When you run the Event Viewer, any of the following messages usually indicate a currupt event log:
The handle is invalid Dr. Watson Services.exe Exception: Access Violation (0xc0000005), Address: 0x76e073d4When you click OK or cancel on the Dr. Watson error message, you may also receive the following error message:
Event Viewer Remote Procedure Call failed.The Event Logs ( Sysevent.evt, Appevent.evt, Secevent.evt) are always in use, so you can not delete or rename them. Use any of the following methods:
Alternate Install |
Boot the alternate install, delete the Evcent logs from the %Orig_SystemRoot%\system32\config folder. |
You can logon Locally |
Use Control Panel / Services / Eventlog to configure Startup as Disabled. Shutdown / Restart Windows NT. Delete the Event logs from %SystemRoot%\system32\config. Use Control Panel / Services / Eventlog to configure Startup as Automatic. Shutdown / Restart Windows NT. |
You can connect remotely |
Use Regedt32 to alter the Start of the EventLog service to 0x4 (Disabled). Use Shutdown from the Resource Kit to restart the computer. Delete the Event logs (remotely or locally). Use Regedt32 to alter the Start of the EventLog service to 0x2 (Automatic). Shutdown / Restart Windows NT. |
0 comments
Hide comments