Over 1 million tech questions and answers.

PC crash description. With event viewer logs, please help

Q: PC crash description. With event viewer logs, please help

My computer crashes while watching video or playing games (even css) at least twice a day. It just goes to black or fuzzed screen, light dies from keyboard and makes real hard to describe sound. (not like a loop, I don't think anyway) I have a feeling its my graphics card as its old as compared to rest of PC. If you need to view event viewer logs in another format please let me know. I'm learning.

MSI p45 Platinum
Wolfdale E8600
Radeon x1600
4Gb Gskill ram

RELEVANCY SCORE 200
Preferred Solution: PC crash description. With event viewer logs, please help

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: PC crash description. With event viewer logs, please help

windows 7 X64 btw, always forget something

http://valid.canardpc.com/show_oc.php?id=2435469

Read other 1 answers
RELEVANCY SCORE 83.6

I was running 3DMark06 and got a BSOD code 124. After that every time I boot Event Viewer logs Error Codes ID 3012 and 3011. Attached are screenshots of both.

I googled this and found two different threads where someone suggested to rebuild the performance counters. Both responses were basically the same, below is one. Neither of the OP's came back and said if this worked for them.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Re: LoadPerf 3011, 3012
Hi-
I had the same problem with LoadPerf and here is what I found out:
All performance counter names and explain text are maintained in string tables managed by the performance counter subsystem (Perflib).

The current contents of the performance counter string tables are corrupted and cannot be displayed. To correct the problem, rebuild the string tables.

User Action
To rebuild the string tables, on the computer that displayed the message, at the command prompt, type Lodctr /r
The contents of the string tables are automatically rebuilt.

I hope this helps
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Since this was from 2008 (XP?) and the other response was for Vista I wanted to see if the guru's at SevenForums thought that this was okay before I did this.

Here are the screenshoots of my two errors.

A:After BSOD Event Viewer Logs Event ID 3012 and 3011 every time I boot

Rebuilding the string tables as outlined in my first post fixed the problem.

Read other 1 answers
RELEVANCY SCORE 83.2

After too many unexplained problems, I decided to reinstall Windows 8.1 Pro x64, and migrate off of SBS 2011 Standard. In addition to the primary workstation that can't read any event logs, I built five Server 2012 R2 servers (Hyper-V host, Active Directory
VM, Exchange 2013 VM, SQL Server 2014 VM, and WSUS VM).

I was diagnosing why my workstation's Outlook cannot reach the local Exchange Server.   I tried to look at the event logs, and found the
Event Viewer cannot open the event log or custom view.  Verify that Event Log service is running (it is) or the query is too long (whatever that indicates).  The request is not supported (50)
Looking at the directory of the event logs folder.  It appears that most logs are empty, which is understandable since it's a rebuilt installation.  I found a small number of Applications and Services Logs and it appears nothing was logged since
six days ago on 4/4/2016.   On support forums, I found many have this exact problem on Win 7, Win 8, and Win 10.  Of the solutions posted none of them would even execute on my Win 8.1 Pro x64 machine.  I tried clearing the event logs (WEVTUTIL
CL logfilename) and am told Failed to clear log .... The request is not supported. 
It's very difficult to diagnose why Outlook 2013 cannot reach Exchange 2013, even if Outlook is installed on the Exchange server machine (just as a test).  The web-based Outlook owa, ecp, ... all work fine. ... Read more

Read other answers
RELEVANCY SCORE 80.8

I am getting many events in Windows Event Viewer under the Application log, even though Dolby Settings is set to Off in Lenovo Vantage under Hardware Settings tab. The events come with the following description "The description for Event ID 0 from source Dolby DAX3 cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.If the event originated on another computer, the display information had to be saved with the event.The following information was included with the event: [DSPVLLDP]: CPPAPIHelper:olbyModuleExist: fInstantiated is false."    Dolby DAX3 Event Viewer

Read other answers
RELEVANCY SCORE 78.4

Win XP: in Event Viewer there are a bunch of event logs. Is it 'safe' to delete all these logs? of course, some of them have 'red' warnings and some 'yellow'....but my pc is working just fine now. Thanks for any advice.
 

A:Event Viewer logs

It's just a log file. If you want to clear it, it'll just clear all previous events and start from scratch. It wont cause you problems.
 

Read other 1 answers
RELEVANCY SCORE 78.4

I have events from Anonymous log ons. What are those? In the security log!

For example: NT AUTHORITY\ANONYMOUS LOGON
Successful Network Logon:
User Name:
Domain:
Logon ID: (0x0,0x10FF3)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name:
Logon GUID: -
This is the only on in almost a month!

Thank you lots!!

A:Event Viewer logs

Probably nothing to be concerned about, those are typical entries on my system.Comments from http://www.dslreports.com/forum/remark,655...ty,1~mode=flat:"A successful user logon is always listed as an event ID 528 and then you'll see a type which can be anything from 2 to 7. If it's not 528, then it's not an actual user and it's not necessarily successful.Event ID 538 is a successful logoff and not necessarily by an actual user.Event ID 540 is a successful "network" logon as in mapping a network drive. Your computer keeps checking for Network connections or shared folders, etc... on a regular basis to make sure you are connected."LouisWhat Is Anonymous Logon?

Read other 1 answers
RELEVANCY SCORE 78.4

Hi guys
For the last 4 weeks i get the following 4 errors at boot in the event viewer never get anything else just these.Can anyone translate the squiggles for me and tell me if there is anything to be worried about or not
Thankyou

A:Event viewer logs

Look in the text document you attached cuz i've put them by Event ID (written in the text document):
Event ID: 40968
Discription:
The Security System has received an authentication request that could not be decoded. The request has failed.

Problem with your system.
----------------------------------------------------------------------------------------------
Event ID: 1060
Description:
\??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

it's either replaced by a recently installed software or infected by a virus.
----------------------------------------------------------------------------------------------
Event ID: 7000
Description:
The Mobile IP Route Manager service failed to start due to the following error:
This driver has been blocked from loading

Again it's either a virus blocking it from running or the driver got messed up.
----------------------------------------------------------------------------------------------
Fixing:
1- Event ID: 40968
Since it has the Level: Warning then I think you better try System Restore Point, if still does the same problem, run a full system scan for viruses and if you find viruses in C:\WINDOWS, then you should Format / Reinstall Windows cuz if viruses can't be fixed they will be autmoticly quarentined and leads to lose of files for windows.

2- Event ID: 1060
Since it's in the windows Fold... Read more

Read other 1 answers
RELEVANCY SCORE 77.6

I have read that I need to be checking firewall logs every day (ZDNet suggested this), and I know where to find the info. What I do not understand is how to interpret what I see. Is there a place to post here to have someone look at it, or can someone recommend other web sites that might be able to help? I have some concerns since I am seeing a lot of dropped packets.

Same question re event viewer. I see 'warnings' and dhcp and 1,000 events, but I don't know what that means, or whether I should be concerned, or take action in some way. Again, is that info something that can be looked at here, or where do I learn more about how to interpet the data?

Any suggestions/recommendations would be greatly appreciated.

A:Event Viewer and Firewall Logs

I have read that I need to be checking firewall logs every day (ZDNet suggested this),Hi Anonix -Unless you are having problems I see no reason to do this. Your Antivirus will keep a check on any problems usually.http://www.malwarebytes.org/ - or - http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREEIf you think you have problems then run Malwarebytes or SUPERAntiSpyware programs.(Both free)If there is a serious problem please post in the Malware removal area of this forum -Thank You -

Read other 4 answers
RELEVANCY SCORE 77.6

Hello Support,
I'm investigating a case where a log entry has been found when exporting that event file(opened in eventviewer) to text file but its not found when searching in Event Viewer.
I've done multiple searches and its not seen in event viewer but can be seen once i export the same event into text files.
Please suggest some solutions asap.

Thanks in advance.

Read other answers
RELEVANCY SCORE 77.6

Hi guys ,
I'm seeking help to troubleshoot my PC at times running slowly with CPU usage reeching 100%.
I'm on win2000 SP4
P4 HT 2.8
1 GB ram
5 hdd ( 40GB ata , 80GB SATA ,160GB SATA , 200GB SATA , 500 GB SATA )
I saw at event viewer these logs
Event ID - 51 - An error was detected on device \Device\Harddisk2\DR2 during a paging operation
Event ID - 51 - An error was detected on device \Device\Harddisk3\DR3 during a paging operation.
I had run chkdsk with the /F /R commands , also defrag the disks , cheched for virus , adware , spyware , trojans , checked the connections at the motherboard , repair the windows instalation but the problem insists and drives me crazy for weeks now
Any help please ?
 

Read other answers
RELEVANCY SCORE 76.8

Hey guys. I'm playing an old game and experiencing a lot of lag and freezing. I also noticed the following events in my Event Viewer:

ACEEventLog:

Code:
0000000073: 2010-12-11 14:11:09:283 FAILED: ADL.ADL.ADL_Display_ImageExpansion_Get
Error Called by: ATI.ACE.CLI.Aspect.DeviceProperty.Graphics.Runtime.DevicePropertyImageScalingController::Parse processID:01908 threadID:( ) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.DeviceProperty.Graphics.Runtime, Version=2.0.3951.39058, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------

Code:
0000000072: 2010-12-11 14:11:09:233 RT_MMVideo::InitializeInternetVideo GetMMVideoAdjustInfoItem Pulldown FAILED
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitializeInternetVideo processID:01908 threadID:( ) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.3951.39060, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------

Code:
0000000071: 2010-12-11 14:11:09:223 RT_MMVideo::InitAdvancedVideoFeature: Failed in VideoItem = CONTROLLER_VIDEO_MOSQUITONOISEREMOVAL
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVi... Read more

A:Old game freezing a lot - event viewer logs

what game?
 

Read other 1 answers
RELEVANCY SCORE 76.8

First off let me say sorry for my grammar.
so my problem is a person from microsoft called my home and said was i aware that my pc had a security threat and then proceeded to tell me to go too my event viewer and showed me 49 thousand plus system events with tons of errors and there was alot errors in the application logs. also he showed me something about hkkeys missing or something like that.

From what i can tell from the dates this might of started when i went from xp to windows 7 which i'm not sure i did right now what i did was got home with the windows 7 and put the 64 bit disk in and installed it then that was somewhat ok but i was having issues with it and older programs so i decided to install the 32 bit version instead and everything seems to be working fine untill i get this call.

He eventually explained that i needed microsoft security essentials for windows 7 for the registered oem number and said it would cost $450 from the store or $229 online which wouldn't that all come with the new windows 7 cd and he said even if i reformatted i would still continue to have this issue how can that be i don't know. so any advice would be greatly appreciated and if you need more info let me know.
 

A:Solved: event viewer logs errors

Sounds like a scam to me - is your computer running ok, and do you have any anti virus software installed? Microsoft does not monitor your computer like that and call you proactively.
 

Read other 3 answers
RELEVANCY SCORE 76.8

Greetings 
I'm trying to diagnose an application that's failing to launch in Win10 but launches on Win7. I've enabled "Show analytic and debug logs" in event view but i'm only get a couple of extra folders, there should be a lot more to view. Do I need to
enable something else?

What I get


What I should be seeing


Regards
Sean

Read other answers
RELEVANCY SCORE 76.8

I have a computer that just keeps rebooting itself randomly. I am not sure why though. The fans seem to be Ok so it isn't over-heating. Below are the Event IDs listed in the Event Viewer. Let me know your thoughts on how to fix this or if these errors have anything to do with the reboots.

Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Description: Faulting application soffice.exe, version 6.0.7663.500, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b


Event Type: Error
Event Source: System Error
Event Category: (102)
Event ID: 1003
Description: Error code 1000008e, parameter1 c000001d, parameter2 ecd3bcd8, parameter3 80548dc4, parameter4 00000000


Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the file specified.

A:Random Reboot: Event Viewer Logs

What is soffice? Is it Star Office? If it is I would try un-installing and re-installing to see if it solves the problem?

In order to figure out why you are getting random reboots, you need to make a settings change to your computer. Go to:

Start > right click on My Computer > Properties > Advanced tab > Setup and Recovery 'Settings'

UN check 'Automatically Restart'. Click OK.

Reboot your computer. Now when Windows detects a problem it will not automatically reboot, but rather give you a blue screen.

Blue screens are often called 'Blue Screens of Death' (or BSOD) by users, and 'Stop Messages' by Microsoft. We need to know the exact message you see when you get the blue screen. We especially are looking for a set of letters and numbers about half way down the page that take this format:

0x0000008e

This is usually followed by a set of 4 similar numbers in parenthesis. For now we just need the first set of letter and numbers (before the numbers in the parenthesis).

Read other 6 answers
RELEVANCY SCORE 76.8

Hi all:

Being compulsive about the efficiency of things, from time to time I Clear the Event Viewer Logs.

1: Left alone, how big will these things get? I see 7000+ entries at times!
2: Does clearing them out make sense? No?
3: Is there a way to set an upper limit on their sizes?

TIA,

A:Event Viewer Logs - Size Adjustments

If left to the default settings the logs will grow to about "20480 KB", "20 MB" before it overwrites old entries.
This is of course for the default logs, Applications that puts logs may be less kind.

Read other 9 answers
RELEVANCY SCORE 76

Guys,


I'm currently having an issue with my Win7 64 bit Pro computer.

Transfers to other computers on my network is slow and sometimes the icon in the taskbar shows that it's disconnecting and reconnecting. I've also noticed that uploads to the internet are either slow or just never complete as the network keeps resetting.

I've also noticed in the System Event Viewer, for the past hour:


355 Service Event Errors ID # 7036 (4439 occurrences in 7 days); and
177 for Service Event Error ID 7042 (1165 occurrences in 7 days)


ID 7036 messages alternate between:


The TCP/IP NetBIOS Helper service entered the stopped state.
and
The TCP/IP NetBIOS Helper service entered the running state.


ID 7042 has messages reading:





Quote:
The TCP/IP NetBIOS Helper service was successfully sent a stop control.
The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)]


The other event message which occurs a lot is event 8033 which has 207 occurrances over the past 7 days. It reads:





Quote:
The browser has forced an election on network \Device\NetBT_Tcpip_{180E5F8A-7005-4484-A0D4-553607321AC0} because a master browser was stopped.


Does the screenshot here http://i989.photobucket.com/albums/a...x_1412/IRC.jpg indicate a conflict on IRQ 16. If so, would that have an impact on these disconnections.


I believe this might be the underlying cause of my slow transfe... Read more

A:IRC and Event Viewer Logs Indicating Network Issue?

Nvidia chipset?
(if it is, you need to install the drivers)

if not, other options are to set a static IP instead of DHCP and / or 'force' the drivers to be installed instead of using the ms ones for the nic

Read other 4 answers
RELEVANCY SCORE 76

Is there any way to temporarily prevent event viwer from recording logs?

A:How can i temporarily disable event viewer or delete certain logs

We've already told you that we aren't going to help you get around the controls that your father setup on his own machine. Posting again won't do you any good.
how is he tracking when I am logging on and off the computer??

Read other 2 answers
RELEVANCY SCORE 76

I am troubleshooting a video game that refuses to work. The developers of said game are aware of an issue, and have asked for feedback on a web-forum. I wanted to post the event viewer logs to the forum, for them to see. Is it safe to post the event viewer error logs online? My main concern was computer name, and SID (Security Identifier) number. Which are both included in the log.
 

Read other answers
RELEVANCY SCORE 76

Apologies if the question has been asked before, but I've tried a search for this sort of event, without success. I've made it a practice to clear the Event Logs prior to shutting down (somewhat anal, I know!), so that - if anything goes pear-shaped during a session - I might have a chance of tracking it down, as I've only got that day's logs to view. In Vista Ultimate, you can filter the Windows Logs for that viewing, but I can see a way of getting the filter ("Warning" only) to stick permanently. Saving the filters as a custom view only seems to last for that session too. Is there a way, please?TIA! Ray.

A:Controlling The Appearance Of Windows Logs In Event Viewer

Hello Ray, yes you can filter logs, but about Warning-only permamently you cannot...For a little solution try press on "Type" ...

Read other 1 answers
RELEVANCY SCORE 76

The is another attempt at getting this answered.
Previous replies noted that the Administrative Events under the Custom view was just a compilation of all the other logs.
I do not belive this is entirely correct as all the events in this log concern the operating system and do NOT appear in the other logs such as Application, Security, etc.
Below is an example of what is showing up on my system after all the individual logs shown under Event Viewer are cleared:




Level


Date and Time


Source


Event ID


Task Category




Warning



8/27/2015 13:59


Microsoft-Windows-DNS-Client



1014


None




Error



8/27/2015 12:56


Microsoft-Windows-Kernel-EventTracing



2


Session




Error



8/27/2015 12:56


Microsoft-Windows-Dhcp-Client



1001


Address Configuration State Event




Error



8/27/2015 12:54


Microsoft-Windows-PrintService



315


Sharing a printer




Error



8/24/2015 9:15


Microsoft-Windows-Dhcp-Client



1001


Address Configuration State Event




Error



8/24/2015 9:13


Microsoft-Windows-PrintService



315


Sharing a printer




Error



8/20/2015 3:19


Microsoft-Windows-Dhcp-Client



1001


Address Configuration State Event




Error



8/20/2015 3:17


Microsoft-Windows-PrintService



315


Sharing a printer




Error



8/17/2015 10:24


Microsoft-Windows-... Read more

Read other answers
RELEVANCY SCORE 76

hi all,

i always check my boot time from event manager following this pattern:

Event viewer -> Applications and Services log -> Microsoft -> Windows -> Diagnostic Performance -> Operational

off late, i have noticed under Microsoft i get another entry along with Windows. it is IEResp. this was not present earlier.

further under Diagnostic Performance, there was only operational but now there are two more entries i.e Diagnostic and Diagnostic -loopback.

i have observed that my booting time has also gone up.

are these entries valid? why have they turned up? is it ok to keep them or is there any thing i need to do since these entries have turned up.

kindly drop ur views.
thanks,

A:Event Viewer: New Entries Under App. & Service Logs -> Microsoft

pls drop in your views

Read other 6 answers
RELEVANCY SCORE 76

Windows Home Premium SP1 64 bit

When opening Win 7 Event Viewer, in the Summary of Administrative Events window, it's reading the "Microsoft windowsbackup/ActionCenter log". Shouldn't it instead be reading the original logs? Application, System, Security, etc. ?

When I click on these logs in the left hand pane they open properly.

A:Event Viewer Reading Backup Logs Instead of Original

Windows backup is a log, not a backup log.

Your fine.

Read other 1 answers
RELEVANCY SCORE 75.2

I have been allowing a friend/neighbor access to my wifi to offset the cost of my internet. I was startled the other day when he mentioned that the Avaste anti virus he has installed on his computer detected malware on my computer over wifi during a scan.
I checked Event Viewer Security logs and found many logins from his computer going back to when I first allowed him access. In the System logs there are also several warnings and errors with 'browser' or 'bowser' as the sources. I don't want to confront him
or cut him off if these log events are fairly normal when sharing wifi. Any help/info would be appreciated. Oh, and i'm using Windows 7. Thanks.

Read other answers
RELEVANCY SCORE 75.2

Howdy everyone. I've got a problem with my computer hard freezing (locking up, no input, have to perform a hard reboot) since July 15th. It seems impossible for me to diagnose this problem since I've never dealt with a recurring hard freeze before. My initial reaction was that the hardware was problematic, but at the same time I have no idea if it could be caused by a driver.

Attempted solutions so far:
Ran CHKDSK on both HDDs, no errors found (this is on a four-week old HDD with a fresh Windows 7 x64 install)
Ran Memtest+ for 7 hours, no errors found
Replaced the graphics card with a weaker one, problem still occurred
Constantly checking temps for overheating, card and processor rarely get above 40, but the computer still freezes during idle or low processing stages

Software-related
Uninstalled, and swept video card drivers, then reinstalled twice
Ran Driver Verifier (as of now), and no blue screens
Started checking for any errors in Event Viewer (none are related to the crash so far, as I've fixed about 5 random things getting reported)
Checked for dump files, to no avail
Reinstalled all motherboard drivers from the manufacturer

At this point, I'm at the end of my ideas, so I came to you guys. I have no idea what information I could provide to you that may be of assistance. While the computer is frozen, it is still powered on as well - I have to turn it off manually, if that is revealing of anything. I'm basically willing to try anything. Please let me know if you have a... Read more

A:Computer Hard Freezes with No BSOD or Event Viewer Logs

Welcome
Try in safe mode, if it freezes most likely hardware problem

Here are my solutions to freezing, and an excellent article, which I hope is of some help
Go to search type device manager and look for any yellow warning markers
Download and run malwarebytes, a full scan after you update
Run antivirus scan
Check memory with memtest86
Make sure that you are not over heating.
Try in safe mode; report back if it works properly.
Try a clean boot
Make sure PSU is working properly
If overclocking, restore to original
Test hard drive at company website.
Test in safe mode, does it still happen?
Try with clean boot..
http://support.microsoft.com/kb/929135
http://support.microsoft.com/kb/929135
http://malwarebytes.org/
http://www.almico.com/speedfan.php
http://www.geekstogo.com/forum/topic...ing-memtest86/
http://ezinearticles.com/?Troublesho...blems&id=39981

Read other 2 answers
RELEVANCY SCORE 74.4

My newly acquired Compaq Presario 5500US has had various problems and have a list of error notifications. but I have not been able to solve its random crashes, of which the latest ones are not listed in the event viewer.

Is this a tell tale symptom of the reason for the problem.

Latest

1. Generic Host Process for Win32 Services has encountered a problem and need to close.

Previous
Error Signature BCCode

Could use your help.

Jove

A:Crash Not In Event Viewer

Hiya,

When you say newly acquired, how newly ? Take it back if it's that new, let the manufacturer sort it out.

Just a thought.

Regards,

Tony

Read other 42 answers
RELEVANCY SCORE 74.4

How to do following in Windows 7  :

1] Turn off User account control
2] Obtain Windows event viewer logs in Windows7

Read other answers
RELEVANCY SCORE 74.4

Hi all, and thanks in advance.
 
I have a new Windows 8.1 Dell laptop (one week old).  Windows is fully updated, as is Firefox (with NoScript and Web of Trust), Avast! free, and Malwarebytes.  I have not used Windows 8 before so I am not sure what is normal.  The computer runs fine, but I need to use my computer for sensitive financial information on occasion, so I need to be sure.
 
One odd event yesterday had me digging in the event viewer.  I found 2 types of events that unsettled me.
 
1)  I was playing a game when the screen flashed black, twice.  I have only integrated graphics, but this is not a graphically intensive game (Dungeon Crawl, if you know it). I checked my graphics drivers and they are up to date.  A look at the event viewer revealed three items in the security log: a blank password query followed by a logon and then a special logon.
 
I have copied and pasted them, separated by "---".  There was a lot of code after each event that I haven't posted to save space; also, I've "XXXXX"ed out the name of the computer and the account.
 
 
Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          8/10/2014 1:14:13 PM
Event ID:      4797
Task Category: User Account Management
Level:         Informat... Read more

A:Odd Entries in Security Logs of Event Viewer - Infection or Windows 8 Oddity?

See the post here http://social.technet.microsoft.com/Forums/windows/en-US/e6db8fba-c2c8-47be-a992-96e383e34693/windows-8-event-id-4797-in-security-logThe last post states its not malware.You may want to ask in Win8 if they have more info.

Read other 7 answers
RELEVANCY SCORE 72

Hello all,

So I'm still chasing down why explorer keeps crashing, it's quite annoying. But I guess in doing so I messed with some setting (or maybe I didn't and this happened) and now my event viewer wont run, I even tried running it through cmd with the following commands: eventvwr.msc /s and just eventvwr.msc

I just tried to run event viewer to chase down my explorer crash, then that wont even run, I have no idea what the heck is going on... There's no "cause" except explorer usually crashes when I right click, or when I'm in my desktop folder. Those are the two main things. As far as the eventviewer, I'm clueless. If need be, I can do system restore, but more than likely that's an extreme measure for such a small issue. Its more an annoyance than anything else, it doesnt really bother me lol.

Could it be AVG's context menu?

All I know is that this is really getting annoying, but anyway, if you guys have any suggestions that would be great. Do I need to post any screenshots of anything??? I can post them if needed.

BTW I'm running Vista x64 SP2 on a HP dv4 lappy, the only taskbar items running are AVG, my pointer, and sound...

Thanks for the help guys

A:Event Viewer wont load / Explorer crash

Are either of these two running as a process?
Does event viewer give you an error or just nothing?
Any major changes recently?
What if you restored to yesterday?

Read other 11 answers
RELEVANCY SCORE 72

I built this system about three months ago, and until recently, it worked great. A couple weeks ago, however, it started crashing on a roughly daily basis. There seems to be some connection to load, in that it didn't crash yesterday when I was just typing and doing research. That said, the circumstances under which it does crash aren't very burdensome, since merely streaming a video is enough to put it at risk (it does not reliably crash under any circumstance). When it does crash, both of my monitors go monochrome and my speakers start emitting that electronic crashing noise, like what you get when you bluescreen. As far as I can tell, this will go on indefinitely until I manually turn off the computer. The Event Viewer shows no critical errors except for when I turn off the power.

Someone on another forum suggested that my RAM timings might be wrong. I checked, and in doing so discovered that my motherboard wasn't detecting one RAM module (the timings were correct). I assumed that I had faulty modules and bought some new RAM of a different brand to replace it, which didn't fix the problem. The RAM timings should be correct, as I loaded an XMP profile. At this point, I'm at a loss and would really appreciate any help.

Specs:
Motherboard: MSI Z170A XPOWER GAMING TITANIUM EDITION
Processor: Intel Core i7-6700k
CPU cooling: Corsair Hydro Series H60
Graphics card: EVGA GeForce 980ti
SSD: Samsung SSD 850 Evo, 500GB
HDD: 2x Western Digital Black 2TB SATA... Read more

Read other answers
RELEVANCY SCORE 71.2

so..I'm at a loss as to how to explain this one.

heres the log from event viewer:

Log Name: Application
Source: Application Error
Date: 6/2/2014 1:20:44 AM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: Raider
Description:
Faulting application name: Explorer.EXE, version: 6.2.9200.16384, time stamp: 0x50107dbc
Faulting module name: Windows.Media.Streaming.dll, version: 12.0.9200.16384, time stamp: 0x50108a87
Exception code: 0xc0000005
Fault offset: 0x000000000004c899
Faulting process id: 0x1110
Faulting application start time: 0x01cf7dbd20f8ffc0
Faulting application path: C:\Windows\Explorer.EXE
Faulting module path: C:\Windows\System32\Windows.Media.Streaming.dll
Report Id: a4d7c8f0-ea15-11e3-be87-a41731cfe2e0
Faulting package full name:
Faulting package-relative application ID:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-06-02T05:20:44.000000000Z" />
<EventRecordID>1918</EventRecordID>
<Channel>Application</Channel>
<Computer>Raider</Computer>
<Security />
</Sy... Read more

A:screen flashed green, event viewer says explorer crash

Hi xraiderv ^_^ ,

This is a thread related to BSOD Debugging, so you would be getting better help in the General Support section but I can try to help you out.

Visit this link :- Windows 8 DLL File Information - Windows.Media.Streaming.dll

It will give you the list of components required for this DLL to work properly. Please follow this guide to verify the Windows Files and see if the problem gets sorted or not :-

How To Use SFC Scannow to Repair Windows System Files

Read other 2 answers
RELEVANCY SCORE 70

1. Every time I boot up the computer, the following error is generated in Event Viewer:
Source: DistributedCom, Event ID: 10010 

The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

This key pertains to appID WinInetBrokerServer (CLSID WinInetBroker). I tried adding permissions to the key(s) but that didn't solve the problem. In the permissions for the key, the first user name listed is named Account Unknown (S-1-15-2-1).
I think maybe that may have something to do with it. I deleted the 6 registry keys associated with this key and everything worked but I was locked out of Windows XP Mode (Windows Virtual PC). I was wondering if anyone had any suggestions to fix this error?


2. ALSO, exactly once a day I receive the following warning in Event Viewer:
Source: DNS Client Events, Event ID: 1014 

Name resolution for the name imrk.net timed out after none of the configured DNS servers responded.


It would seem that there is an application on my computer that is trying to connect to this site for whatever reason. I have read about ties between this domain and hacking. Someone suggested to enable boot logging in Process Monitor to try to pinpoint the
app but there's so much going on in Process Monitor I'm not really sure where to look. All of the apps that run on a daily basis (including the ones that are set to run at startup) seem relatively safe to me. I've run the gamut of a... Read more

Read other answers
RELEVANCY SCORE 64.4

Hello
I am new to Microsoft Message Analyzer and just downloaded version 1.4 and installed on my Windows 10 laptop
I saved my Windows System Event log as an .evtx file to have some data to start looking at. I note the column entitled 'summary' appears to show the body of the event message. However I see many rows which state "unable to retrieve the event description"
in this column, what do I need to do to fix this issues please? could it of been the way that I saved the .evtx file in the first instance (I accepted the defaults) or do I need to install some additional files/components so the messages are displayed
correctly?

Thanks all
Ernest

Read other answers
RELEVANCY SCORE 62.4

Thanks for any help.

Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 5603
Date: 28/11/2006
Time: 17:57:33
User: USER-2F62D3344E\user
Computer: USER-2F62D3344E
Description:
A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

A:What's this event in event viewer? (event source WinMgmt)

http://support.microsoft.com/default...b;en-us;891642
this might help

Read other 1 answers
RELEVANCY SCORE 61.6

I saw one of the coolest photo viewer/slideshows, but can't remember the name. Don't know if my description makes any sense, but I'll try. Anyone remember those cool billboards that used hundreds of photos to form a main picture? For example: far away you'll see a portrait, but when you get close you see it's made up of hundreds of other photos. Well, there's a picture slide show like this. You see hundreds of your photos stacked and they turn into one of them. Then it whooshed away and does it again. (Am I making any sense here?) When I saw it, I thought it was the coolest thing ever, but forgot the name of the program.

Any ideas?....

Thanks.
 

A:Want to find coolest picture viewer/slideshow...(here is description)

I don't know about viewer/slideshow but I have used AndreaMosaic to build such an image in the past. A subsequent slideshow with the proper transition might look similar or maybe you can find something based on searching for similar software.
 

Read other 2 answers
RELEVANCY SCORE 61.2

Hi all,

i tried loading the eventvwr.msc file from system32 folder directly as well as from the administrator tools, but i get:

"event log service is unavailable. verify that the service is running."

so i try to start the event log service, from the services.msc program;
whenever i try to start windows event log from services i get the message:

"Windows could not start the windows event log service on local computer.
Error 3: The system cannot find the path specified."

how can i specify the path?
or
how can i resolve the problem?

any help would be appreciated please---thanks

A:HELP need to solve this problem asap - Unable to start event viewer/event log service

Fire up regedit and find this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog

With "Eventlog" highlighted on the left pane, you should be able to see a value called "ImagePath" on the right. ImagePath should be equal to this:

%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted

If you can't see "ImagePath" in that location, or if it's not set to the text above, that's almost certainly your problem. If you're in the habit of using "registry cleaners", that might be the cause.

Read other 3 answers
RELEVANCY SCORE 61.2

Hi,
keep getting the errors above every startup regarding;
11 - "Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications."
7000 - "The Crypkey License service failed to start due to the following error:
The system cannot find the file specified."
7026 - "The following boot-start or system-start driver(s) failed to load:
NetworkX"
1530 - "Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1925592742-456944920-4000667399-1009_Classes:
Process 720 (\Device\HarddiskVolume5\Program Files\Microsoft Security Client\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1009_CLASSES"
3036 - "The content source <csc://{S-1-5-21-1925592742-456944920-4000667399-1005}/> cannot be accessed.
Context: Application, SystemIndex Catalog
Details:
(HRESULT : 0x80004005) (0x80004005)"
I have 3 admin user profiles.
Each time I login, the loading happens and then I notice my side mouse button of Microsoft Comfort Optical 3000 doesnt operate as customised in Intellipoint 7.00. It takes a long time before it does respond.
If I try to launch event viewer or mouse customisation softwares, they freeze temporarily and ... Read more

A:Windows 7: Event errors (11, 7000, 7026), intellipoint and event viewer freeze.

Please download MiniToolBox  , save it to your desktop and run it.
 Checkmark the following checkboxes:  List last 10 Event Viewer log  List Installed Programs  List Users, Partitions and Memory size.
 Click Go and paste the content into your next post.
 Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post. 
Louis

Read other 7 answers
RELEVANCY SCORE 61.2

Hi,

keep getting the errors above every startup regarding;

11 - "Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications."
7000 - "The Crypkey License service failed to start due to the following error:
The system cannot find the file specified."
7026 - "The following boot-start or system-start driver(s) failed to load:
NetworkX"
1530 - "Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1925592742-456944920-4000667399-1009_Classes:
Process 720 (\Device\HarddiskVolume5\Program Files\Microsoft Security Client\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1009_CLASSES"
3036 - "The content source <csc://{S-1-5-21-1925592742-456944920-4000667399-1005}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
(HRESULT : 0x80004005) (0x80004005)"

I have 3 admin user profiles.

Each time I login, the loading happens and then I notice my side mouse button of Microsoft Comfort Optical 3000 doesnt operate as customised in Intellipoint 7.00. It takes a long time before it does respond.
If I try to launch ... Read more

Read other answers
RELEVANCY SCORE 61.2

Hi,

I was hoping somebody could offer an insight on the below, as searching around I've not found much to go on other than "overheating"

Basically my laptop has been having very high temperatures for a long time (usually ~60C for CPU and often 100-110 for GPU...insanely high, in other words) For example, see how hot the machine gets just by resuming from a sleep (this is all within a minute or so):



I have been seeing the following error in event viewer each time I start Windows (4 entries) for some time:



So today I bit the bullet and had the back cover off the laptop and noticed what a bad state the thermal compound was in, for both the CPU and the chipset chip, so wiped it off using TIM Cleaner, and then applied new thermal compound and put the laptop back together. I was actually shocked because for the first time since I can remember, I could feel cold air blowing from the vents of my laptop! I logged into Windows and noticed that my temperatures had fallen and were staying at around the below:



Not as low as I'd like but a massive improvement. Trouble is, I am still getting the WHEA-Logger event errors in Windows Event Viewer ('processor core') and wondered if this was not in regards to overheating after all?

The plus side is my laptop is now almost totally silent - the way it must have been when I bought it new 3 years ago! But I was wondering how to investigate these WHEA-Logger errors, if anyone has any advice that'd be great.

... Read more

A:WHEA-Logger event 18/19 errors in Event Viewer (W7 Home Premium)

First, well done on applying the thermal paste to the cpu/gpu. I assume you cleaned the vents as well. Did you use arctic silver 5 (just curious)?

I wonder if the processor could have been damaged from the heat. Are you experiencing any BSODs or other problems? You can run Prime95 to test your system. And Furmark for gpu.

Read other 2 answers
RELEVANCY SCORE 61.2

Hi,

keep getting the errors above every startup regarding;

11 - "Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications."
7000 - "The Crypkey License service failed to start due to the following error:
The system cannot find the file specified."
7026 - "The following boot-start or system-start driver(s) failed to load:
NetworkX"
1530 - "Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1925592742-456944920-4000667399-1009_Classes:
Process 720 (\Device\HarddiskVolume5\Program Files\Microsoft Security Client\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1009_CLASSES"
3036 - "The content source <csc://{S-1-5-21-1925592742-456944920-4000667399-1005}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
(HRESULT : 0x80004005) (0x80004005)"

I have 3 admin user profiles.

Each time I login, the loading happens and then I notice my side mouse button of Microsoft Comfort Optical 3000 doesnt operate as customised in Intellipoint 7.00. It takes a long time before it does respond.
If I try to launch ... Read more

A:Event errors (11, 7000, 7026), intellipoint and event viewer freeze.

Hiya and welcome to SevenForums!
Please contact an admin to move this thread, because this isn't the appropriate section for these kinds of problems.

Read other 4 answers
RELEVANCY SCORE 61.2

when I run reboot stress test at Intel platform with win10 Desktop RS1 version, after some cylces test, XHCI controller show yellow bang. Event viewer showed that event id is 14.  I want to know the indication of
StartDeviceFailReason equals 3. I cannot find more info about this failure from website.Thanks a lot!









-

Provider











[
Name]
Microsoft-Windows-USB-USBXHCI










[
Guid]
{30E1D284-5D88-459C-83FD-6345B39B19EC}




















EventID
14



















Version
0



















Level
2



















Task
0



















Opcode
0



















Keywords
0x8000400000000000

















-

TimeCreated











[
SystemTime]
2016-11-25T19:48:29.908393500Z




















EventRecordID
7099


















Correlation

















-

Execution











[
ProcessID]
4










[
ThreadID]
232




















Channel
System



















Computer
LAPTOP-QQEHB4HS

















-

Security











[
UserID]
S-1-5-18












-

EventData










fid_UcxController
0x187f9ddd64a8







... Read more

Read other answers
RELEVANCY SCORE 60.8

Well, I tryed to manage page-file but unfortunataly it resulted in problems. Then I lost VAIO-CARE and 7 ZIP files too. When I open Event Viewer every single day I see this: event Id 2002, Souce: Eap Host, Log name: Application and number of Eventes: 84. As I am desparate about that, What sould I do? Reinstall VAIO-care or WHAT else? Please help me!!!!! Well, I can say that before of all, I tryed to install vopt, latest version but it was not freeware and I soon had to uninstall it but it was not getting to uninstall from programs and features and then I used register editor to delete the leftovers which desapered from program and features....but I can see several error in event viewr such as Event 11706, MsInstaller >>>> Product Vaio Media Plus -- Error 1706 - An instalation for the product Vaio Media Plus cannot be found. Try the installation again using a valid copy of the instalation package 'VMP VEPMMx64.msi'. So should I reinstall all vaio care or not................!!! By the way I tryed to install vopt in order to align files in hard drive but when I tryed to manage page file it did not work as should have so I lost vaio care..........................................What to do? can you figure out what going on.................!!!

A:Event Viewer Event Id 2002, Source: EapHost, Log Application

Welcome to the forums Marioo!

Have you tried a system restore to a point before these errors started? (Easiest things first) You could also try a sfc/scannow, to find and possibly repair any corrupted system files. We have many fine tutorials here at the forums, written by some very knowledgeable people, heres a link to one if you haven't did this before :

SFC /SCANNOW Command - System File Checker

Read other 5 answers
RELEVANCY SCORE 60.8

EDIT: ARGH, sorry, meant to post this in General Discussion forum, I have no idea if it is a network issue.

Hello everyone,

I keep seeing this error appear several times a day, even during idle, in my Event Viewer. I did a clean install of build 10586 less than a month ago. I'm not having any overt issues yet, but the error is disturbing.

SettingSyncHost (9144) {979B90BD-0F81-4D83-B038-62032DD17C47}: Database C:\Users\xxxxx\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb: Index deleteDetection of table items is corrupted (0).
I have spent a few hours researching this and I can't find any reports of similar issues or even what the file metastore\meta.edb is for. Is this hopefully one I can just rename and it'll automatically create a new one?

Read other answers
RELEVANCY SCORE 60.8

Hi all,

i tried loading the eventvwr.msc file from system32 folder directly as well as from the administrator tools, but i get:

"event log service is unavailable. verify that the service is running."

so i try to start the event log service, from the services.msc program;
whenever i try to start windows event log from services i get the message:

"Windows could not start the windows event log service on local computer.
Error 3: The system cannot find the path specified."

how can i specify the path?
or
how can i resolve the problem?

any help would be appreciated please---thanks

A:Unable to start event viewer/event log service on vista

By the way the OS is a Vista Home Prem without SP1. and i have searched this problem extensively, finding no solutions.

If anyone has any advice it would be greatly appreciated.

Read other 19 answers
RELEVANCY SCORE 60.8

I have consistently recieved this error "Event 137 Kernel-Power" message in Event Viewer when I place my X1E into sleep via the Fn-4 key method: "The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance." I don't notice anything in performance or other adversity but thought the Lenovo firmware engineers should be aware of this event. I am running UEFI Firmware 1.17 and Windows 10 Version 1809.

Read other answers
RELEVANCY SCORE 60.8

It's been a while since I've experienced a BSOD as I'm viewing a video on youtube. It would freeze as if the audio was caught in mid-stream then BSOD, then would restart automatically. I go to Event Viewer after windows as loaded and I see Event 41 Kernel-Power in there.

I had this issue before and we found out that the motherboard was causing the issue. I have also replaced my video card and added additional memory and expanded to 16gb. Before, I only have 8gb.

Ran sfc/scannow with no errors found. Going to do chkdsk as well.

It's strange because this does not happen at all when I'm playing online games or even just standard browsing. It's when I play videos on youtube that there would be instances where this would happen. There are other times where I can view them without any issue at all.

Any ideas would be great.

Also, how can I attach the windows DMP file to scale it down as it is just really large?

Thanks again guys.

A:BSOD when watching videos on youtube, Event 41 in Event Viewer

Hello Santos, and welcome to Seven Forums.

Please read the instructions here: Blue Screen of Death (BSOD) Posting Instructions, and post back with the needed information. One of our BSOD experts should be by later when able to further help.

Read other 9 answers
RELEVANCY SCORE 60.8

System event not recording anything. It is empty, says "date is invalid(13)".

I have some flaky things going on like unexplained CPU spikes causing slowdowns and mouse drag. Also have video problems screen going blank then recovery.

I have reloaded video drivers to no avail. No system lockups or BSODs. I need to see system event log to debug. Other event logs OK. I am proficient on PC and have searched for event log problem. The Event Log service is running. Thanks.

hp pavilion dv9000
OS Name Microsoft® Windows Vista™ Home Premium
Version 6.0.6001 Service Pack 1 Build 6001
Processor Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz, 1801 Mhz, 2 Core(s), 2 Logical Processor(s)
BIOS Version/Date Hewlett-Packard F.23, 10/3/2007
SMBIOS Version 2.4
Installed Physical Memory (RAM) 2.00 GB
Adapter Type GeForce 8400M GS, NVIDIA compatible
Adapter Description NVIDIA GeForce 8400M GS
Adapter RAM 128.00 MB (134,217,728 bytes)
 

A:Solved: Vista, Event Viewer - system event log not recording

Did you check the - %SystemRoot%\System32\Winevt\Logs\System.evtx file? It may be corrupted and you may want to rename it to .old and let it recreate itself.
 

Read other 2 answers