Windows 10: How to parse/enumerate Event Viewer event properties/details.

I am attempting to save a copy of an inactive recovery partition located on my primary SSD as a .vhd to a peripheral HDD, so that I can delete the partition from my SSD.


Here is the DISKPART input I've attempted to use:

create vdisk file="m:\recovery\recovpart1.vhd" maximum=450 type=fixed sd="D:A;;GA;;;WD"


When sending the above, I get this error message echoed back to me:

DiskPart has encountered an error: The parameter is incorrect. See the System Event Log for more information.


As for the Event Viewer, I'm not able to understand any of the contents, as they seem to be obfuscated or just isn't human-readable as-is to my eyes, at least. Below is a copy with certain fields redacted for my privacy:

Log Name: System

Source: Virtual Disk Service

Date: REDACTED

Event ID: 3

Task Category: None

Level: Information

Keywords: Classic

User: N/A

Computer: REDACTED

Description:

Service started.

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="Virtual Disk Service" />

<EventID Qualifiers="16896">3</EventID>

<Version>0</Version>

<Level>4</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="REDACTED" />

<EventRecordID>504</EventRecordID>

<Correlation />

<Execution ProcessID="0" ThreadID="0" />

<Channel>System</Channel>

<Computer>REDACTED</Computer>

<Security />

</System>

<EventData>

<Data>@2010005</Data>

</EventData>

</Event>

:)

 

Event Viewer

Hello,

Thank you for writing to Microsoft Community Forums.

As I understand, you are trying to read the event viewer logs. You can click on a specific event in the details pane to display the Event Properties dialog box and details about the event.

If you need help related to any event, you can provide us the details so that we can help you further.

Regards,

Gowrish S

Microsoft Community

 

Error in Event Viewer

Hi,



Thank you for writing to Microsoft Community Forums.



As you have mentioned, you have performed a repair installation on the computer and you see Event 508, 510 and 533 in Event Viewer.



I would like to inform that if you see any critical error in Event Viewer, please share the event logs with us to help you with the appropriate troubleshooting steps. Please follow the steps mentioned below to share the event logs:

1. Press Windows + X from the keyboard, select
   Event Viewer.
   
2. Expand Windows Logs from the left pane and select
   Applications.
   
3. Click Filter Current Log from extreme right pane. Then in the new windows check the box beside
   Error and click OK.
   
4. Now, look for a critical Error in the list and note down the message/information from the
   General Tab in the lower section.
   

Please reply with the status of the issue, we will be glad to help you further.



Regards,

Nikhar Khare

Microsoft Community - Moderator

 

Error in event viewer

Hi

I keep geting the following in the Event viewer ,
The description for Event ID (4) in source ( SuperProServer ) cannot be found . the local computer may not have the necessary registry information or message DLL files to display message from a remote computer . You may be able to use /AUXSOURCE= flag to retrieve this description . The following information is part of the event, The event log file is corrupt .

has anyone any ideas has to what this means .

cheers