Hi Alexandre,

+ if (ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ, + 0, buf, sizeof(EVENTLOGRECORD), &read, &needed)) + {

I don't think this is correct. The first call will always fail as the buffer is not big enough. This now introduces a test failure on Vista without a servicepack (what this piece of code was meant to check).

I guess a 'better' fix would have been to set needed to 0 in our implementation until ReadEventLog is fully implemented.