No matter whether there is a problem with hardware or software, to correct the error, we must first find out the cause of the problem. In the aspect of error correction, Windows XP provides us with a powerful event viewer. Tools, but its readability is too poor, and the book-like record is not something that ordinary users can understand (see Figure 1).
Microsoft may have realized this for a long time, and made a drastic improvement to the event viewer in Vista, which not only greatly enhances readability, but also tracks the events that users care most about. In addition, considering that it is really a non-professional who really promotes the popularity of personal computers, Vista also has built-in "reliability and performance monitors". With it, most people may become experts in insight into system failures, plus task management. , Winows Defender, memory diagnostic tools, etc., can really make a system error, my prophet. The event viewer master's diagnostic tool To open the event viewer, click "Start", enter "MMC" (without quotes) in the search bar and press Enter to enter the system console window, then single Click File → Add/Remove Snap-in and select Event Viewer under Available Management Units in the pop-up window. Next, click Add, click Local Computer. After the "OK", the "Event Viewer" will surface. Tips: ★ You can also open the event viewer in other ways: one is under “Administrative Tools” in the “Start” menu; the other is to right click on “Computer” on the desktop and select “Manage”. The event viewer function opened in these two modes is weaker. It is better to display the remote and local computer logs at the same time in the system console for comparison, which is more conducive to finding the cause of the failure. Step 1: Recognize the Event Viewer Vista's Event Viewer window defaults to the three-pane mode, which is the tree structure area, the event display area, and the operation area. For those who are used to Windows Explorer or Outlook Mail Reader, it is undoubtedly the most friendly interface, which provides us with a convenient query (see Figure 2).
In addition, it can be classified according to the nature of the event, such as: "Windows log", "applications and services" and so on. It can also be sorted by time, for example, within 24 hours, within a week, etc. No matter what you want to find, you can quickly cut into the subject and hit the nail. More importantly, select a log (such as the event ID 11706, please remember this ID, later use), the relevant content will automatically be displayed in another pane and is no longer a book, as shown in Figure 3. Show.
From this, it can be confirmed that the event viewer can really check the autumn.
Step 2: Collection Logs Good content has to be collected and tasted. This well-known technology is also used in the event viewer. It is implemented by creating a custom view. During the creation process, we can define the events of interest according to our needs according to time, event level, event source, and even keywords. Once the customized view is created successfully, it can be saved in the list under "Custom View" and can be viewed at any time. Not only that, but we can also export our own records or import other people's records, through sharing, consultation and other measures to improve the accuracy of query failure. In this case, I am most concerned about the operation of the mini version of Office 2003, then collect it. Click "Create Custom View", the dialog box shown in Figure 4 pops up. Since this event has appeared, you can select "By Log" and check all items under "Event Log". Specifically specify its ID number, which is 11706.
In the next window, you can assign a name to the custom view and a short description of the event. In this example, the name entered is "Mini Office." When finished, expand the console root node → Event Viewer → Custom View under the console, and you can observe the newly created view “Mini Office”. In the future, you can observe the related to “Mini Office” by opening it. Logged.
In essence, custom views or collections are designed to filter out the most useful data from a large number of logs. If it is only a temporary filter, it can also be achieved by filtering the current log. Click "Filter Current Log" on the right side of the main window, and then follow the prompts. Step 3: Tracking the log If the event viewer is only used to view information negatively, it is too wasteful. We can also track events that we are interested in so that we can keep abreast of the situation and make countermeasures. Tracking events, the implementation principle is very simple, first specify what events to be tracked (trigger source), and then specify what response measures should be taken once the relevant information of the event to be tracked is captured, such as: alerting the user to attention, starting the relevant program Solve and so on. It is particularly worth mentioning that when specifying response measures, multiple linkage measures can be specified, embodying a (trigger source) versus multiple (response) design concept. In this example, we use Mini Office as an example. And configure two response events: display the message and send the message to the administrator. 1. Create a basic task After selecting the log related to the mini Office, click "Append task to this event", the "Create basic task" wizard will run automatically. As shown in Figure 5, it can be seen that the wizard is divided into 4 steps, wherein the first 2 steps can take the default settings, and when the 4th step is to specify the response event, you can only select "Start Program", "Send Email", " One of the information displayed. In this case, we select "Show Message" and follow the prompts to enter the content to display. This task cannot be observed in the Event Viewer and it will appear in the Task Scheduler, as shown in Figure 6.
2. Create an advanced task Double-click "Event Viewer Task" in the "Task Scheduler", then click "Operation → Add" in the pop-up window, and a dialog box similar to Figure 5 will pop up, enter The email account number and password can be used.
Step 4: Logging Extensions Logging is in XML format. This is the underlying technical support behind the event viewer. One of its benefits is to provide extensions to third-party event viewing tools.
Reliability Monitor Ordinary Person's Diagnostic Tool The Event Viewer is powerful and is aimed at IT technicians. Although the performance viewer only provides viewing functions, no tracking, collection, filtering, etc., but it is easy to use, mainly for ordinary computer users. Troubleshooting can also be done using the Reliability Monitor. The Reliability Monitor quickly displays a history of system stability, allowing you to view event details that affect reliability every day, helping us understand the results and taking action based on the results to improve reliability. Right-click on "Computer" on the desktop, select "Manage", and then open "Computer Management (Local) → System Tools → Reliability and Performance → Monitoring Tools → Reliability Monitor" in the pop-up window to open it. As shown in Figure 7. It divides the factors affecting computer stability into five major parts, including: software installation (uninstallation), application failure, hardware failure, Windows failure, and other failures. The Reliability Monitor retains a history of up to one year of system stability and reliability events. These records are displayed in the form of a chart.
1. Curves Performance monitors divide system stability into ten levels from 1 to 10. The higher the number, the more stable it is. According to this standard, the performance monitor reviews the stability of the day, obtains a graphical point representing the size of the number, and then connects the graphical points of the day to form a curve, which is very visual and intuitive. To ensure the reliability of the curve, it excludes some situations, such as: • Special time periods. Does not include periods when the system is off or in hibernation. · When the data is insufficient. When the system is running for less than 24 hours after installation and a reliable system stability index cannot be calculated, the curve will appear as a dotted line. When the recorded data can generate a reliable system stability index, the curve will automatically be converted to a solid line. 2. Icon The stability index is displayed in the upper part of the chart, and an icon is displayed in the column for this date when one or more reliability events of each type are detected. • For software installation and uninstallation, an “information” icon (blue bubble with an i) in the middle of the success event or a “warning” icon indicating the type of failure (a yellow triangle with an exclamation point in the middle) ). • For all other reliability event types, an “error” icon indicating that the type failed (a red circle with a cross in the middle) appears. 3. The specific situation of the event can be obtained by looking up the "system stability report" in the lower part of the chart. From the event attribute, it will list which program or which version of which hardware is in what Time is recorded; if something goes wrong, what kind of problem is missing, etc. From the perspective of the way of viewing, you can only pay attention to the specific situation of a certain day, but also the situation at all times. There are different ways in each of the two ways. When we look at the specific situation at all times, we can compare the performance of the same software or hardware at different times to better understand the performance of the object of interest, which is very useful for troubleshooting. . For example, from the chart, on April 3, 2007, there was no fault, but by April 6, 2007, there was a red and crossed error sign, which visually saw the curve slip. Looking at the "System Stability Report" on April 6th, you can observe that the error program is WinWord.exe. The specific performance is to stop responding. At this time, you should pay attention to it. After recalling: I installed the mini version of Office 2003. . With this clue, the solution to the problem comes out, uninstall it or reinstall the official version. After solving the problem, you can observe that the curve is rising and rising (April 8). Problem Reporting and Solutions Automated Diagnostic Tool Dr. Watson is a system failure analysis tool for past versions of Windows that has been replaced by "Reports and Solutions" in Vista. The tool's diagnosis of system hardware and software problems is done automatically, and once the problem is detected, it can automatically send a report to Microsoft to find a solution. You can also view the solution returned from Microsoft. Click "Start → All Programs → Problem Reports and Solutions" to open it (see Figure 8). From the point of view of use, the two commonly used are: "View problem history" and "Check for new solutions."
For example: I have previously found out the problems caused by the mini version of Office, which is reflected here, and gives a solution to the problem - download Microsoft Office System Software, which is highly targeted. With these tools, I believe that everyone can become a master of troubleshooting.