What is the Perflogs folder on the C disk and is it possible to remove it? Windows Log Files What is it? What the Logs folder in windows 10

When installing Windows operating systems seventh version and higher (for example, after XP), users saw quite a lot of innovations. In particular, it concerned the appearance of some incomprehensible directories, which there were no previously on the system disk. One of these is the Perflogs directory. What the folder under this name is displayed in the "Explorer" or in another file manager, then will be considered. To understand this, first consider what this catalog is created in the system.

What is the perflogs folder on the C drive?

This directory was first introduced into the file structure only in Windows 7. At the moment it is present in all the last OS. But what is the Perflogs directory? What is this folder in Windows 10, as well as in Windows 7 or 8?

To understand its purpose, it is necessary to simply decipher the name reduction. The first part (Perf) is formed from English Performance, which can be interpreted as "design" or "performance", and the second (LOGS) denotes logs, or special system reports that correspond to performance log.

What data are stored in the catalog

Thus, speaking that for the Perflogs folder, it is not difficult to understand that it is the place of saving special files in which the results of performance tests are recorded, if any.

Separately, it is worth noting that the more tests are carried out, the more files are saved there. And they, in turn, can have quite large sizes, since the old reports do not go anywhere. In other words, new reports are not recorded on top of the old. Ultimately, the occupied volume of disk space can significantly increase.

Default settings

What the Perflogs folder in Windows 7 or rank systems is higher, it is slightly clear. Now a few words about the nuances that each user of the computer system should know.

The fact is that in the initially there is no information in this directory (it is empty or has a minimum volume). Report data appear solely after performance tests by means of the operating system. Basically, they are used after some time when the system begins to significantly slow down or cause malfunction at the system level, which entails an increase in the load on hardware resources. Thus, the more often you spend tests, the longer the size will have this directory. However, all this applies only to the Windows tool. Therefore, in order not to climb the system partition, it is better to use third-party utilities for testing performance.

View log files

Many users would like to view full reports, for example, to clarify the reasons for reducing system performance. But just to open the files that are in the Perflogs directory is not possible (for their default extensions, no program is associated with Windows).

So for the perflogs folder, if you can not open its contents? The problem here is that this directory refers to the performance monitor service, but not the one that is available in the Task Manager, and the one that is presented in the form of a hidden standard application.

You can call it through the usual menu "Run" if you enter the Perfmon command, that is, the abbreviated name of the performance monitor. In the monitor itself, you need to use performance counters separated by groups, where you can see the results of all checks.

Test files in this case are automatically loaded, but the overall report result for all categories is not stored in the main directory, but in the attached directory of the Diagnostics, which is located in the System folder of the main directory (Perflogs). Thus, you do not need to open files one by one.

Is it possible to delete the Perflogs folder

Let's say a few words about the possibility or impossibility of this action. Since, as already noted, the files contained in the directory can take too much space on the disk, many users have a completely natural question about whether it is possible to get rid of this directory.

You can remove the folder with all files and invested catalogs, but it will not affect the performance of the operating system. The user will only lose the ability to view the results of the inspections if he spent them. As for the folder itself, even after it deletes it, the operating system during restart, using its own automated tools for restoring settings (registry entries, folders and files), create the directory of the same name automatically. It will be located in the same place where the remote folder was located. As in the default settings, this automatically created directory will initially be empty! As soon as you begin to check the system for performance, immediately get an increase in its size. Conclusion: Checks are too often not worth it, so as not to increase the amount of information in the Perflogs folder, then it will not interfere.

If the deletion solution is accepted, but in the "Explorer", it is not possible to delete it with the standard method, you can use the Unlocker unlocking program or log in to the administration record of the administrator. It is even easier to activate it to enter the command line to immediately assign all the rights of the admin. But the command console itself initially should be launched only with administrator rights.

Finally

That's all with regard to the Perflogs catalog. What the folder is on the system disk and for which it is intended, I want to hope, now it became clear. As for the removal of the catalog, there is a choice for the user itself. If you sometimes need to view the report results for comparing tests at different time points, the catalog is better not to touch. If the place in the system section is extremely limited, the directory can be deleted. And remember that for the normal operation of any system of recent generations, it is necessary to keep free at least 10-15% of the total system disk. If there are powerful processors and large amounts of RAM, as well as to reduce the use of the system partition, you can simply turn off the virtual memory (deactivate the use of the paging file).

One of the numerous changes in Windows 10 was the saving of update logs to ETL format files, read only using special utilities. In earlier versions of the system, logs were recorded in a regular text file, but since the update service is active in the system constantly, the data was overwritten regularly, which created an additional unwanted load on the disk.The use of an ETL magazine format made it possible to reduce the load on the hard disk, but made the reading of the logs less convenient for administrators. In Microsoft, this problem is known, so the developers have implemented the ability to convert update log files to a readable format. In addition, logs can be viewed using the built-in Windows Event Log. Consider both options a little more.

Run the PowerShell Console and run the Get-windowsURDateLog command in it.

Immediately read and convert data,

Upon completion of the procedure on the desktop, you will have a windowsuerdate.log file, you can open which is a regular notebook or any other text editor. Now you can safely study the log yourself or send it to more experienced users.

The second way is as simple. Call the Start button context menu (Win + X) and select "View Events" in it.

In the log that opens, go to the chain of Application logs and services → Microsoft → Windows → WindowsURDATECLIENT → OPERATIONAL. At the same time, in the central column of the log, you will receive a sorted list of events associated with the operation of the update function.

Announced the release of the October Update for Windows 10 during its conference in New York on October 2, 2018. Since then, users who risked install an update are among the first, complain On numerous problems that appeared after installation. It is worth noting that each Windows 10 update output is accompanied by certain risks, and many users do not decide to upgrade the system due to fear of breakage. This time was no exception.

One of the most common problems is the sudden loss of personal documents of the owner of the computer. Some users complain about the loss of multiple files, others claim that Windows independently deleted hundreds of gigabytes that cannot be restored.

"Two months of my work are lost due to the update," writes one of the victims, which lost the files with a total volume of 220 GB. - The most important thing is that these documents do not turn out to be "basket". They just disappeared. "

"Apparently, my computer has installed the latest update of Windows 10 for about three o'clock in the afternoon and during this process ... he has unpacked its own installation files, overwriting my documents. I'm so angry at Microsoft! " - told the user twitter with nickname @makaticub.

As Far As I CAN TELL, My Computer Downloaded The Latest Windows 10 Update Around 3PM Today and During That Process Its Unpacked My Documents Directory Then Unpacked Its Own Setup Files That Overwrote My Own Files.

I am SO Angry AT Microsoft Right Now - If This Is The Case.

- Flabby Cat (@MakATICUBUBU) October 4, 2018

Deleting affects the files in the "My Documents" and "Images" folders located in the personal directories of the user. At the same time, the files cannot be returned, even after canceling the update and restore the previous Windows status.

Probably the loss of documents is related to the updating of the cloud service Microsoft Onedrive, but there is no direct evidence.

Another problem related to the October update of Windows 10 was the overload of some models of the brand processors, which is why the battery on laptops is discharged too quickly. This overload calls the Intel Display Audio driver, which system offers to establish within the update. Microsoft has released a recommendation in which he asks to ignore the driver's setup offer and close the dialog box.

It is reported that for the wide masses, the automatic update was to begin only on October 9, and those who set it earlier are a small group of advanced users who launched an update manually.

Nevertheless, Microsoft has already conducted the necessary activities to prevent accidental users to update Windows until the existing problems are resolved.

The official representative of the company said that the investigation of the incident is already underway.

Hole in the system

At the end of September, it became known about the critical vulnerability of the zero day in Windows, allowing hackers to gain access to the sacrifice system. The vulnerability was discovered four months ago, but at the moment it was not fixed. Some experts hoped that the patch that corrected the "hole" will be released in the framework of the ill-fated October update.

The vulnerability was found in the Jet Database Engine database on Windows 7, however, it is not excluded that newer versions of this operating system, including Windows 10, may also be at risk.

An attacker who wants to take advantage of this vulnerability sent a victim with a file with extension.jet, with the start of which a hacker at the same time received access to her computer and could set malicious programs and viruses on it.

Despite the fact that such a scenario looks frightening, IB experts rate the threat from this vulnerability as moderate, emphasizing the fact that the infection is impossible without the active participation of the user itself.

"There is no other attack scenario through this vulnerability that would not mean interaction with the user. Personally, I would say that the level of risk in this case can be assessed as low or medium, "said Avast Safety Specialist Martin Cron in a conversation with newspaper.ru.

When switching from the Windows XP operating system to Windows 7 and higher, users detect in the root of the system disk (with :) new perflogs folder. What is this folder which information it contains and for what is needed, consider in detail in the article.

Make an assumption based on the name. Translated from English:

1. Log is a magazine.
2. Perf is more likely to reduce the word Performance, which means performance. It turns out, the Perflogs folder is the storage location of the performance log.

Important! The perflogs directory is not filled with data if speed analysis programs are not performed. Otherwise, it is filled with a large amount of information.

Performance analysis

System performance is the speed with which the PC performs system tasks and application tasks. The quality and comfort of the user's work depends on it.

To ensure the maximum speed of a personal computer and in case of unstable operation (insufficient response speed), find out the cause of such behavior, we use the performance monitor.

Performance Monitor - Windows component that sends its reporting data to the Perflogs folder. These data can help increase the speed and speed up the operation of the computer.

Group collectors groups

To enter the data collection program:

The results are collected using data collectors that are combined into groups.

Standard groups:

• performance counter;
• event tracking data;
• system configuration information;
• SYSTEM PERFORMANCE;
• System Diagnostics.

A group of collectors is used both template and custom. The monitor allows you to create your own data collectors group.


Group reports - report.htm are on the path C: \\ Perflogs \\ System \\ Diagnostics in the nested folder with the name of the diagnosed computer + the date of diagnostics.

Role in the PERFLOGS folder system

The Perflogs directory can be removed from the disk without prejudice to the system performance. With the next system startup, it will be updated (if data collection is launched).

Tip! If you need data for analyzing the system, then when you delete the catalog you will lose them and have to be diagnosed again.

If you have any difficulties ,. Describe in detail what question you encountered so that we can help.

The article describes one of the cases of solving the problem in which a lot of space on the rigid disk takes a session to the Windows session, and the time folder cleaning does not bring the result and the problem is constantly returning.

Are you trying to detect where the free space of the hard disk disappeared? The situation is complicated sometimes and the fact that it seems nothing installed, and dozens and sometimes even hundreds of gigabytes of space as blew ... But listen further.

Windows users sometimes, meanwhile, report the strange behavior of the system. Using the methods of detection of "space absorbers" in the article "?" Or, you can count on temporary positive results. However, by the end of the Windows session, it takes a lot of space: Windows log files accumulate once again, occupying a hundred gigabytes, generating separate packs of packs of 100 MB each. "Harmful" folder seems to be detected - this C: \\ Windows \\ TempHowever, it is impossible to do anything: files with sewage .cab. Fill the temporary storage until the free space on the disk disappears at all. This action is similar to the maneuver, which by the end of the "session" will devour all the free space on the HDD.

Windows takes a lot of space: the essence of the question

Windows ragings about this problem have long been known. It is known that the problem stems from the work results Component-oriented service Systems ( COMPONENT-BASED SERVICING) Creating sometimes incredible sizes. You are located in the folder C: \\ Windows \\ Logs \\ CBS. Current log is referred to as cbs.log.. But as soon as it reaches a certain value in its size, the starting cleaning process immediately renames this file to the type file. .log. And immediately trying to squeeze it in the sizes, assigning the expansion as a result of the file .cab.. using the system utility makecab.exe.. But here then the user sometimes lifts the "bonus": when the file cbs.log. reaches size 2 GB before the cleaning process has time to appeal to it for compression, said utility .. can not cope with him - and he, they say, is already too big: utility makecab.exe. Frankly "stupid" when faces files of such sizes. Log is renamed in C bSPersist-Time-Date.log. and when makecab.exe.tries to squeeze it, an error appears. The error is docked and eventually: every 15 - 30 minutes. (all in different ways)

• the utility creates the first 100 MB of "compression" .cab.
• boots on an error
• and the same thing is repeated.

Windows takes a lot of space: likely decision

So, if you encountered a situation, when Windows is out of time, it takes a lot of space on the hard disk, try this:

• at the time of work "TORMES" Windows Module Installer through the console

• we are looking for a folder C: \\ Windows \\ Logs \\ CBS And inside the folder, we rename all the files (as you like)
• we are looking for a folder C: \\ Windows \\ Temp and delete all files cab.
• reboot

Now makecab.exe.it will not be able to process files and climbing the disk must stop. And if Windows log files do not need, you can delete them.

Second option

Download, unzip and run through Power Shell. on behalf of the administrator file

Unlock as anyone worked.