Tuesday, 26 April 2016

How to Use the Event Viewer for Troubleshooting Computer System Malfunction

Sometimes unexpected actions are triggered while working with a computer system. This can result to system malfunction and arbitrary execution of commands. Whenever we fall a victim of occurrence of this nature, we may have no clue as to what caused the abnormalities. Windows provide a very useful tool known as Event Viewer that can help troubleshoot problems in our computing systems. The Event Viewer is a warehouse of information about system events that provide useful hints as to why they occur (for instance the cause of an unexpected error).
In this post I will show you how to obtain useful information about such events as unauthorized access, system failures, and the likes on a Windows 7 Personal Computer (PC) with the help of the Event Viewer.

Event Viewer
The Event Viewer is a management tool that enables you to surf and manage logs of system activities. It is a Microsoft Management Console (MMC) snap-in that allows you to track system state and ease troubleshooting process. The MMC is composed of tools that can be used for administrative purposes. Event logs found in the event viewer are categorized into 3 major sections namely; Custom Views, Windows Logs, and Applications and Services Logs.
The custom views house logs relating to administrative events - for instance errors that occur when the system is trying to update signatures for antimalware and DNS timeout warnings during name resolution.
Windows logs provide general logs of events relating to application, security, setup, system, and forwarded events - information about core window events such as task scheduling error, logon status, software installation state and system state.
Applications and Service logs record events from the following categories; hardware events, internet explorer, key management service, media center and Microsoft related issues.

How to Use the Event Viewer
The first step in using the event viewer is to locate where it is on your PC. It can be accessed in several ways. Two major ways are as follows:

  1. From the command line:  bring up the command line by pressing down the windows key in combination with the letter “R”. Type “cmd” into text box of the small window that pops up and press enter. Type mmc in the command prompt to open the MMC. Next click the file menu and then click “eventvwr.msc” option to reveal the event viewer window.
  2. Through the Control Panel: The event viewer can be accessed by pressing the windows key and then clicking on control panel. From the control panel click on administrative tool and double click the event viewer short cut in the window. Doing this brings up the event viewer.

After opening the event viewer, the next step is to check the logs relevant to the system events you are trying to troubleshoot. For example to gather information about events that occur while installing driver for an HP laser jet printer, it is required that you check application section of the windows log category. Since the events are arranged by default in descending order of date and time of occurrence, it should be easy to quickly locate the event. You can also create a shortcut on the desktop in order to make subsequent access easier.


