENT ID 7011
COMPUTERNAME SERVER
DATE / TIME 7/28/2009 8:11:23 PM
MESSAGE Timeout (30000 milliseconds) waiting for a transaction response from the SharedAccess service.

More information

Event ID:

1004

Source:

Application error

Category:

100

Message:

Faulting application wmiprvse.exe, version 5.2.3790.0, faulting module ntdll.dll, version 5.2.3790.0, fault address 0x0002caa2.

More information

Event ID:

13031

Source:

Windows Server Update Services

Category:

Clients

Message:

Some client computers have not reported back to the server in the last 30 days. 4 have been detected so far.

More information

Event ID:

513

Source:

Microsoft-Windows-CAPI2

Category:

Application

Message:

Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
System Error:
Access is denied.
..

More information

Event ID:

Source:

FrontPage 5.0

Message:

Microsoft FrontPage Server Extensions:
Error #3005f Message: Unable to read configuration for Microsoft Internet Information Server.

More information

Event ID:

8206

Source:

MSExchangeFBPublish

Category:

General

Message:

Unable to prepare message table for polling thread processing on virtual machine WCC-EXCHANGE-4. The error number is 0x80040115. Make sure that the Microsoft Exchange Information Store service is running.

More information

Event ID:

1553

Source:

Server Administrator

Category:

Instrumentation Service

Message:

Log size is near or at capacity
Log type: ESM

More information

Event ID:

Source:

HAL

Category:

System

Message:

The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

More information

Event ID:

36888

Source:

Schannel

Message:

The following fatal alert was generated: 10. The internal error state is 10.

- System

- Provider

[ Name] Schannel
[ Guid] {1F678132-5938-4686-9FDC-C8FF68F15C85}

EventID 36888

Version 0

Level 2

Task 0

Opcode 0

Keywords 0x8000000000000000

- TimeCreated

[ SystemTime] 2009-10-29T14:17:42.310964400Z

EventRecordID 27115

Correlation

- Execution

[ ProcessID] 500
[ ThreadID] 4548

Channel System

Computer OfficePC

- Security

[ UserID] S-1-5-18

- EventData

AlertDesc 10
ErrorState 10

More information

Event ID:

4099

Source:

Windows Backup

Message:

File backup was cancelled by the user.

More information

Event ID:

1111

Source:

Server Agents

Category:

Events

Message:

Remote Insight Agent: The Remote Insight Board/Integrated Lights-Out has detected a controller interface error.
[SNMP TRAP: 9006 in CPQSM2.MIB]

More information

Event ID:

Source:

VDS Basic Provider

Message:

Unexpected failure. Error code: 490@01010004

More information

Event ID:

Source:

3wareDrv

Message:

AEN: SECTOR_REPAIR (port=1, LBA=0xEFFD80)

More information

Event ID:

Source:

3wareDrv

Message:

AEN: DEGRADED_UNIT (unit=0, port=1)

More information

Event ID:

11164

Source:

DnsApi

Message:

The system failed to register host (A or AAAA) resource records for network adapter
with settings:

Adapter Name : {D37428FB-D073-4403-87B8-3941F1C3A2B4}
Host Name : MYSERVER
Primary Domain Suffix : mydomain.local
DNS server list :
fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3
Sent update to server : <?>
IP Address(es) :
192.168.111.1

Either the DNS server does not support the DNS dynamic update protocol or the authoritative zone for the specified DNS domain name does not accept dynamic updates.

To register the DNS host (A or AAAA) resource records using the specific DNS domain name and IP addresses for this adapter, contact your DNS server or network systems administrator.

More information

Event ID:

Source:

Server Administrator

Category:

Storage Service

Message:

Controller event log: PD missing: SasAddr=0x5000c50001cde56d, ArrayRef=1, RowIndex=0x3, EnclPd=0xff, Slot=5.
: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

Source:

Server Administrator

Category:

Storage Service

Message:

Controller event log: PDs missing from configuration at boot: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

Source:

Server Administrator

Category:

Storage Service

Message:

Controller event log: VDs missing drives and will go offline at boot: 01: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

Source:

Server Administrator

Message:

Controller event log: VD 01/1 is now OFFLINE: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

Source:

Server Administrator

Category:

Storage Service

Message:

Controller event log: PD 04(e0/s4) is not a certified drive: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

Source:

Server Administrator

Category:

Storage Service

Message:

Controller event log: PD 04(e0/s4) is not a certified drive: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

Source:

PlugPlayManager

Message:

The device 'Storage miniport driver' (VMBUS\1481C722-3FBE-4DD2-9468-7D8F1396B27D\1&3189fc23&0&{1481c722-3fbe-4dd2-9468-7d8f1396b27d}) disappeared from the system without first being prepared for removal.

More information

Event ID:

Source:

PlugPlayManager

Message:

The device 'Msft Virtual Disk SCSI Disk Device' (SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&240474ae&0&000000) disappeared from the system without first being prepared for removal.

More information

Event ID:

4103

Source:

Windows Backup

Message:

The backup did not complete because of an error writing to the backup location B:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

More information

Event ID:

6281

Source:

Microsoft-Windows-Security-Auditing

Category:

System Integrity

Message:

Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\l3codeca.acm

More information

Event ID:

1554

Source:

Server Administrator

Category:

Instrumentation Service

Message:

Log size is full
Log type: ESM

More information

Event ID:

1024

Source:

MsiInstaller

Message:

Product: Adobe Reader 9.3 - Update '{AC76BA86-7AD7-0000-2550-7A8C40000934}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

More information

Event ID:

Source:

3wareDrv

Message:

AEN: APORT_TIMEOUT_DETECTED (port=0)

More information

Event ID:

7036

Source:

service control manager

Message:

The Debug Diagnostic service entered the running state

More information

Event ID:

9782

Source:

MSExchangeIS

Category:

Exchange VSS Writer

Message:

Exchange VSS Writer (instance 6c1b73a7-5922-480e-a8ef-f89e3b34780a:20) has unsuccessfully completed the backup of storage group 'First Storage Group'. No log files have been truncated for this storage group.

More information

Event ID:

517

Source:

Microsoft-Windows-Backup

Category:

Application

Message:

%%2147942405

More information

Event ID:

1002

Source:

Application Hang

Category:

101

Message:

Hanging application Customer.exe, version 6.0.16.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

More information

Event ID:

7024

Source:

service control manager

Category:

none

Message:

The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).

More information

Event ID:

Source:

application error

Category:

100

Message:

Faulting application Ppcl.exe, version 8.1.660.0, faulting module ntdll.dll, version 5.2.3790.4455, fault address 0x0002860e.

More information

Event ID:

6032

Source:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system

Message:

More information

Event ID:

6050

Source:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system

Message:

System Information Agent: Health: The Fault Tolerant Power Supply Sub-system is in a failed state. Restore power or replace the failed power supply.
Chassis: '0'; Bay: '2'
[SNMP TRAP: 6050 in CPQHLTH.MIB]
Detected by application: Server Agents

More information

Event ID:

1107

Source:

MetaFrameEvents

Category:

Printer Management

Message:

Client printer auto-creation failed. The driver could not be installed. Possible reasons for the failure: The driver is not in the list of drivers on the server. The driver cannot be located. Driver mapping is incorrect. Client name: (WI_0NZOY79v2OfWLkfXH) Printer: (FBC-HR-3700 on ps_1 (from WI_0NZOY79v2OfWLkfXH) in session 4) Client Printer driver: (HP COLOR LASERJET 3700 PCL 6) Server Printer driver: (HP Color LaserJet 3700 PCL 6)

More information

Event ID:

1006

Source:

NVRAIDSERVICE

Message:

Access failure: Critical error on disk XXXXXXX (Port: SATA 2.0).

More information

Event ID:

999

Source:

NVRAIDSERVICE

Message:

Error message from one of the disks failing on an onboard nVidia nForce4 RAID controller.

More information

Event ID:

9099

Source:

MSExchangeSA

Category:

Monitoring

Message:

The MAD Monitoring thread was unable to read the state of the services, error '0x80010108'.

For more information, click http://www.microsoft.com/contentredirect.asp.

More information

Event ID:

7034

Source:

Service Control Manager

Message:

________________________________________
EVENT # 170686
EVENT LOG System
EVENT TYPE Error
SOURCE Service Control Manager
EVENT ID 7034
COMPUTERNAME HDQ121
DATE / TIME 3/8/2011 3:29:02 PM
MESSAGE The McAfee Engine Service service terminated unexpectedly. It has done this 2 time(s).
________________________________________

Find out more about the event at http://www.myeventlog.com.

More information

Event ID:

1033

Source:

MSExchange ActiveSync

Category:

Configuration

Message:

The setting ExternalProxy in the Web.Config file was not valid. The previous value was null and has been changed to .

More information

Event ID:

8017

Source:

NTBackup

Message:

NTBackup error: 'The operation failed. Consult the Backup Report for more details.'

More information

Event ID:

Source:

Microsoft-Windows-WindowsUpdateClient

Category:

Windows Update Agent

Message:

Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for SQL Server 2008 R2 (KB2494088).

More information

Event ID:

Source:

3wareDrv

Category:

None

Message:

FW: AEN 0x10D:

More information

Event ID:

Source:

Microsoft-SharePoint Products-SharePoint Foundation Search

Category:

Gatherer

Message:

The mount operation for the gatherer application 00000000-0000-0000-0000-000000000000 has failed because the schema version of the search administration database is less than the minimum backwards compatibility schema version supported for this gatherer application. The database might not have been upgraded.

More information

Event ID:

36869

Source:

Schannel

Message:

The SSL server credential's certificate does not have a private key information property attached to it. This most often occurs when a certificate is backed up incorrectly and then later restored. This message can also indicate a certificate enrollment failure.

More information

Event ID:

6145

Source:

Microsoft-Windows-Security-Auditing

Category:

Other Policy Change Events

Message:

One or more errors occured while processing security policy in the group policy objects.

Error Code: 87
GPO List:
{F0DF8E32-7E0A-4B67-1234-9BD831BFE64C} Windows Audit & Event Log Settings
{AAC1786C-016F-11D2-9012-00C04fB984F9} Default Domain Controllers Policy
{91B2F340-016D-11D2-1234-00C04FB984F9} Default Domain Policy

More information

Event ID:

4107

Source:

Microsoft-Windows-CAPI2

Message:

Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

More information

Event ID:

2004

Source:

Microsoft-Windows-Resource-Exhaustion-Detector

Category:

Resource Exhaustion Diagnosis Events

Message:

Windows successfully diagnosed a low virtual memory condition. The following programs consumed the most virtual memory: SomeProcess.exe (848) consumed 372129792 bytes, Procmon64.exe (3616) consumed 209563648 bytes, and devenv.exe (6364) consumed 201162752 bytes.

More information

Event ID:

2266

Source:

Server Administrator

Category:

Storage Service

Message:

Controller log file entry: Physical Disk 1:0:4 Controller 0, Connector 1

More information

Event ID:

2095

Source:

Server Administrator

Category:

Storage Service

Message:

Unexpected sense. SCSI sense data: Sense key: 3 Sense code: 11 Sense qualifier: 0: Physical Disk 1:0:4 Controller 0, Connector 1

More information

Event ID:

4154

Source:

cpqasm2

Message:

The power sub-system is no longer redundant.

More information

Event ID:

4104

Source:

Windows Backup

Message:

The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

More information

Event ID:

2166

Source:

Server Administrator

Category:

Storage Service

Message:

The RAID controller firmware and driver validation was not performed. The configuration file is out of date or corrupted. C:\Program Files (x86)\Dell\SysMgt\sm\cfg\: Controller 0 (SAS 6/iR Integrated)

More information

Event ID:

Source:

Schannel

Category:

System

Message:

The following fatal alert was received: 46

More information

Event ID:

1128

Source:

Server Agents

Category:

System

Message:

System Information Agent: Health: Fault Tolerant Power Supply Removed. A hot-plug fault tolerant power supply has been removed from the system.
Chassis: '0'; Bay: '2'
[SNMP TRAP: 6034 in CPQHLTH.MIB]

More information

Event ID:

7040

Source:

Service Control Manager

Message:

The start type of the Windows Modules Installer service was changed from auto start to demand start.

More information

Event ID:

4951

Source:

Microsoft-Windows-Security-Auditing

Category:

MPSSVC Rule-Level Policy Change

Message:

Windows Firewall ignored a rule because its major version number is not recognized.

Profile: All

Ignored Rule:
ID: clr_optimization_v4.0.30319_32-1
Name: -

More information

Event ID:

105

Source:

hpdiags

Message:

The description for Event ID ( 105 ) in Source ( hpdiags ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details.

More information

Event ID:

Source:

AtBroker

Message:

GetSessionValue Failed to Open session value return error 2

More information

Event ID:

Source:

Microsoft-Windows-Service Pack Installer

Message:

There is not enough free disk space to install the Service Pack. Required=4834 MB.

More information

Event ID:

Source:

MSExchange CmdletLogs

Category:

General

Message:

Cmdlet suceeded. Cmdlet New-Mailbox, parameters {Name=Johnny Test User, UserPrincipalName=johnnytest@domain.local, ResetPasswordOnNextLogon=False, FirstName=Johnny, Initials=, Password=System.Security.SecureString, LastName=Test, Alias=johnnytest, SamAccountName=johnnytest}.

More information

Event ID:

18500

Source:

Microsoft-Windows-Hyper-V-Worker-Admin

Message:

'VM-SRV-001' started successfully. (Virtual machine ID D8EB8812-63FE-468A-9545-1E2028EC1F5F)

More information

Event ID:

7031

Source:

Service Control Manager

Message:

The EventSentry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

More information

Event ID:

4634

Source:

Microsoft-Windows-Security-Auditing

Category:

Logoff

Message:

An account was logged off.

Subject:
Security ID: Domain\ad2user
Account Name: ad1user
Account Domain: Domain
Logon ID: 0xbb55b23

Logon Type: 3

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.

More information

Event ID:

Source:

Microsoft-Windows-CertificateServicesClient-AutoEnrollment

Message:

Certificate for %1 with Thumbprint %2 is about to expire or has already expired.

More information

Event ID:

6145

Source:

ati2mtag

Category:

POWERPLAY

Message:

System shutdown due to graphics card overheating.

More information

Event ID:

7034

Source:

Service Control Manager

Message:

The VNC Server Version 4 service terminated unexpectedly. It has done this 1 time(s)

More information

Event ID:

Source:

Service Control Manager

Message:

The Creative Audio Service service failed to start due to the following error:
The system cannot find the file specified.

More information

Event ID:

14332

Source:

Windows Media Player Network Sharing Service

Message:

Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

More information

Event ID:

4656

Source:

Microsoft-Windows-Security-Auditing

Category:

File System

Message:

A handle to an object was requested.

Subject:
Security ID: NT AUTHORITY\SYSTEM
Account Name: COMPUTER$
Account Domain: DOMAIN
Logon ID: 0x3E7

Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.9200.16384_none_8325ae6a331660a6\GdiPlus.dll
Handle ID: 0x0
Resource Attributes: -

Process Information:
Process ID: 0x354
Process Name: C:\Windows\System32\svchost.exe

Access Request Information:
Transaction ID: {00000000-0000-0000-0000-000000000000}
Accesses: READ_CONTROL
SYNCHRONIZE
ReadData (or ListDirectory)
ReadEA
ReadAttributes
WriteAttributes

Access Reasons: READ_CONTROL: Granted by D:(A;;0x1200a9;;;BA)
SYNCHRONIZE: Granted by D:(A;;0x1200a9;;;BA)
ReadData (or ListDirectory): Granted by D:(A;;0x1200a9;;;BA)
ReadEA: Granted by D:(A;;0x1200a9;;;BA)
ReadAttributes: Granted by ACE on parent folder D:(A;;0x1200a9;;;BA)
WriteAttributes: Not granted

Access Mask: 0x120189
Privileges Used for Access Check: -
Restricted SID Count: 0

More information

Event ID:

5120

Source:

Microsoft-Windows-FailoverClustering

Message:

Cluster Shared Volume 'Volume2' ('ClusterStorage Volume 2') is no longer available on this node because of 'STATUS_CLUSTER_CSV_AUTO_PAUSE_ERROR(c0130021)'. All I/O will temporarily be queued until a path to the volume is reestablished.

More information

Event ID:

8026

Source:

MSExchangeAL

Category:

LDAP Operations

Message:

LDAP Bind was unsuccessful on directory OLDDC.domain.local for distinguished name ''. Directory returned error:[0x51] Server Down.

For more information, click http://www.microsoft.com/contentredirect.asp.

More information

Event ID:

6006

Source:

MSExchange SACL Watcher

Message:

SACL Watcher servicelet found that the SeSecurityPrivilege privilege is removed from account MYDOMAIN\Exchange Servers.

More information

Event ID:

2238

Source:

Server Administrator

Category:

Storage Service

Message:

The controller debug log file has been exported.: Controller 0 (PERC 5/i Integrated)

More information

Event ID:

2188

Source:

Server Administrator

Category:

Storage Service

Message:

The controller write policy has been changed to Write Through.

More information

Event ID:

101

Source:

Microsoft-Windows-TaskScheduler/Operational

Category:

Task Start Failed

Message:

Task Scheduler failed to start "\Some Important Task" task for user "MYDOMAIN\EventMonitor". Additional Data: Error Value: 2147942402.

More information

Event ID:

Source:

SAVOnAccess

Message:

Insufficient memory.

More information

Event ID:

6482

Source:

Office SharePoint Server

Category:

Office Server Shared Services

Message:

Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (dbb94537-db22-448b-92c9-d1f684a4a13e).

Reason: Could not find file 'C:\WINDOWS\system32\drivers\etc\HOSTS'.

Techinal Support Details:
System.IO.FileNotFoundException: Could not find file 'C:\WINDOWS\system32\drivers\etc\HOSTS'.
File name: 'C:\WINDOWS\system32\drivers\etc\HOSTS'
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)
at System.IO.FileInfo.OpenText()
at Microsoft.Search.Administration.Security.HOSTSFile.ParseHOSTSFile(Hashtable& HOSTSFileMappings, StringBuilder& HOSTSComments)
at Microsoft.Search.Administration.Security.HOSTSFile.ConfigureDedicatedGathering(SearchServiceInstance searchServiceInstance, SPServer dedicatedWebFrontEndServer, IList`1 previousWebApplicationHostNames)
at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.SynchronizeDefaultContentSource(IDictionary applications)
at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean isAdministrationServiceJob)

More information

Event ID:

10021

Source:

Message:

Could not get performance counter registry information for WSearchIdxPi for instance due to the following error: The operation completed successfully. 0x0.

More information

Event ID:

3007

Source:

Message:

Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalogue

More information

Event ID:

3006

Source:

Message:

Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

More information

Event ID:

4101

Source:

Display

Message:

Display driver amdkmdap stopped responding.

More information

Event ID:

4373

Source:

NtServicePack

Category:

None

Message:

Windows XP WIC installation failed.
Access is denied.

More information

Event ID:

Source:

VMware Tools

Message:

[ warning] [vmusr:vmtoolsd] Failed registration of app type 2 (Signals) from plugin unity.

More information

Event ID:

Source:

Microsoft-Windows-CertificateServicesClient-CertEnroll

Message:

Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from testsql.domain.local\TESTCA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).

More information

Event ID:

6002

Source:

MSExchange Mid-Tier Storage

Message:

Ping of mdb 'b001e27b-bd30-4b98-998d-d0baf7803fba' timed out after '00:00:00' minutes. Last successful ping was at '6/10/2014 11:50:11 AM' UTC.

More information

Event ID:

1045

Source:

MSExchange EdgeSync

Category:

Initialization

Message:

Initialization failed with exception: Microsoft.Exchange.EdgeSync.Common.EdgeSyncServiceConfigNotFoundException: Couldn't find EdgeSync service configuration object for the site SiteName. If the configuration object doesn't exist in the Active Directory location CN=EdgeSyncService,CN=SiteName,CN=Sites,CN=Configuration,DC=domain,DC=local, create it using the New-EdgeSyncServiceConfig cmdlet. If the object does exist, check its permissions.. If this warning frequently occurs, contact Microsoft Product Support.

More information

Event ID:

9877

Source:

MSExchangeIS Mailbox Store

Category:

Content Indexing

Message:

Content Indexing function 'CISearch::EcGetRowsetAndAccessor' received an unusual and unexpected error code from MSSearch.
Mailbox Database: Mailbox Database
Error Code: 0x80041606

More information

Event ID:

7022

Source:

Service Control Manager

Message:

De Windows Presentation Foundation Font Cache 3.0.0.0-service is bij het starten vastgelopen.

More information

Event ID:

9842

Source:

MSExchangeIS Mailbox

Category:

Content Indexing

Message:

Function CISearch::EcGetRowsetAndAccessor detected that content indexing was disabled for database "Mailbox Database 1144709849" because of error "0x80041820" from MSSearch.

More information

Event ID:

13051

Source:

Windows Server Update Services

Category:

Clients

Message:

No client computers have ever contacted the server.

More information

Event ID:

1838

Source:

Microsoft-Windows-CAPI2

Message:

Reached crypt32 threshold of 50 events and will suspend logging for 60 minutes.

More information

Event ID:

1552

Source:

Server Administrator

Message:

Log size is no longer near or at capacity
Log type: ESM

More information

Event ID:

36887

Source:

SChannel

Message:

The following fatal alert was received: 42.

More information

Event ID:

513

Source:

Microsoft-Windows-CAPI2

Message:

Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.

More information

Event ID:

1021

Source:

MSExchangeTransport

Category:

SmtpReceive

Message:

Receive connector Allow SMTP rejected an incoming connection from IP address 1.2.3.4. The maximum number of connections per source (20) for this connector has been reached by this source IP address.

More information

Event ID:

8010

Source:

MSExchangeTransport

Category:

RemoteDelivery

Message:

A message with the Internal Message ID 12345 was rejected by the remote server. This message will be deferred and retried because it was marked for retry if rejected. Other messages may also have encountered this error.

More information

Event ID:

Source:

IIS-Configuration

Message:

Changes to '/system.applicationHost/sites/site[@name="Default Web Site" and @id="1"]/@state' at 'MACHINE/WEBROOT/APPHOST' have successfully been committed.

More information

Event ID:

14035

Source:

MSExchange MailTips

Category:

MailTips

Message:

Process Microsoft.Exchange.InfoWorker.Common.Delayed`1[System.String]: MailTips query failed for mailbox <John Johnny JoeJoe>SMTP:jonjojo@acmecorp.com. Latency: total:1. The returned exception is: Microsoft.Exchange.Data.Storage.StorageTransientException: Cannot open mailbox /o=AcmeCorp/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCHGSERVER/cn=Microsoft System Attendant. ---> Microsoft.Mapi.MapiExceptionRpcServerTooBusy: MapiExceptionRpcServerTooBusy: Unable to make connection to the server. (hr=0x80004005, ec=2419)
Diagnostic context:
Lid: 41841 StoreEc: 0x973
Lid: 51059
Lid: 62321 StoreEc: 0x973
Lid: 47987
Lid: 50033 StoreEc: 0x973
Lid: 50544 ClientVersion: 15.0.995.27
Lid: 52080 StoreEc: 0x973
Lid: 51152
Lid: 52465 StoreEc: 0x973
Lid: 60065
Lid: 33777 StoreEc: 0x973
Lid: 59805
Lid: 52487 StoreEc: 0x973
Lid: 19778
Lid: 27970 StoreEc: 0x973
Lid: 17730
Lid: 25922 StoreEc: 0x973
at Microsoft.Mapi.MapiExceptionHelper.InternalThrowIfErrorOrWarning(String message, Int32 hresult, Boolean allowWarnings, Int32 ec, DiagnosticContext diagCtx, Exception innerException)
at Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, IExInterface iUnknown, Exception innerException)

More information

Event ID:

257

Source:

Microsoft-Windows-Defrag

Message:

The volume WINRE_DRV was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

More information

Event ID:

1013

Source:

MSExchangeDiagnostics

Category:

General

Message:

Potential data loss warning in RetentionAgent: %1

More information

Event ID:

1012

Source:

MSExchange Store Driver Submission

Category:

Error (Info)

Message:

The store driver failed to submit eventID mailboxID MDBID and couldn't generate an NDR due to exception Microsoft.Exchange.MailboxTransport.StoreDriverCommon.InvalidSenderException

More information

Event ID:

1042

Source:

MSExchangeDiagnostics

Message:

ConnectionStringManager unable to connect to partitioning DB: Connection string used to access the partitioning DB is null or empty

More information

Event ID:

3028

Source:

MSExchangeApplicationLogic

Category:

Extension

Message:

Scenario: ProcessKillBit. Failed to read killbit list file because of exception System.IO.IOException: The process cannot access the file 'D:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\owa\prem\15.0.1178.9\ext\killbit\killbit.xml' because it is being used by another process.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
at System.IO.File.Open(String path, FileMode mode, FileAccess access, FileShare share)
at Microsoft.Exchange.Data.ApplicationLogic.Extension.KillBitHelper.TryReadKillBitFile(Int32& refreshRate, DateTime& lastModifiedTime)

More information

Event ID:

2030

Source:

MSExchangeFrontEndTransport

Category:

SmtpSend

Message:

The Ehlo options for the client proxy target 10.10.5.123 did not match while setting up proxy for user amata/es_smtp on inbound session 08D40BBF5D3046B3. The mismatched settings might cause some messages to get rejected. Continue with proxying even though there is a mismatch. The critical non-matching options were maxSize. The non-critical non-matching options were .

More information

Event ID:

10021

Source:

Windows Server Update Services

Category:

Core

Message:

The catalog was last synchronized successfully 1 or more days ago.

More information

Event ID:

2415

Source:

Server Administrator

Category:

Storage Service

Message:

Controller battery is discharging: Battery 0 Controller 0

More information

Event ID:

1603

Source:

MsiInstaller

Message:

Product: Microsoft Office Professional Plus 2016 - Update '{E296D50E-EFEB-48F5-9CBE-5A335AE2D49F}' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

More information

Event ID:

36888

Source:

Schannel

Category:

none

Message:

The following fatal alert was generated: 10. The internal error state is 1203. Another Event message is listed next;
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed

More information

Event ID:

904

Source:

Trend Status Check (AV)

Category:

none

Message:

Automated remediation failed. Antivirus Product Trend Status Check - 547 Days Out-Of-Date

More information

Event ID:

36887

Source:

Schannel

Message:

the following fatal alert was received 70

More information

Event ID:

Source:

Service Control Manager Eventlog Provider

Message:

The windows Modules Installer Service failed to start due to the following error:The Service did not start due to a logon failure

More information

Event ID:

4779

Source:

Microsoft-Windows-Security-Auditing

Category:

Other Logon/Logoff Events

Message:

A session was disconnected from a Window Station.

Subject:
Account Name: some.user
Account Domain: SOMEDOMAIN
Logon ID: 0x2335b249

Session:
Session Name: RDP-Tcp#0

Additional Information:
Client Name: wksclient04.lo
Client Address: 192.168.1.6

More information

Event ID:

4689

Source:

Microsoft-Windows-Security-Auditing

Category:

Process Termination

Message:

A process has exited.

Subject:
Security ID: MYDOMAIN\some.user
Account Name: some.user
Account Domain: MYDOMAIN
Logon ID: 0x5E006051

Process Information:
Process ID: 0x5ec4
Process Name: C:\Windows\System32\dllhost.exe
Exit Status: 0x0

More information

Event ID:

208

Source:

SQLSERVERAGENT

Category:

Job Engine

Message:

SQL Server Scheduled Job 'sqlmail test' (0x1C727E7088AC614399AAD98E792DB21C) - Status: Failed - Invoked on: 2018-02-21 07:25:00 - Message: The job failed. The Job was invoked by Schedule 28 (SQL Mail test). The last step to run was step 1 (1).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

More information

Event ID:

7024

Source:

Service Control Manager

Category:

Error

Message:

The Routing and Remote Access service terminated with the following service-specific error: The callback function must be invoked inline.

More information

Event ID:

20153

Source:

RemoteAccess

Category:

Error

Message:

The currently configured accounting provider failed to load and initialize successfully. The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.

More information

Event ID:

400

Source:

USB\VID_18D1&PID_4EE7&MI_03\7&16246af8&3&0003

Category:

Microsoft-Windows-Kernel-PnP

Message:

2020-12-25 4:37:06 PM Device USB\VID_18D1&PID_4EE7&MI_03\7&16246af8&3&0003 was configured.

More information

Event ID:

5858

Source:

WMI-Activity

Category:

None

Message:

Id = {00000000-0000-0000-0000-000000000000}; ClientMachine = LT-MULLINTI; User = LT-MULLINTI\mtscadmin; ClientProcessId = 8944; Component = Unknown; Operation = Start IWbemServices::ExecNotificationQuery - ROOT\WMI : SELECT * FROM MSNdis_StatusMediaConnect; ResultCode = 0x80041032; PossibleCause = Unknown

More information

Event ID:

7023

Source:

Service Control Manager

Category:

None

Message:

The Remote Desktop Services service terminated due to an error The specified file cannot be found.

More information

Event ID:

3051

Source:

Microsoft-Windows-ActiveDirectory_DomainService

Category:

Security

Message:

The directory has been configured to not enforce per-attribute authorization during LDAP add operations. Warning events will be logged, but no requests will be blocked. This setting is not secure and should only be used as a temporary troubleshooting step. Please review the suggested mitigations in the link below.

https://go.microsoft.com/fwlink/?linkid=2174032

More information

Event ID:

Source:

OneApp_IGCC_WinService

Category:

none

Message:

TLBs created - Done

More information

Event ID:

Source:

Kernel-EventTracing

Message:

Starting the session "Microsoft.Windows.Remediation" failed with the following error: 0xC0000035

More information

Event ID:

Source:

Windows Update Agent

Category:

Software Sync

Message:

Unable to connect: Windows is unable to connect to the Automatic Updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

More information

Event ID:

2004

Source:

MSExchange OAuth

Message:

Unable to find the certificate with thumbprint 6A80C06C7E33AC535F671B3366355547C35D044B in the current computer or the certificate is missing private key. The certificate is needed to sign the outgoing token.

More information

Event ID:

3154

Source:

MSExchangeRepl

Category:

Service

Message:

Active Manager failed to mount database Public Folder Database 1 on server MailServer1.arabia.sy. Error: An Active Manager operation failed. Error The database action failed. Error: Unable to mount database 'Public Folder Database 1'. The database appears to have been mounted at least once since its creation, but there is no database file at 'D:\Exchange 2010\Mailbox Database\Public Folder Database\Public Folder Database.edb'. Either recover the database file from a backup, or mount the database with a new, empty database by using the Mount-Database cmdlet with the -Force parameter..

More information

Event ID:

3154

Source:

MSExchangeRepl

Category:

Service

Message:

More information

Event ID:

5156

Source:

Microsoft Windows security auditing.

Message:

The Windows Filtering Platform has permitted a connection.

Application Information:
Process ID: 4320
Application Name: \device\harddiskvolume2\windows\system32\svchost.exe

Network Information:
Direction: Inbound
Source Address: 224.0.0.252
Source Port: 5355
Destination Address: 167.196.121.75
Destination Port: 60070
Protocol: 17

Filter Information:
Filter Run-Time ID: 83103
Layer Name: Receive/Accept
Layer Run-Time ID: 44

More information

Event ID:

7011

Source:

Service Control Manager

Category:

None

Message:

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

More information

Event ID:

28680

Source:

PRIVMAN

Category:

None

Message:

BeyondInsight ProcessEvent returned the following error: <Return><Status>Error</Status><Details>UNEXPECTED EXCEPTION: There was no endpoint listening at https://[redacted] that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.</Details></Return>.

More information

Event ID:

Source:

kernel-eventtracing

Category:

session

Message:

Session "ETW USB tracing" failed to start with the following error: 0xC0000022

More information

Event ID:

Source:

WindowsUpdateClient

Category:

Windows Update Agent

Message:

Windows Update failed to check for updates with error 0x80072EE2

More information

Event ID:

Source:

WindowsUpdateClient

Category:

Windows Update Agent

Message:

Installation Failure: Windows failed to install the following update with error 0x80004002: 2022-03 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5011529).

More information

Event ID:

Source:

ThreadLib

Category:

None

Message:

The description for Event ID ( 0 ) in Source ( ThreadLib ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: ThreadLib::Thread Exception::ThumbFetcherThreadFunc.

More information

Event ID:

454

Source:

DeviceManagement-Enterprise-Diagnostics-Privider

Message:

MDM ConfigurationManager: Command failure status. Configuraton Source ID: (LA 7F004E2-A009-41B4-AC78-69BCCA464D09}), Enrollment Type: (FamilySafety), CSP Name: (AppLocker), Command Type: (Clear: first phase of Delete), CSP URI:
(/Vendor/MSFT/AppLocker/FamilySafety/FamilySafetyGroup),Result:(UnknownWin32Error code: 0x86000002).

More information

Event ID:

Source:

Application

Message:

Faulting application name: BackgroundTaskHost.exe, version: 10.0.20348.1, time stamp: 0xdf4b0fee
Faulting module name: twinapi.appcore.dll, version: 10.0.20348.1129, time stamp: 0x5b888f7b
Exception code: 0xc0000409
Fault offset: 0x00000000000d222b
Faulting process id: 0x144c
Faulting application start time: 0x01d94a82bf78f269
Faulting application path: C:\Windows\system32\BackgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: ad3e8927-b13c-4133-97a0-a96e03efd1cc
Faulting package full name: Microsoft.AAD.BrokerPlugin_1000.19580.1000.0_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

More information

Event ID:

1006

Source:

TerminalServices-RemoteConnectionManager

Category:

None

Message:

The RD Session Host server received large number of incomplete connections. The system may be under attack.

More information

Event ID:

Source:

Application Error

Message:

Faulting application name: BackgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x1d3a15e7
Faulting module name: ntdll.dll, version: 10.0.19041.3155, time stamp: 0x5212ece5
Exception code: 0xc0000374
Fault offset: 0x00000000000ff419
Faulting process id: 0xafb0
Faulting application start time: 0x01d9c3f947c55a40
Faulting application path: C:\WINDOWS\system32\BackgroundTaskHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 29e16c65-2180-4e57-9cf3-14d887083a9e
Faulting package full name: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

More information

Event ID:

Source:

Service Control Manager

Message:

The EuGdiDrv Service was not started due to the following error:
The specified path cannot be found.

More information

Event ID:

Source:

Service Control Manager

Message:

The EuGdiDrv Service was not started due to the following error:
The specified path cannot be found.

More information

Event ID:

4119

Source:

schannel

Message:

The following fatal alert was received: 40.

More information

Event ID:

Source:

Nvidia

Category:

None

Message:

DrvSetContext failed functionality indeterminant(pid=2112 cncmd.ext 64bit)

More information

Event ID:

7026

Source:

Service Control Manager

Category:

None

Message:

The following boot-start or system-start driver(s) did not load:
dam

More information

Event ID:

1010

Source:

ModernDeployment-Diagnostics-Provider

Message:

Autopilot.dll WIL error was reported.
HRESULT: 0x80070491
File: onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp, line 128
Message: NULL

More information

Event ID:

4906

Source:

MIQADS

Message:

Logs staus

More information

Event ID:

Source:

Kernel-EventTracing

Category:

Session

Message:

Session "NT Kernel Logger" failed to start with the following error: 0xC0000035

More information

Event ID:

3006

Source:

EvntAgnt

Message:

Error reading log event record. Handle specified is 927269016. Return code from ReadEventLog is 87.

More information

Event ID:

Source:

CertificateServicesClient-CertEnroll

Message:

Certificate enrollment for Local system failed in authentication to policy servers with ID {########-####-####-####-72067EF2E6D9} (The user name or password is incorrect. 0x8007052e (WIN32: 1326 ERROR_LOGON_FAILURE))

More information

Event ID:

4725

Source:

Microsoft Windows security auditing

Message:

LogName=Security
EventCode=4725
EventType=0
ComputerName=domain.domain.local
SourceName=Microsoft Windows security auditing.
Type=Information
RecordNumber=2311231312
Keywords=Audit Success
TaskCategory=User Account Management
OpCode=Info
Message=A user account was disabled.

Subject:
Security ID: S-1-5-21-5232424-4342331231-1232132131-1605
Account Name: doamin
Account Domain: local
Logon ID: 0x1dasdwD

Target Account:
Security ID: S-1-5-21-5232424-4342331231-1232132131-1605
Account Name: ws-APP$
Account Domain: local

More information

Event ID:

Source:

Application Error

Message:

Faulting application name: SweetAffection.exe, version: 0.0.0.0, time stamp: 0x6172bb09
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x698c
Faulting application start time: 0x01dac90f4dd836ea
Faulting application path: D:\ganestarts\SweetAffection-0.10.7-pc\SweetAffection.exe
Faulting module path: unknown
Report Id: 44bc9f5f-6f32-47ef-a0e3-4450382e76dd
Faulting package full name:

More information

Event ID:

3602

Source:

Category:

Gatherer

Message:

Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index.

Context: Application, SystemIndex Catalog

Details:
0x%08x (0x80040d23 - The gatherer is shutting down. (HRESULT : 0x80040d23))

More information

Event ID: