Windows 7 How to Analyze Administrative Events?

Dave McKeen

Senior Member
Joined
Dec 5, 2009
Hello! I was about to post a thread asking for input on something unusual in my Win7 Home Premium 64-bit setup when i came upon the Stickies here and started reading them. It looks like I need help with some basic stuff first! It looks like this:

AdministrativeEvents100709.jpg

OK, it's bigger than that. Looks like I have to learn how to use the forum first. Sorry. This is a JPG screen capture of about 96k. I tried the basic uploader and the "Add An Image" dialog. I know it can be done. I saw the lovely blue Chevy Nova SS in Sticky: How to identify the cause of YOUR problem. I didn't find a basic "How to Use This Forum." (Rummaging for old asbestos suit just in case...) Here it is by URL:

AdministrativeEvents100709.jpg


This PC isn't very old. I built it last May. The specs are below my signature here.

Where to start? Would the logs help? (They are in XTML.) Do I need to run some diagnostics? Cleanup tools? Work the errors and warnings one at a time?

Thanks, - Dave

ASUS P7P55 Deluxe
PC Power & Cooling Silencer 750 Quad 750W, single 60A 12V rail
Intel Core i7 860
Corsair CMX8GX3M4A1600C9 (4 stiicks x 2GB)
ZOTAC ZT-98GES3M-FSL GeForce 9800 GT 512MB 256-bit GDDR3 PCI Express 2.0 x16
Drive0 (OS) OCZ SSD Vertex 2 OCZSSD2-2VTX50G 50GB
Drive1 HITACHI UltraStar A7K2000 0F10452 2TB 7200 RPM 32MB Cache SATA 3.0Gb/s
Drive2 (Apps, pagefile, misc.) OCZ SSD Vertex 2 OCZSSD2-2VTX50G 50GB
1394 board Rosewill RC-502 NEC 3+1 1394a PCI
1394b board Koutech 4-port 1394a/b PCIe x1
DVD Drive Plextor PLX-850A-19 IDE S/N 310907400763
CF Reader FireWire Sandisk Extreme Pro ExpressCard Adapter
CF Card Sandisk Extreme IV 4GB 45MB/s UDMA
Monitor NEC LCD2190 UXi LCD 'twist' tech.
Microsoft Windows 7 Home Premium 64 bit
 
I like to look at the listing of Errors and Warnings, etc. 9(Event Viewer (local)) have occurred and when they occurred. If you can tie a specific event to a specific action, you might be able to see what is causing it. For instance, if in your example you had just booted up, you might expect some type of communication problem. Keep in mind, some errors may be the result of other errors. And there was, at one time, an error that Microsoft said not to worry about. Sorry I can't remember which one it was.

The first error mentions Zonelabs and DNS servers. Were you trying to access the Zone Alarm site at that time? Do you have your DNS servers set up correctly.

What were you doing at 8:49 and 12:43 that might have caused a Wininit warning, possibly booting or restarting the system?

After you check an item you may have the opportunity to send the info to Microsoft for evaluation. I have not had much luck with this, but once in a while you may get a good response.
 
Hello Saltgrass,

Tyeing events to my actions is something I'll be paying more attention to. I wasn't trying to access the Zone Alarm site. My router is set up as my DNS server. I haven't been aware pf problems. I thought this was something that happened (or didn't happen) out in the "cloud". I don't know what I was doing at 8:49 and 12:43 that might have caused a Wininit warning.

I will aim to tackle the events one at a time. I'll start a separate thread on my original question that started all this.

- Dave
 
ZoneAlarm automatically contacts the company servers for a few reasons. It could be that you opted in to a certain initiative the have. It could be because you blocked something within it from accessing the pc, which triggers a dns request sent to ZA servers. This is commonly setup under the Zones section, under Firewall. Or it could be to update the antivirus definitions. The blocking suggestion is most likely.

I've watched all this specifically happen using Wireshark. At the time, it was called Ethereal...basically it's a packet sniffer.
 
Hello TorrentG,

Thanks for that. I've determined that my PC is totally hosed. I can't even do a system restore. I'm reinstalling the OS. I guess there is no such thing as a Restore Install. :( The installation isn't happy. It's on a 50GB SSD and it's going to be a tight fit, what with Windows Old and such. I didn't see an option to format the drive first. <sigh>

- Dave
 
Yeah, i meant to say Repair Install. Actually I was on the right path, but when I clicked on Update I got a message of not enough space on the herd drive to proceed. SDDs. Oh well, now I't having fun deleting Windows Old. "Take Ownership", anybody? (Should have removed the SSD and formatted it.)

- Dave
 
Yeah, i meant to say Repair Install. Actually I was on the right path, but when I clicked on Update I got a message of not enough space on the herd drive to proceed. SDDs. Oh well, now I't having fun deleting Windows Old. "Take Ownership", anybody? (Should have removed the SSD and formatted it.)

- Dave

Follow this Tutorial on how to delete Windows.old Windows.old Folder - Delete - Windows 7 Forums

Good Luck,
Captain
 
Thanks for the lead to the tutorial! I actually got Windows.old down to about 2GB. I'll take your tip and finish cleaning it up. First I've gotta "learn" this PC because I'll be pressing it into service tomorrow.

Thanks,
- Dave
 
To be honest, most of the Admin events that will be displayed, aren't going to be stopped by a reinstall/repair.

They're problems out of our control, for example: Your first selected one stated that a web server didn't respond.

Nothing to worry about, unless you start getting BSOD's :)
In which case, Captain Jack will jump right on the case :)
 
Back
Top Bottom