Sunday, December 12, 2010

Windows Backup Error 0x81000019

Recently, I've been getting an error from Windows Backup:

Error Code: 0x81000019

Event Viewer lists the following additional information:
Shadow copy creation failed because of error reported by ASR Writer. More info: The requested system device cannot be found. (0x80073BC3).

Volume Shadow Copy Service warning: ASR writer Error 0x80073bc3. hr = 0x00000000, The operation completed successfully.
.

Operation:
PrepareForBackup event

Context:
Execution Context: ASR Writer
Execution Context: Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {5c8b67a8-a665-45e5-9f5c-45382f136693}

Error-specific details:
ASR Writer: The requested system device cannot be found. (0x80073BC3)

Volume Shadow Copy Service error: Unexpected error calling routine Check OnIdentifyError. hr = 0x80073bc3, The requested system device cannot be found.
.

Operation:
PrepareForBackup event

Context:
Execution Context: ASR Writer
Execution Context: Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {5c8b67a8-a665-45e5-9f5c-45382f136693}

Error-specific details:
ASR Writer: The requested system device cannot be found. (0x80073BC3)

Fault bucket 668258104, type 5
Event Name: WindowsBackupFailure
Response: Not available
Cab Id: 0

Problem signature:
P1: Backup
P2: 6.1.7600
P3: 0x81000019
P4: 7
P5:
P6:
P7:
P8:
P9:
P10:

Attached files:
C:\Windows\Logs\WindowsBackup\WindowsBackup.1.etl

These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Backup_7a9178ddfcd376c581a8653b09ae5e2464735bf_100ef6dc

Analysis symbol:
Rechecking for solution: 0
Report Id: 8b57e781-0633-11e0-a042-90e6ba2d22c8
Report Status: 0

Backup did not complete successfully because a shadow copy could not be created. Free up disk space on the drive that you are backing up by deleting unnecessary files and then try again.


And what does it all mean? Well, I just recently installed a new hard disk and installed an alternative OS onto it. This new hard disk is appearing as "Disk 0" in Disk Management and it *is* the boot device. When I boot off it and then select my Windows partition I get these error messages. It appears VSS attempts to access/lock the drive that booted the OS and it fails. If I attempt to take "Disk 0" offline, I get the following error message:
---------------------------
Virtual Disk Manager
---------------------------
Disk attributes may not be changed on the current system disk or BIOS disk 0.
---------------------------
OK
---------------------------

Using Procmon I can see that VSSVC.exe attempts to access a filesystem that it cannot... Well, the only disk that it can't access is the lone "Alternative OS" disk. I suspect removing that disk or forcing my BIOS to boot directly to the Windows partition will resolve my issues. If you're in a similar situation as me, I would suggest checking your boot order, removing any extraneous disks or ensuring your boot drive is appearing as "Disk 0" in disk management.

I've just tested and confirmed that forcing my BIOS to boot directly to my OS drive without going through an alternative drive has enabled the backup program to operate without any errors.

This blogpost is for anyone else that my experience a similar issue.

Thursday, December 02, 2010

DataRAM RAM Disk Review (part 2)

I've purchased some RAM to replace my 1GB sticks. This new RAM allows my system to operate at 1333MHz DRAM speed without issues. So, I've set my RAM to this new bandwidth speed and my memory went to:

14099MB/s Read, 12034MB/s Write, 16901MB/s Copy.

This represents an improvement of:

23% Read, 0% Write, 10% Copy.

With a 23% Read performance improvement will DataRAM's RAMDrive solution improve?

It does not.

It appears something else is holding the performance of the RAMDrive software down. IOMeter *did* see some improvement (from 5000Mb/s to 5094MB/s... a 1.9% improvement) but pretty insignificant from what it *should* be, if it was hardware being the hold up.

The "bandwidth" of the RAMDrive is 40Gbps, a pretty large leap from the maximum you could get from SATA at it's best (6Gbps), but I hope DataRAM investigates what the performance ceiling is of their software and can explain or correct what's causing it.

Overall though, I'm still happy with the software and for a free 4GB RAM disk or $10 for a maximum of ~64GB, I think it's a great value. I have 18GB of RAM in my system and utilize this software for programs like StarCraft or VMWare machines and the loading speeds are great.


Wednesday, December 01, 2010

Dataram RAMDisk Review





I've purchased a product called Dataram RAMDISK and am going to do a quick review on it. It's free for RAM Disk's up to 4GB in size. Beyond that size and you need to pay $9.99 for a license file that allows you to increase it to whatever amount of free RAM you have in your system up to a maximum of 64GB. My system is a P6T SE with 6 RAM slots, 3x2GB RAM and 3x1GB RAM sticks are installed, giving me 9GB in total. This configuration activates triple-channel mode, so I'm getting the full 192bit of available bandwidth from my memory.

All of my RAM is DDR3 @ 1333MHz (PC3-10600), but Everest is reporting a speed of 800MHz. My theoretical MB/s speed should max out at 32000MB/s, but if Everest is only operating at 800MHz that means my theoretical maximum speed is 19200MB/s. I think the reason I did this is because my triple channel puked at the unmatched channels causing BSOD's and non-boots, but I'll investigate later as it's a huge performance penalty. Everest confirms this is the measured speed I'm running at 19200MB/s

(Everest measures 19198MB/s)

(My unmatched odd sets of RAM pairs. Note, 1333MHz is the lowest my RAM goes, to 1800MHz for the fastest).



With that said, my current theoretical maximum speed my RAM should be able to operate at is 19200MB/s. I'm going to test my RAM first to gauge it's maximum speed, then test the RAM Disk to see if it matches up.


Everest reports that my actual performance is 11446MB/s Read, 11978MB/s Write and 15376MB/s Copy. The Memory Read benchmark reads a 16 MB sized, 1 MB aligned data buffer from system memory into the CPU. Memory is read in forward direction, continuously without breaks. The Memory Write benchmark writes a 16 MB sized, 1 MB aligned data buffer from the CPU into the system memory.

I will attempt to duplicate these with IO Meter to see how close the RAMDisk can get to the theoretical benchmark.

Before that, he's Everest Disk Benchmark result (everything is automatic - Linear Read):


With IOMeter I have the following configuration:
Size 1MB
Access 100%
Read 100%
Burst 1
Alignment 1MB
100% Sequential
Align I/O's 1MB

The results I get are:
5000 I/O per second
5000 MB/s

Swapping Read 100% to 0% (making it 100% Write) I get:
4930 I/O and MB/s

So writes are more intensive then reads, as they usually are, but I cannot get anywhere close to the speed of reading a 16MB sized file in 1MB chunks to the maximum theoretical speed of the RAM. I'm unsure as to why that may be, but I suspect it's the path the file takes from the RAMDisk -> Driver -> Bus -> CPU...?

To try and maximize the speed of the drive and match up to Everest Linear read to gauge the maximum speed of the disk, I'll setup IO Meter to match Everest's description of the Linear Read test:
This test is designed to measure the sustained linear (sequential) reading performance of the storage device by reading all data from the surface of the device.

IOMeter does this easily enough.

Using Procmon, I was able to verify that Linear Read uses a 64KB block size and reads the entire disk. Doing this with IO Meter I achieved the same results as above in the MB/s, but much higher IO/s. I'm unsure why IOMeter is unable to match Everest's results.

HD Tach was not useful as it would operate at 3000MB/s for various lengths of time each time I reran the test. Sometimes it would operate at 3000MB/s up to 0.5GB then 700MB/s for the rest of the drive, or 3000MB/s up to 2.4GB.

Too inconsistent to make an observation.

To compare this RAMDisk to other HDD's I turned to Anandtech and used his settings to compare some SSD drives. His results are here.

The results I achieved are:
133362 IOs per second
522 MB/s
Average Write Latency 0.0073
Max Write Latency 0.5526

Compared to the first gen Intel SSD's the RAM Disk is:
12x faster in IOs per second
12x faster in MB/s
12x faster in Average Write Latency 0.0073
170x faster in Max Write Latency 0.5526

Pretty much an order of magnitude faster as should be expected for a RAM Disk vs. a top of the line SSD.

In the end, I'm unsure if I've hit a wall with my numbers, but it feels artificial. Everest does come within 70% of the numbers it achieved in a pure memory test, but even the Everest test tops out at exactly 8192MB/s.

I'll try changing my memory speeds to something faster and see if this limit is artificial or a limit of my system.

Thursday, October 14, 2010

Getting NTBackup working in WinPE 3.0

This is pretty simple. Install the NTBackup for Windows 7 on to a Windows 7 computer. Then copy the appropriate file to their respective places on your WinPE image. The files:

X:\Windows\System32\explorer.exe
X:\Windows\System32\NTBackupRestoreUtility.exe
X:\Windows\System32\Query.dll
X:\Windows\System32\en-US\NTBackupRestoreUtility.exe.mui

That's it!

Wednesday, September 15, 2010

Remotely wake computers when the network doesn't pass Magic Packets

I'm in a situation where the network we have doesn't pass the UDP 9 magic packet to WoL (wake-on-LAN) remote computers. I'm not sure why this is, but I've developed a solution around it. It requires you to be a domain administrator (or local admin) because it uses PSEXEC and you need to copy a small command-line program to the local machine to execute. To do this in such a way that you can do multiple computers in one pass, you need to create a text file in the same folder as the batch file (upcoming). The text file has the following format:
"COMPUTER-NAME-OF-SYSTEM-ON-SAME-LAN MAC-ADDRESS"
Note the space between the two. An example:
CAC00700ZZ is off, but it has a MAC address of 00:12:34:56:78
CAC00855FT is on and on the same LAN as CAC00700ZZ. I'm on computer SERVER1 and the link between SERVER1 and CAC00700ZZ doesn't allow the magic packet to traverse. To wake up CAC00700ZZ, I need to send a WoL packet from CAC00855FT. To do this I create a text file called "computer-list.txt" and put in:

CAC00855FT 00:12:34:56:78

Done.

Next I need to create a WAKEUP.CMD file and put in the following:
:This script wakes up computers using a tertiary computer on the same LAN.

for /F "tokens=1-2 delims= " %%A IN ('type computer-list.txt') do psexec \\%%A -i -c mc-wol.exe %%B
pause

Lastly, I need to ensure PSEXEC.EXE, MC-WOL.EXE, computer-list.txt and WAKEUP.CMD are in the same folder. MC-WOL.EXE can be downloaded from here. PSEXEC.exe can be downloaded from Microsoft.

If you needed to wake up multiple computers, your computer-list.txt file would look like this:
CAC00700JQ 18A9051BFE68
CAC00700HT 18A9051E2894
CAC00700HQ 18A9051E2B90

Wednesday, September 08, 2010

Querying HKEY_CURRENT_USER remotely

I'm not sure why MS doesn't allow this to work with their reg.exe program. On most workstations only a single user is logged in anyways...


for /f %%A IN ('type domain-list.txt') DO (
ECHO %%A >> list1.txt
reg query "\\%%A\HKU" > ".\temp.txt"
findstr /R /C:"HKEY_USERS\\S-1-5-21.*[0-9]$" ".\temp.txt" > ".\temp2.txt"
FOR /F %%Z IN ('TYPE .\temp2.txt') DO reg query "\\%%A\%%Z\Software\Unicus Medical Systems" /s /v ReportPrinterName | findstr /R /C:"ReportPrinterName" >> list1.txt
)

The above may have truncated (FYI).

Ok, what this does...
1) Sequentially pull computer names from a file (domain-list.txt)
2) Echo that computer name into our master "list" text file
3) Query the HKEY_USERS via the computer name pulled from step 1 and save to a temporary file
4) Execute a findstr that will only search for user accounts (and not CLASS keys) and save to "temp2.txt".
5) In Temp2.txt, parse and save as variable "%%Z" and execute our reg query and save to our list1.txt file.

You can replace anything with step 5 to do whatever you need (Reg Add/Delete/Query/etc.)

Wednesday, August 18, 2010

Command Line Screen Recording

http://camstudio.org/blog/camstudio-command-line-v01-released

The above will be super sweet with PSEXEC to remotely launch screen recording on an unmanaged or a workstation that you cannot be present for.

Friday, June 18, 2010

AppleTV Harddrive Hack

Everyone knows how to upgrade your AppleTV hard drive with a bigger IDE drive, but with a dremel you can upgrade it to a SATA drive. Follow the same instructions for adding the AppleTV software to a 2.5" SATA drive. Then get started on adding the 500GB drive to the AppleTV.

1) AppleTV and new 500GB SATA 2.5" HDD

2) Remove the bottom of the AppleTV

3) Remove the original AppleTV hard drive

4) You will need to poke a hole in the IDE cable on the AppeTV as it's key'ed. The OEM 2.5" IDE to SATA converter does not have the pin missing for the key'ed hole.

5) It's very important to orientate the cable properly on the IDE to SATA converter as laptop IDE contains additional pins for power. If you orientate it wrong you can damage the hard drive or the converter.

6) The AppleTV with SATA converter and 500GB HDD.

7) Before modding the AppleTV I connected it to the TV to verify functionality
Success!

8) Modification time. This is the space you have to work with.

9) Because space is such so tight we need to chop off one of mounting posts and a part of the shield/baffle.

10) We're so down to the wire with space we need to clip off the top of the IDE cable.

11) Test fitting
It Fits!

12) Dremel off the mounting stand (top right corner)

Put it back together and you're all done!

Tuesday, April 20, 2010

Pushing View Controllers

Pushing View Controllers is ridiculously simple. You can do it in 2 lines of code, but with 2 dependancies.
1) Create a navigationController object in the AppDelegate file (.h and .m).
2) You must make a UIViewController object and add its header to the View Controller header you want to push *from*
3)

PhotoListView *secondPage = [[PhotoListView alloc] initWithNibName:@"PhotoListView" bundle:[NSBundle mainBundle]];

[[self navigationController] pushViewController:secondPage animated:YES];



4) Done.

Getting back into Objective-C Programming

Thanks to Stanfords C193P course.
Some things I've found along the way:
FYI, because of the black text you'll need to copy/paste to see the entire codeblock
Convert a NSArray to C array:

NSArray *pointsArray = [PolyShape pointsForPolygonInRect:rect numberOfSides:[polygon numberOfSides]];

//count the number of objects in the array and set a matching integer

int i;

i=[pointsArray count];

//setup our C array to match the number of objects in the pointsArray...

CGPoint thePointArray[i];

//for each object in the pointsArray, set a CGPoint value, add it to the C-Array (thePointArray) in it's matching index

for (id object in pointsArray) {

CGPoint thePoint = [object CGPointValue];

i--;

thePointArray[i] = CGPointMake(thePoint.x, thePoint.y);

}

Friday, January 15, 2010

Uninstall products from the command line

Uninstalling products from the command line is tricky when there is no shortcut to parse. So we need to go to the registry and pull out information of where the program exists in there, and the proper product code (a GUID). that's unique to every system. To do this I have employed the mightiest of tools, egrep.

You'll need to find egrep for Windows. It's getting harder and harder to find.

Here's a script I made to uninstall a program called "Driver and Utility".

reg query
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products
/s > "%TEMP%\reguninstall.txt"
TYPE "%TEMP%\reguninstall.txt"
\\myk\netlogon\grep.exe -B 15 -E "Driver & Utility" \\myk\netlogon\grep.exe -o -E
"UninstallString.+"
\\myk\netlogon\grep.exe -o -E "MsiExec.+" > "%temp%\uninstallcmd.txt"
FOR /F "tokens=1-10 delims={" %A IN ('TYPE "%temp%\uninstallcmd.txt"') DO
msiexec.exe /x {%B /qb

You'll have to excuse the line cropping. This script does 3 things.

#1, it pulls every program option from the registry and saves it in a file
#2, it then greps for the program name. This needs to be specific. Using grep we can ask it to pull lines previous to finding the query. We pull back 15 lines because it's a big key and we need to find the GUID
#3, we make a variable out of the GUID and execute the uninstall command.

The final uninstall command should look like this:

msiexec.exe /x {48435D4A-BDAF-4AC3-B172-B25F1AADE6C6} /qb

Voila.