Event ID 2000 Source Srv
| Event ID | 2000 |
| Source | Srv |
| Type | Error |
| Description | The server's call to a system service failed unexpectedly. Data: Words 0000: 00040000 00540001 00000000 c00007d0 0010: 00000000 <error code 1> 00000000 00000000 0020: 00000000 00000000 <error code 2> |
| English, please! | This information is only available to subscribers. An example of English, please! |
| Comments |
Adrian Grigorof
There are many causes for this event. The relevant information is the actual error code listed in the "Data" portion of the event so don't troubleshoot this just based on the general "event id 2000" premisis. Depending on the error codes in the data segment there are various links about this error: - c0000008 - See Error code 0xC0000008. - c000000d = "INVALID_PARAMETER", and 028e0bc5: Caused by PC-cillin loaded on Windows 95 clients. See M192732. - c000000f (Error code 0xC000000F) = "STATUS_NO_SUCH_FILE", and 05180bc5: Caused by a client trying to delete a non-existent file on a NetWare server through Gateway Services for NetWare (GSNW). See M173403 and M173210. - c000010a (Error code 0xC000010A) = STATUS_PROCESS_IS_TERMINATING - Some users reported this after installing VCS (Veritas Cluster Server) on Windows 2003. The error basically means that a program tried to terminate a process but the process was already being terminated. Not too helpful for the server administrators. - c0000013 (STATUS_NO_MEDIA_IN_DEVICE) and 04e80bb9: The error occurs when the server tries to access a shared resource (for example, a CD-ROM or floppy disk) which has no media (that is, no disk) in the drive. See M152846. - c0000054 (STATUS_FILE_LOCK_CONFLICT) and 05930bd3: This behavior can occur when you have an early version of the Cheyenne Open File Agent program installed. See M288301. - c000009a ="STATUS_INSUFFICIENT_RESOURCES" - See Error code 0xC000009A for general information on this error. - c000023a (STATUS_CONNECTION_INVALID) and 13830bbe: The size of request Buffers on your computer running Windows NT Server is too small. See M136150 - c00007d0 and 12880bc5: See M134759. - Codes n/a. If the WinSock program does not correctly post a Receive to collect the incoming data from WinSock, Afd may endlessly buffer the data and use up all non-paged memory. Afd should check the MaxBufferredReceiveBytes value for the socket and then not buffer more than this value. See M293841 and M296265. Al Maze - c0000010 - In my case I got this error due to having two spyware applications installed. Really dogged my computer, couldn't go more than 2 minutes without locking up all resources. The spyware apps where PC Tools and ETrust ITM. Olexandr A. Bilyk - c0000184 (STATUS_INVALID_DEVICE_STATE) and 04a0031a - I had this combination on W2K3 server running RRAS. Restarting the SERVER and RRAS (in turn) services solved the problem. Generally, a server restart will give better result, but in many cases this is impossible. Anonymous In my case, this issue occurred on a Windows 2003 file server with LiveVault, McAfee AV and ViceVersa Pro. Conflicts with the filter drivers and opportunistic locking caused the Server service to fail due to locking issues. Disabling "opportunistic locking" solved the problem. See M296264 for information on configuring opportunistic locking in Windows. Anonymous - c00000bb and 04c20337 - Resolved this error by removing Windows Update - KB917159. Why bother deciphering Event logs when GFI EventsManager can do everything for you? Free trial here! Mihai Andrei - c0000008 (Error code 0xC0000008) and 04c20337 - From a newsgroup post: "After uninstalling the KB896422 patch, problem was solved". See M321248 for a hotfix applicable to Microsoft Windows 2000. See M912376 for additional information about this event. Anonymous - c00000bb and 04c20337 - Resolved this error by removing Windows Update - KB896422. Ionut Marin - C0000056 (STATUS_DELETE_PENDING) - See M176979. - C000004 - From a newsgroup post: "This error code is sharing violation indicative. What is taking place here is that some files on the server are being accessed, locked and are not unlocked for others to use. In many cases, this can only be determined correctly by analyzing a trace of the network traffic between the client and the server while running the application. However, a quick test can be performed by disabling oplocks and not caching open files. To disable oplocks and caching of open files on the server as a test, follow these steps: Open the registry editor and go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters. Here change the following keys: Key: EnableOplocks, type REG_DWORD, value: 0 or 1. Default: 1 (true). To disable oplocks, the value of EnableOplocks must be set to 0. Key: CachedOpenLimit, type REG_DWORD, value: 0". This event might also be related to by Norton AntiVirus Corporate Edition (NAVCE) 7. See Symantec Knowledge Base ID: 2001041808040048 for more details. See the link to "EventID 2000 from source NCP Server" for additional information on this event. Anonymous For me, a program called Spyware Eliminator caused this error. I disabled the system preventions option (Active defense shield) and the problem was resolved. Anonymous - c0000054 (STATUS_FILE_LOCK_CONFLICT) and 0eb4bd3: In my case this event ID appears on the Windows 2000 Advance server every time remote MAC (OS 10.2.8) write files to the shared folder. Woodrow Wayne Collins - c0000184 (STATUS_INVALID_DEVICE_STATE) and 04a0031a – no info. Anonymous In my case, this event occurred after installation of LiveVault continuous online backup software on Windows NT4 Terminal Server sp6. |
| Links | M136150, M152846, M173403, M176979, M192732, M288301, M293841, M296264, M296265, M321248, M896422, M912376, M917159, Error code 0xC0000008, Error code 0xC000000F, Error code 0xC000009A, Symantec Knowledge Base ID: 2001041808040048, EventID 2000 from source NCP Server |
| Search | Google Web - Microsoft Support - Bing - EventID.Net Queue - More links... |
| Custom search | The custom search information is available to subscribers only. |
| Feedback | Send comments - Notify me when updated |
| Print version |