Event viewer is the integrated logging system of almost all things that happen in (and on) your computer. There are literally hundreds of categories and thousand of logs. It is vital in helping those who want to know how the system works and what is going on to help fix computer issues
The biggest problem with Event Viewer is that it is really confusing There are lots of warnings, errors, and other information, and without knowing what it all means, you may think there is something wrong when there is not and the reverse is also true.
It is so confusing that scammers use it to help convince users they are infected.
If you prefer we look at your logs see the instructions for how at the bottom of this wiki. Often we will see things you do not and have software to help us analyze them
Details
To open event viewer Press the Win key + "R" and type eventvwr>enter
The below applies primarily to Win 7, win 8/8.1 & win 10 but is also applicable to vista.
Event viewer is divided into 3 panes.
The left hand pane is called the folder view and you can find all the different event logs, and the views that can be customized with events from many logs at once.
The middle pane displays a list of events, and clicking on any of them will display the details in the preview pane. You can double-click them to pull it up in a separate window This can be handy when you are looking through a big set of events and want to find all the important things before digging deeper
The right pane is a quick access pane for doing things like clearing logs, creating custom views, filtering, or even creating a scheduled task based on a particular event.
You should clear event viewer logs only when you are not having problems or after you have fixed one. They grow quite large and no-one wants to look through thousands of events. You can clear them by clicking on the log you want to clear (for example application) then clicking clear in the quick access panel. You can also right click the log>delete.
The middle pane can be sorted by date, level, source, event ID, and category depending on what you are looking for,
The date and level are the more important.
You want to know what is happening now (date) and the level (how severe).
Levels can be one of four. Information, warning, error, and critical error.
Obviously you are most concerned with error and critical errors.
To provide us with your Event Viewer administrative logs by following these steps:
Expand Custom Views
Click Administrative Events
Right click Administrative Events
Save all Events in Custom View As...
Save them to a convenient location and save as Errors.evtx
Go to where they are stored
Right click Errors.evtx -> send to -> compressed (zipped) folder
Upload the .zip file to Onedrive or a file sharing service and put a link to it in your next post
If you have updated to win 8.1 and you get the error message "the system cannot find the file specified" it is a known problem.
Only if you get the error do you need to do the below. Only do this if you are comfortable editing the registry
Navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels.
Delete "Microsoft-Windows-DxpTaskRingtone/Analytic"
No comments:
Post a Comment