Event ID/Source search
Keyword search
Example: Windows cannot unload your registry file
EventID.Net Splunk Add-on
Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
read more...
Event ID: 1013 Source: MsiInstaller
| Source: MsiInstaller |
| Type: Error |
| Description: ===================================================== Exception code: <error code> <error description> Module: <path to dll file> Function: 0x63542670 ===================================================== Registers: <register values> Flags: <values> Call stack: <stack>. |
| English: This information is only available to subscribers. An example of English, please! |
| Concepts to understand: What is a DLL? What is the role of MsiInstaller? |
| Comments: EventID.Net - Error code: C0000005 (ACCESS_VIOLATION) - See ME818793 for a hotfix applicable to Microsoft Visio 2002.  x
6
John Bryan The error is being generated by code within an MSI installation file, more precisely MSI Custom Action type 19 "Cancel Installation", which produces an error display box containing a custom text message which is the same message recorded in the event log. NOTE: The description for this EventID will vary from application to application. Solving: This will require knowledge of editing MSI installation files and an MSI editor. This custom action will usually be imbedded in an "If" logic statement. Analyze the logic to find why the "CancelInstallation" comand is being run so that either: 1) The reason for the cancellation can be avoided. Or 2) The logic code can be modified (by creating transform or editing the MSI) so that the cancellation does not occur. Example: "Acrobat 6.0 Standard" MSI has this in logic preventing any repairs or self-repairs if logged in as a user under NT, Windows 2000 or XP resulting in message/event-description "You do not have sufficient privileges to run this installer." x
5
EventID.Net The error (exception) codes listed in the event description are similar to the ones that are recorded when a "blue screen" occurs. See event id 1000 with "Save Dump" as source. x
5
|
| Private comment: Subscribers only. See example of private comment |
| Links: ME818793, Event ID 1000 |
| Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links... |
| Custom search for *****: Google - Bing - Microsoft - Yahoo |
| Feedback:
Send comments or solutions
- Notify me when updated
|
| Printer friendly |
Subscribe to EventID.Net now!