Windows Event Log
Default Description:
This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
Additional Information:
Take note: Manual updates via Windows Update Version 6 web site still requires Windows Update, Cryptographic Services, Background Intelligent Transfer Service, and Windows Event Log to be running. Place all four in automatic if you do not wish to update manually. In addition, I recommend that you change the default time of 3AM, for the automatic checking of updates, to a time when the system is "normally" on. Otherwise, Windows Update will check upon boot which may slow down the boot process.
Additional Reading:
- None at this time
Discussion Topic Link:
Defaults Startup Type:
Windows 7 Starter: Automatic (Started)
Windows 7 Home Basic: Automatic (Started)
Windows 7 Home Premium: Automatic (Started)
Windows 7 Professional: Automatic (Started)
Windows 7 Ultimate: Automatic (Started)
Windows 7 Enterprise: Automatic (Started)
Other Settings:
Safe Setting: Automatic
Service Names:
Service Name (registry): EventLog
Display Name: Windows Event Log
Default Path and Command Line Options:
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Log On As:
Account: Local Service (unchangeable)
Dependencies:
What service Windows Event Log needs to function properly:
- None (S, HB, HP, P, U, E)
What other service require Windows Event Log to function properly:
- Message Queuing (S, HB, HP, P, U, E)
- Message Queuing Triggers (S, HB, HP, P, U, E)
- Net.Msmq Listener Adapter (S, HB, HP, P, U, E)
- Task Scheduler (S, HB, HP, P, U, E)
- Windows Event Collector (S, HB, HP, P, U, E)
Registry Settings (.reg):
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,65,00,76,00,74,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceMain"="ServiceMain"
"PlugPlayServiceType"=dword:00000003
"ServiceDllUnloadOnStop"=dword:00000001
"DisplayName"="@%SystemRoot%\\system32\\wevtsvc.dll,-200"
"Group"="Event Log"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Description"="@%SystemRoot%\\system32\\wevtsvc.dll,-201"
"ObjectName"="NT AUTHORITY\\LocalService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"FailureActionsOnNonCrashFailures"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application]
"DisplayNameFile"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\
6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\
00,77,00,65,00,76,00,74,00,61,00,70,00,69,00,2e,00,64,00,6c,00,6c,00,00,00
"DisplayNameID"=dword:00000100
"PrimaryModule"="Application"
"File"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,77,00,\
69,00,6e,00,65,00,76,00,74,00,5c,00,4c,00,6f,00,67,00,73,00,5c,00,41,00,70,\
00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,2e,00,65,00,76,00,\
74,00,78,00,00,00
"MaxSize"=dword:01400000
"Retention"=dword:00000000
"RestrictGuestAccess"=dword:00000001
"Sources"=hex(7):6e,00,66,00,73,00,6e,00,70,00,2c,00,20,00,6e,00,66,00,73,00,\
63,00,6c,00,6e,00,74,00,00,00,00,00
Note: Entries truncated to save space!
"Have you tweaked your OS lately?"
Welcome Guest!
Choose the look:
General:
Windows 7 Related Information:
- FAQ
- Custom Services Registry Tool
- Install Guide
- Services Configurations
- Services Information
- Services Registry Files
- Strange Services
- Super Tweaks
Support BV:
Features:
Windows Service Configurations!
Includes explanations of each service and advice on which services you can safely disable.
- Windows 7 Services
- Windows Vista Service Pack 2 Services
- Windows XP x86 (32-bit) Service Pack 3 Services
- Windows XP x64 (64-bit) Service Pack 2 Services
- Windows 2000 Service Pack 4 Services
couttsj
Original content created: January 13, 2009 | Most recent update: September 28, 2009
Copyright © 1999-2010 by Charles "Black Viper" Sparks. All Rights Reserved.
Browser Compatibility List | Contact BV | Disclaimer | Privacy Policy | Site Map