Windows 8: Event Log Viewer

This section provides a tutorial example on how to review all event log entries with the Event Viewer on a Windows 8 system.

As part of the security review, you should also review Windows 8 system event log file. Investigate any log entries that are strange to you.

1. Go to "Control Panel\System and Security\Administrative Tools".

2. Double click on "Event Viewer". You see the "Event Viewer" screen shows up.

3. Click on the "Windows Logs" folder and the "Application" on the left side. You see a list of all events in the Application group.

4. Click on a log entry to review its detail information. For example, the "User Profile Service" event happened on 12/27/2013 has the following details:

Level: Warning   Time: 12/27/2013 12:56:33 AM   
   Source: User Profile Service

Windows detected your registry file is still in use by other 
applications or services. The file be unloaded now. The applications
or services that hold your registry file may not function properly 

15 user registry handles leaked from \Registry\5-1-5-21-...
Process 960 (\Device\Harddisk\Volume5\Windows\System32\svchost.exe)
has opened key \REGISTRY\5-1-5-21-...

Searching Internet, I see a Microsoft article at on this warning and it says this behavior is by design. I don't believe it.

5. Continue to review other event log entries in "Application", "Security", "Setup", and "System" groups to see if there are security related issues.

The picture below shows you the list of Windows 8 event log entries:
Windows 8 Event Log Viewer

Last update: 2013.

Table of Contents

 About This Windows Security Book

Windows 8: System Security Review

 Windows 8: System Version Information

 Windows 8: Create Restore Point

 Windows 8: Uninstall Unwanted Programs

 Windows 8: Disable System Services

 Windows 8: Remove Startup Programs

 Windows 8: Review Running Processes

Windows 8: Event Log Viewer

 Windows 8: Disk Folders and Files

 Windows 8: Review Personal Downloads Folders

 Windows 8: System Security Protection

 Windows 8 System Recovery

 Windows 8 Defender for Real-Time Protection

 Windows 7: System Security Review

 Windows 7: System Security Protection

 Windows 7 System Recovery

 Windows 7 Forefront Client Security

 Norton Power Eraser - Anti-Virus Scan Tool

 McAfee Virus and Malware Protection Tools

 Spybot - Spyware Blocker, Detection and Removal

 Keeping Firefox Secure

 Keeping IE (Internet Explorer) Secure

 Malware (Adware, Spyware, Trojan, Worm, and Virus)

 HijackThis - Browser Hijacker Diagnosis Tool

 IE Add-on Program Listing and Removal

 "Conduit Search" - Malware Detection and Removal

 "Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware

 Malware Manual Removal Experience

 Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal

 Trojan and Malware "Puper" Description and Removal

 VSToolbar (VSAdd-in.dll) - Description and Removal

 PWS (Password Stealer) Trojan Infection Removal

 MS08-001 Vulnerability on Windows Systems

 Antivirus System PRO


 PDF Printing Version