Ok, the Event Viewer is functional. But nothing new is being added
to the app log or the sec log. I activated and deactivated some
programs (including OE), deleted and restored some files. Emptied
the Recycle Bin. No additions. Also went through the services and
turned on anything with the word "log." In desperation I looked in
help.
Here's what I learned:
"The application log contains events logged by applications or
programs."
: Basically the application has to want to log the events.
"The security log records events such as valid and invalid logon
attempts, as well as events related to resource use such as
creating, opening, or deleting files or other objects."
: This looks like the place to see what's up with the Recycle
Bin.
"The system log contains events logged by Windows XP system
components."
I'm headed for Google to see if there is a log program that will
record and annotate every file i-o action.
rs
It just goes to show ya, it's always something.
--
Hope this helps. Let us know.
Wes
In TCEBob <
[email protected]> hunted and pecked:
Thank you. It was disabled.
rs
From:
http://www.kellys-korner-xp.com/xp_abc.htm
Click the "E"
Scroll down to: Event Log
Event Log
[[One of the administrative tools in Microsoft Management
Console, Event Viewer maintains logs about program, security,
and system events on your computer. You can use Event Viewer to
view and manage the event logs, gather information about
hardware and software problems, and monitor Windows security
events.
If Event Viewer reports on startup that one or more of your log
files is corrupt, you can remedy the situation as follows:
Disable the Event Log service. Restart Windows XP. Delete the
corrupt log(s)—Appevent.evt, Secevent.evt, and/or
Sysevent.evt—from %SystemRoot%\System32\Config (or wherever they
may be).
Your existing event data will be lost, but a new log file will be
created when the service is restarted, and that log will start to
accumulate new events. Re-enable the Event Log service, and start
the service. If the Event Log service doesn’t restart
successfully, then restart Windows XP. You cannot delete or
rename the log files while the Event Log service is running.]]
--
Hope this helps. Let us know.
Wes
In TCEBob <
[email protected]> hunted and pecked:
Thank you, Wesley.
1) Scheduled Tasks is empty.
2) There are bytes in the Application, Security and System but
they cannot be read. Error comment: "Unable to complete the
operation of "Application". The interface is unknown." I groped
around in \windows\system32\config and found AppEvent.evt but
could not read it in english. The best I could do was view in
unicode mode. There seems to be a lot of Norton entries. I
kicked norton out several months ago so I'm thinking that the
log is not being updated. Is there a service pertaining to logs
that might not be active?
rs
1) This will open Scheduled Tasks.
Start | Run | Type: control schedtasks | OK |
Anything listed?
2) You already have a log. This will open your Event Viewer.
Start | Run | Type: eventvwr | OK |
Look at:
Application
Security
System
Look at Wednesday AM.
--
Hope this helps. Let us know.
Wes
In TCEBob <
[email protected]> hunted and pecked:
A malevolent power is emptying my recycle bin every Wednesday
morning. Ok, I know it's scheduled somewhere, but I can't find
where. Aside from XP Pro service pack 1 I have AVG anti virus,
Zone Alarm, and AdSubtract running. Windows firewall is
disabled.
1. Any educated guesses where the scheduled event is?
2. Can I set up a log of events to try and pin it down?
rs
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (
http://www.grisoft.com).
Version: 6.0.644 / Virus Database: 412 - Release Date:
3/29/2004
