How JustAnswer Works:

  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.

Ask Claws224 Your Own Question

Claws224
Claws224, IEEE Network Engineer, Microsoft
Category: Computer
Satisfied Customers: 5182
Experience:  approx 20 years of experience from software to hardware design
5195814
Type Your Computer Question Here...
Claws224 is online now
A new question is answered every 9 seconds

Loaded Event Viewer Errors...How can I fix them quickly

Customer Question

I'm Running Vista 32bit. In my event viewer I have a bunch of critical errors and warnings. Along with a lot of things and programs not functioning right. ie: my printer on our home network won't print. I ran several virus/spyware checks. Cleared all of them so it seems. I also used CCleaner and cleared a registry errors. What else can I do?
Submitted: 7 years ago.
Category: Computer
Expert:  Claws224 replied 7 years ago.

Hi,

 

Can you give us an example of the errors you are receiving?

 

Thanks

Customer: replied 7 years ago.
In just the last 24 hrs:

Log Name: Microsoft-Windows-Diagnostics-Performance/Operational
Source: Microsoft-Windows-Diagnostics-Performance
Date: 1/26/2009 7:44:07 PM
Event ID: 100
Task Category: Boot Performance Monitoring
Level: Critical
Keywords: Event Log
User: LOCAL SERVICE
Computer: DTS_Business
Description:
Windows has started up:
Boot Duration : 130947ms
IsDegradation : true
Incident Time (UTC) : 1/27/2009 12:35:14 AM
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Diagnostics-Performance" Guid="{cfc18ec0-96b1-4eba-961b-622caee05b0a}" />
<EventID>100</EventID>
<Version>1</Version>
<Level>1</Level>
<Task>4002</Task>
<Opcode>34</Opcode>
<Keywords>0x8000000000010000</Keywords>
<TimeCreated SystemTime="2009-01-27T00:44:07.455Z" />
<EventRecordID>551</EventRecordID>
<Correlation ActivityID="{00000000-9B8C-0001-CD68-D81E1780C901}" />
<Execution ProcessID="1756" ThreadID="840" />
<Channel>Microsoft-Windows-Diagnostics-Performance/Operational</Channel>
<Computer>DTS_Business</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="BootTsVersion">2</Data>
<Data Name="BootStartTime">2009-01-27T00:35:14.687Z</Data>
<Data Name="BootEndTime">2009-01-27T00:43:55.273Z</Data>
<Data Name="SystemBootInstance">79</Data>
<Data Name="UserBootInstance">68</Data>
<Data Name="BootTime">130947</Data>
<Data Name="MainPathBootTime">42522</Data>
<Data Name="BootKernelInitTime">24</Data>
<Data Name="BootDriverInitTime">2818</Data>
<Data Name="BootDevicesInitTime">18993</Data>
<Data Name="BootPrefetchInitTime">38081</Data>
<Data Name="BootPrefetchBytes">448122880</Data>
<Data Name="BootAutoChkTime">0</Data>
<Data Name="BootSmssInitTime">12155</Data>
<Data Name="BootCriticalServicesInitTime">543</Data>
<Data Name="BootUserProfileProcessingTime">990</Data>
<Data Name="BootMachineProfileProcessingTime">2</Data>
<Data Name="BootExplorerInitTime">3529</Data>
<Data Name="BootNumStartupApps">6</Data>
<Data Name="BootPostBootTime">88425</Data>
<Data Name="BootIsRebootAfterInstall">false</Data>
<Data Name="BootRootCauseStepImprovementBits">0</Data>
<Data Name="BootRootCauseGradualImprovementBits">0</Data>
<Data Name="BootRootCauseStepDegradationBits">9437184</Data>
<Data Name="BootRootCauseGradualDegradationBits">9437184</Data>
<Data Name="BootIsDegradation">true</Data>
<Data Name="BootIsStepDegradation">true</Data>
<Data Name="BootIsGradualDegradation">true</Data>
<Data Name="BootImprovementDelta">0</Data>
<Data Name="BootDegradationDelta">81250</Data>
<Data Name="BootIsRootCauseIdentified">true</Data>
</EventData>
</Event>

Log Name: Microsoft-Windows-Diagnostics-Performance/Operational
Source: Microsoft-Windows-Diagnostics-Performance
Date: 1/26/2009 11:37:18 PM
Event ID: 400
Task Category: System Performance Monitoring
Level: Critical
Keywords: Event Log
User: LOCAL SERVICE
Computer: DTS_Business
Description:
Information about the system performance monitoring event:
Scenario : System Responsiveness
Analysis result : Analysis could not be performed in time. There is a possible serious performance issue
Incident Time (UTC) : 1/27/2009 4:36:47 AM
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Diagnostics-Performance" Guid="{cfc18ec0-96b1-4eba-961b-622caee05b0a}" />
<EventID>400</EventID>
<Version>1</Version>
<Level>1</Level>
<Task>4005</Task>
<Opcode>37</Opcode>
<Keywords>0x8000000000010000</Keywords>
<TimeCreated SystemTime="2009-01-27T04:37:18.760Z" />
<EventRecordID>554</EventRecordID>
<Correlation ActivityID="{00000000-9B8C-0001-CE68-D81E1780C901}" />
<Execution ProcessID="1756" ThreadID="5640" />
<Channel>Microsoft-Windows-Diagnostics-Performance/Operational</Channel>
<Computer>DTS_Business</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="ShellScenarioStartTime">2009-01-27T04:36:47.351Z</Data>
<Data Name="ShellScenarioEndTime">2009-01-27T04:36:52.351Z</Data>
<Data Name="ShellSubScenario">1</Data>
<Data Name="ShellScenarioDuration">5000</Data>
<Data Name="ShellRootCauseBits">0</Data>
<Data Name="ShellAnalysisResult">2</Data>
<Data Name="ShellDegradationType">1</Data>
<Data Name="ShellTsVersion">1</Data>
<Data Name="ShellMachineUpTimeHours">0</Data>
<Data Name="ShellMachineSleepPattern">0</Data>
</EventData>
</Event>

Log Name: Microsoft-Windows-Diagnostics-Performance/Operational
Source: Microsoft-Windows-Diagnostics-Performance
Date: 1/27/2009 1:01:24 AM
Event ID: 300
Task Category: Standby Performance Monitoring
Level: Critical
Keywords: Event Log
User: LOCAL SERVICE
Computer: DTS_Business
Description:
Windows has resumed from standby:
Standby Duration : 80108ms
Standby Incident Time (UTC) : 1/27/2009 5:59:41 AM
Resume Duration : 878ms
Resume Incident Time (UTC) : 1/27/2009 6:05:20 AM
IsDegradation : true
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Diagnostics-Performance" Guid="{cfc18ec0-96b1-4eba-961b-622caee05b0a}" />
<EventID>300</EventID>
<Version>1</Version>
<Level>1</Level>
<Task>4003</Task>
<Opcode>36</Opcode>
<Keywords>0x8000000000010000</Keywords>
<TimeCreated SystemTime="2009-01-27T06:01:24.213Z" />
<EventRecordID>560</EventRecordID>
<Correlation ActivityID="{00000000-36C8-0000-CF68-D81E1780C901}" />
<Execution ProcessID="1756" ThreadID="4996" />
<Channel>Microsoft-Windows-Diagnostics-Performance/Operational</Channel>
<Computer>DTS_Business</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="StandbyTsVersion">1</Data>
<Data Name="StandbyAppCount">18</Data>
<Data Name="StandbyServicesCount">17</Data>
<Data Name="StandbyDevicesCount">193</Data>
<Data Name="StandbyStartTime">2009-01-27T05:59:41.358Z</Data>
<Data Name="StandbyEndTime">2009-01-27T06:01:01.466Z</Data>
<Data Name="StandbySuspendTotal">80108</Data>
<Data Name="StandbySuspendTotalChange">75858</Data>
<Data Name="StandbySuspendQueryApps">0</Data>
<Data Name="StandbySuspendQueryAppsChange">0</Data>
<Data Name="StandbySuspendQueryServices">0</Data>
<Data Name="StandbySuspendQueryServicesChange">0</Data>
<Data Name="StandbySuspendApps">2162</Data>
<Data Name="StandbySuspendAppsChange">0</Data>
<Data Name="StandbySuspendServices">556</Data>
<Data Name="StandbySuspendServicesChange">0</Data>
<Data Name="StandbySuspendShowUI">0</Data>
<Data Name="StandbySuspendShowUIChange">0</Data>
<Data Name="StandbySuspendSuperfetchPageIn">5024</Data>
<Data Name="StandbySuspendSuperfetchPageInChange">0</Data>
<Data Name="StandbySuspendWinlogon">69529</Data>
<Data Name="StandbySuspendWinlogonChange">68829</Data>
<Data Name="StandbySuspendLockPageableSections">0</Data>
<Data Name="StandbySuspendLockPageableSectionsChange">0</Data>
<Data Name="StandbySuspendPreSleepCallbacks">43</Data>
<Data Name="StandbySuspendPreSleepCallbacksChange">0</Data>
<Data Name="StandbySuspendSwapInWorkerThreads">39</Data>
<Data Name="StandbySuspendSwapInWorkerThreadsChange">0</Data>
<Data Name="StandbySuspendQueryDevices">218</Data>
<Data Name="StandbySuspendQueryDevicesChange">0</Data>
<Data Name="StandbySuspendFlushVolumes">6</Data>
<Data Name="StandbySuspendFlushVolumesChange">0</Data>
<Data Name="StandbySuspendSuspendDevices">2482</Data>
<Data Name="StandbySuspendSuspendDevicesChange">482</Data>
<Data Name="StandbySuspendHibernateWrite">0</Data>
<Data Name="StandbySuspendHibernateWriteChange">0</Data>
<Data Name="ResumeStartTime">2009-01-27T06:05:20.130Z</Data>
<Data Name="ResumeEndTime">2009-01-27T06:05:20.414Z</Data>
<Data Name="StandbyResumeTotal">878</Data>
<Data Name="StandbyResumeTotalChange">0</Data>
<Data Name="StandbyResumeHibernateRead">0</Data>
<Data Name="StandbyResumeHibernateReadChange">0</Data>
<Data Name="StandbyResumeS3BiosInitTime">594</Data>
<Data Name="StandbyResumeS3BiosInitTimeChange">94</Data>
<Data Name="StandbyResumeResumeDevices">284</Data>
<Data Name="StandbyResumeResumeDevicesChange">0</Data>
<Data Name="StandbyRootCauseDegradationGradual">139393</Data>
<Data Name="StandbyRootCauseImprovementGradual">0</Data>
<Data Name="StandbyRootCauseDegradationStep">139393</Data>
<Data Name="StandbyRootCauseImprovementStep">0</Data>
<Data Name="StandbyIsDegradation">true</Data>
<Data Name="StandbyIsTroubleshooterLaunched">true</Data>
<Data Name="StandbyIsRootCauseIdentified">true</Data>
</EventData>
</Event>


Log Name: Microsoft-Windows-Diagnostics-Performance/Operational
Source: Microsoft-Windows-Diagnostics-Performance
Date: 1/27/2009 1:01:24 AM
Event ID: 307
Task Category: Standby Performance Monitoring
Level: Critical
Keywords: Event Log
User: LOCAL SERVICE
Computer: DTS_Business
Description:
Preparing Winlogon for sleep was slower than expected:
Name : SuspendWinlogon
Total Time : 69529ms
Degradation Time : 68829ms
Incident Time (UTC) : 1/27/2009 5:59:41 AM
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Diagnostics-Performance" Guid="{cfc18ec0-96b1-4eba-961b-622caee05b0a}" />
<EventID>307</EventID>
<Version>1</Version>
<Level>1</Level>
<Task>4003</Task>
<Opcode>35</Opcode>
<Keywords>0x8000000000010000</Keywords>
<TimeCreated SystemTime="2009-01-27T06:01:24.214Z" />
<EventRecordID>572</EventRecordID>
<Correlation ActivityID="{00000000-36C8-0000-CF68-D81E1780C901}" />
<Execution ProcessID="1756" ThreadID="4996" />
<Channel>Microsoft-Windows-Diagnostics-Performance/Operational</Channel>
<Computer>DTS_Business</Computer>
<Security UserID="S-1-5-19" />
</System>
<EventData>
<Data Name="StartTime">2009-01-27T05:59:41.358Z</Data>
<Data Name="NameLength">16</Data>
<Data Name="Name">SuspendWinlogon</Data>
<Data Name="TotalTime">69529</Data>
<Data Name="DegradationTime">68829</Data>
</EventData>
</Event>
Expert:  Claws224 replied 7 years ago.

Ok,

 

Can you tell me how many partitions you have on your machine and is vista the only operating ystem you have installed?

 

Thanks

Customer: replied 7 years ago.
I have 2 partians C & D and yes Vista is the only operating system
By the way looking more into the event viewer I see these ID come up often
400, 307, 300, 200, 100 for Application log errors
Expert:  Claws224 replied 7 years ago.

Ok,

 

Do you have a full version Vista disk for your machine?

 

Thanks

Customer: replied 7 years ago.
Yes but I hope the answer is NOT to reformat and loose my settings again. I did this once too many times.
Expert:  Claws224 replied 7 years ago.

Ok,

 

What I woudl suggest first would beto use atool built into Windows calledthe System File Check, What this does is compare the files on your machine against the originals on the disk and replaces any that are damaged.

 

Can you click the Start button then from the Start Menu, Click All programs followed by Accessories and right Click on the Command Prompt option

 

From the drop down menu that appears, Click on the Run as administrator option then in the Command Prompt window, type: sfc /scannow and then press Enter

 

Then just let the scan runand reboot when finished and let me know what happens.

 

Thanks

 

Eric

Claws224 and 2 other Computer Specialists are ready to help you
Customer: replied 7 years ago.
sfc /scannow = Windows Resource Protection did not find any integrity violations
Customer: replied 7 years ago.
I mean to hit send and I hit accept? The answer didn't solve the problem I was just send you back the feed back from the SFC scan....
I still need help with this same problem as it is unresolved?
Customer: replied 7 years ago.
I never did finish getting help. I was told the expert would get back to me once they got to their computer. Well now its 5:52PM almost 4 hours later. You mean they never returned to work?
Expert:  Claws224 replied 7 years ago.

Hi,

 

Usually I work from 6pm onwards, however this morning I was following up with some other clients, However if you wish to contine I will be available all night.

 

Can you next run a chkdsk command and then defrag the drive.

 

To run chkdsk can you open the command prompt with administrative privileges by typing cmd in the search box in the Start Menu and right-click cmd.exe in the search results and then select Run as Administrator. and then from the dos prompt type chkdsk then a space followed by /r so "chkdsk /r" without the quotes and hit enter.

 

After the chkdsk has run can you reboot and then click start and type defrag, then launch and run the tool.

 

Once that is finished let me know how your logs look.

 

Thanks

Customer: replied 7 years ago.
Well, the Chkdsk took many hours to complete and it didn't point to anything or show any problems...it just restarted itself. I am running the defrag for the night. It's the built in one so may take a while.
Expert:  Claws224 replied 7 years ago.

Hi,

 

Have your error logs cleared up since the defrag?

 

Thanks

Customer: replied 7 years ago.
Since the 27th to present.

Error Event ID 25 (sbp2port) \Device\Sbp2\WD&My Book&0&0090a908_6a9bdb17_Instance00

Warning Event ID 4 Printer Al-CX11 ( this one about 4 times just before the next warning) will be deleted. No user action is required.
To stop logging warning events for the print spooler, in Control Panel, open Printers, right-click a blank area of the window, click Run as Administrator, click Server Properties, click the Advanced tab, and then clear the Log spooler warning events check box.

Warning: Event ID 51 (a bunch of these almost every minute) System Disk An error was detected on device \Device\Harddisk3\DR3 during a paging operation.




-
Expert:  Claws224 replied 7 years ago.

Ok,

 

How many drives do you have in this machine?

 

Are you using an USB drives or using a CD or DVD when this happens?

 

Thanks