O'Reilly logo

Windows Vista Security: Praxisorientierte Sicherheit für Profis by Marcus Nasarek

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Detecting and Resolving Computer Problems
|
733
Improves the overall system performance and responsiveness by using memory
more efficiently. Windows Vista provides ordered execution for groups of
threads, and provides new process scheduling mechanisms. By optimizing mem-
ory and process usage, Windows Vista ensures that background processes have
less impact on system performance.
Provides improved guidance on the causes of unresponsive conditions. Win-
dows Vista makes it easier to identify and resolve problems by including addi-
tional error reporting details in the event logs.
Attempts to resolve the issue of unresponsive applications by using Restart Man-
ager. Restart Manager can shut down and restart unresponsive applications
automatically. This means you might not have to intervene to try to resolve
issues with frozen applications.
Windows Vista also tracks failed installation and nonresponsive conditions of appli-
cations and drivers through the Problem Reports and Solutions console. Should an
installation fail or an application become nonresponsive, the built-in diagnostics dis-
plays a Check for Solutions balloon message. If you click the balloon, Windows Vista
opens the Problem Reports and Solutions console, which enables you to check the
Internet for solutions to selected problems. You can view a list of current problems at
any time by following these steps:
1. Click Start and then click Control Panel.
2. In the Control Panel, click System and Maintenance and then click Problem
Reports and Solutions.
3. In the Problem Reports and Solutions console, click “See problems to check” in
the left pane to display a list of known problems.
4. Select the checkbox for a problem and then click “Check for solutions” to search
the Microsoft web site for possible solutions.
Tracking Errors in the Event Logs
Windows Vista stores errors generated by processes, services, applications, and hard-
ware devices in logfiles. Two general types of logfiles are used:
Windows logs
Logs that the operating system uses to record general system events related to
applications, security, setup, and system components
Applications and services logs
Logs that specific applications or services use to record application-specific or
service-specific events
You can access event logs using the Event Viewer node in Computer Management.
To open Computer Management, click Start. Then select All Programs
Adminis-
trative Tools
Computer Management. If the Administrative Tools menu isn’t
734
|
Chapter 21: Getting Help and Handling Advanced Support Issues
accessible, you can access this tool by clicking Start and then selecting Control Panel.
In the Control Panel, click System and Maintenance
Administrative Tools Com-
puter Management.
You can access the event logs by completing the following steps:
1. Open Computer Management. You are connected to the local computer by
default. If you want to view logs on a remote computer, right-click the Com-
puter Management entry in the console tree (left pane) and then select Connect
to Another Computer. Then, in the Select Computer dialog box, enter the name
of the computer that you want to access and click OK.
2. Expand the Event Viewer node and then expand the Windows Logs node, the
Applications and Services Logs node, or both to view the available logs.
3. Select the log that you want to view.
As shown in Figure 21-1, Windows Vista records entries in logfiles according to the
activity date, time, and warning level. The various warning levels you’ll see are as
follows:
Information
An informational event, which is generally related to a successful action
Audit Success
An event related to the successful execution of an action
Audit Failure
An event related to the failed execution of an action
Warning
A warning about a component, service, or application that can be useful in
resolving current problems or preventing future problems
Error
An error that you should examine, such as the failure of a service to start
In addition to the date, time, and warning level, the summary and detailed event
entries provide the following information:
Source
The application, service, or component that logged the event
Event ID
An identifier for the specific event
Task Category
The category of the event, which is sometimes used to further describe the
related action
User
The user account or system process that was logged on when the event occurred
or that caused the event to occur

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required