Skip navigation

A customer had a damaged filesystem which prevented booting up all the way and required a disk check before it could boot to the desktop normally. Unfortunately, that was only the start of the trouble. In Windows, programs (including startup programs) would reach a certain point of operation and then freeze (or hang or lock up, whichever term you prefer). The worst part is that Task Manager would not start at all, even though its icon would appear in the notification area (remember when this was called the much more amusing System Tray in Windows 95?) Upon attempting to start Event Viewer to read event logs, the Event viewer would lock up as well. Ultimately, I traced this back to a corrupt event log file.

Here’s how I fixed it:

  1. Stop the Event Log service, either through the Services console inside the Administrative Tools control panel, or by running “net stop eventlog” with elevated privileges (hit CTRL+SHIFT+ENTER instead of just ENTER)
  2. Delete all of the files in C:\Windows\system32\winevt\Logs\
  3. Start the Event Log service with “net start eventlog” or through Services.

This will delete all of the log files, causing them to be rebuilt as new empty files by the Event Log service.

Advertisements

5 Comments

  1. my laptop is showing this msg “‘Failed to connect to a windows service: Windows could not connect to the System Event Notification Service service. This problem prevents limited users from logging on to the system. As an administrator user, you can review the System Event Log for details about why the service didn’t respond.’

    and taking a long time to boot.what should i do?

    • There are a lot of possibilities for why this might be happening. The long time to boot can be anything from a failing hard drive to a malfunctioning antivirus program to a problem with Windows itself. It sounds like something is hosed with Windows. Best thing to try first is System Restore.

  2. Thanks..Will it be helpful to delete al files from C:\Windows\system32\winevt\Logs\

  3. thank you for sharing this, i have a laptop that would take more than 10mn to boot when the event log service is activated. After deleting the logs the boot process became normal. Thanks

  4. Thanks man. This helps me to bring up a Exchange server from the other side …


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: