Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Clear Admin Log

26 May 2014   #11
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I don't know if this will help but I do find lots of things using this little free program.

Everything Search Engine


My System SpecsSystem Spec
.
26 May 2014   #12
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Britton30 View Post
Where is this 'admin log'?
There should be the option to Clear Logs in the menu bar.
Despite the thread's title, the logs in question seem to be all of the event logs. As to why the OP wants to automate (as opposed to manually) clearing these, that question has sort of been asked, but might not have been answered.

Quote   Quote: Originally Posted by Slartybart View Post
~~~
Why do you want to clear the logs?
Can you open Event Viewer at all?
~~~
Unless this was the reason/answer...
Quote   Quote: Originally Posted by sgmdew View Post
Posted in txt file the wevt commands and ran the sfc with no problems noted; wevtutil does not show up in the files but wevtutil.exe does. This bugs me as well: nvstreamsvc 1201 warnings in 24 hrs. Seems I am getting a lot of stupid warnings and errors.
Having a corrupted/bad environmental PATH might be the reason for the high volume of "stupid warnings and errors". If not, then the OP show deal with the root cause and not the symptom.


:::back to lurking:::
My System SpecsSystem Spec
26 May 2014   #13
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I use this and it is handy.

By Zardoc:

Event Viewer One Click Clear
My System SpecsSystem Spec
.

26 May 2014   #14
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
I use this and it is handy.

By Zardoc:

Event Viewer One Click Clear
This thread came from that tut's thread after 2 pages of post attempting to get that tut to work for this OP.

edit: now that the PATH issue seems to be fixed, perhaps the tut will work for the OP :-)
Good idea, Layback Bear. +1 rep
My System SpecsSystem Spec
27 May 2014   #15
sgmdew

Win 7 Pro 64 Bit
 
 

The clear bat files work now to figure out why ther are a hundred plus 7036 entries everytime I boot up; but thanks for the help on the other stuff.
My System SpecsSystem Spec
27 May 2014   #16
Britton30
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

I think w7, and all Windows, are paranoics. They all keep log of every tiny little thing it does. It has many 'dire' warning which mean little to anyone. If some service or process doesn't start in 0.02 ms, it will give a warning.
My System SpecsSystem Spec
27 May 2014   #17
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Quote   Quote: Originally Posted by sgmdew View Post
The clear bat files work now to figure out why ther are a hundred plus 7036 entries everytime I boot up; but thanks for the help on the other stuff.
Windows, like any other complicated system, records all events to make troubleshooting 'easier'. The logs are useful to a technical person trying to find the cause of an issue, but seem trivial to a regular user. Knowing what was started or stopped and when can often lead to a solution.

Clearing the logs when the system is running normally makes it a little easier to sort through the clutter when an issue occurs, but there isn't any performance gain and the log don't consume much disk space at all. In other words, there is no real reason to clear the event logs. The same things that bug a regular user (too many trivial entries) will written to the logs again.

More to the point, though... if you clear the logs too often, you might lose that important entry that can lead to quick resolution of an issue.

The best practice is to only view the logs when you need to troubleshoot an issue, otherwise don't bother looking at them. You can also filter the logs so that you don't see all of the information entries. The Administrative view organizes the event logs for you in this sort of manner.

About the 7036 log entry
Troubleshoot Event ID 7036 — Basic Service Operations

This is one of those technician type log entries - a service changed state (started or stopped). This is normal and there is nothing a user can do to change the entry being recorded.

Bill
.
My System SpecsSystem Spec
27 May 2014   #18
sgmdew

Win 7 Pro 64 Bit
 
 

Quote   Quote: Originally Posted by Slartybart View Post
Looks as though you got it right. Good thinking to grab the full line.

Do me one favor.... verify that the space in WINDOWSPOWERSHEL L is an artifact of the forum post.

It should be WINDOWSPOWERSHELL

The easiest way to check this is to run the Powershell event clear script
Event Viewer: Clear All Events

You should not get the Foreach-Object error you got once before.
Let me know how that goes, ok?

If the Powershell script does work and you're happy with the solution, please mark this thread as solved.

Thanks,

Bill
.
It is one word, just broke with the posting.
My System SpecsSystem Spec
27 May 2014   #19
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Use more words!

What broke? How? Doing?

If you mean that wevutil or ForEach-Object, then you already know where to look -check your path environment.

Now why is it breaking?


Now to see why the path got altered in the first place, please run a quick on-demand scan for malware.

Check for malware #1


Anti-Malware Free
Malwarebytes Anti-Malware Free (Mbam) version 2.0 is an on-demand scanner that, in addition to your real-time Anti-Virus (AV) software, protects your system against malware.

It is good practice to run Mbam once a week.



1. Read the online documentation for Malwarebytes:2. Mbam requires administrator privileges
  • your user profile must be an administrator, or
  • you must elevate the privileges when you launch Mbam.
3. If you require assistance, SevenForums (SF) members helping you need feedback (log files, screen shots) from the processes you will run.
See: How to attach files and screen shots

Malwarebytes Anti-Malware Free
4. On the Do you want to run or save ... Action Bar

Select Save as
In the left hand pane of the save location window,
Select the folder you created in the above Prepare section: C:\_SevenForums\Security
do not change the File Name or File Type, only the save location.

5. On the The ... download has completed Action Bar
  1. If your user profile is an Administrator User Account:
    Select Run

  2. If your user profile is a Standard User Account:
    Select Open folder

    Launch Mbam with elevated privileges (Right click, pick Run as administrator from the context menu)




Allow the application to run (Yes or Run) if Windows User Access Control (UAC) requests permission
  • Read the End User Licenses Agreement, then
    Tick I accept... and press the Next button
  • Read the Information window and press press the Next button
  • Accept the default install location and press the Next button
  • Accept the default Start Menu folder and press the Next button
  • Accept Create a desktop icon and press the Next button
  • Verify the install parameters and press the Install button
Malwarebytes offers you a free trial of the Premium version. This guide suggests that you decline the initial offer made at install time and use the Malwarebytes Free version. The Start Free Trial and the Buy Premuium options are always available to you on the Mbam Dashboard window.
Set the final install options as shown below:

Enable free trial...
Launch Malwarebytes Anti-Malware
Press the Finish button to launch Mbam and update the database definitions.
If the malware prevents launching Mbam, watch: How to use Malwarebytes Chameleon from the Malwarebytes Youtube channel



6. After the Mbam database definitions are updated, the Dashboard Main window presents the initial status:



Press the Fix Now >> button to run the initial scan on your system with the default Mbam settings.


7. Threat detection results are presented in the main window of the Scan menu.
If no threats were are detected, you can close the utility. This does not mean that your system is clean, it only means that Mbam did not detect any malware. Additional scans using different on-demand scanners might be advised by SF members. Each scanner has a particular focus of design and detects malware using different criteria.



If SF members are assisting you, let them know that Mbam did not find any threats

Threats detected during an Mbam scan are reported and automatically moved into quarantine. The threat(s) are isolated in the Mbam quarantine and can remain there until you are certain of the correct disposition of the file(s). Note that other malware scanners or AV applications might report the quarantined file as a threat.
Mbam Scanning History Log | Detected threat table.
Occasionally a scanner will identify a legitimate file as malware (false positive). You should check each suspicious file by following the instructions in:
Analyze suspicious files with VirusTotal



8. Disposition of malicious objects
If the VirusTotal analysis determines that the file is malicious, return to the Mbam History Quarantine widow



Tick the checkbox next to the file that VirusTotal flagged as malicious and press the delete button.

After you have processed (deleted, restored, or retained in quarantine) all of the files detected, it is advised that you restart your machine.

Restart your machine to complete the Mbam malware removal process


9. Run the Windows System File Checker (SFC) to repair any system files that the malware might have corrupted.
See: How to Repair Windows 7 System Files with System File Checker

If SF members are assisting you, attach the sfc_detail.txt file as described in the System File Checker tutorial.


10. Attach any logs, reports, or screen shots that were created during this exercise to a new post on your thread.
See: How to attach files and screen shots

Mbam logs: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
Mbam log naming convention:
mbam-log-YYYY-MM-DD (HH-MM-SS).xml
example: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2014-03-17 (18-11-35).xml

protection-log-YYYY-MM-DD.xml
example: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\protection-log-2014-03-17.xml
  • The log files are in XML format and must be viewed inside the utility (History menu Application Logs)



  • Protection Logs contain update information (database, program, etc)
  • Scan Logs contain the results of a scan
    Once you open the log for viewing, you can export it to a text file.
    • Export the log, select Text file(*.txt) as the output format
    • Specify a filename and location for the exported log and press save


If SF members are assisting you, attach the exported Scan Log text file to a new post on your thread.
My System SpecsSystem Spec
27 May 2014   #20
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by sgmdew View Post
Quote   Quote: Originally Posted by Slartybart View Post
Looks as though you got it right. Good thinking to grab the full line.

Do me one favor.... verify that the space in WINDOWSPOWERSHEL L is an artifact of the forum post.

It should be WINDOWSPOWERSHELL

The easiest way to check this is to run the Powershell event clear script
Event Viewer: Clear All Events

You should not get the Foreach-Object error you got once before.
Let me know how that goes, ok?

If the Powershell script does work and you're happy with the solution, please mark this thread as solved.

Thanks,

Bill
.
It is one word, just broke with the posting.
Slartybart,
One way to rewrite the post quoted above might be:
WINDOWSPOWERSHELL is all together in the OS PATH variable.
WINDOWSPOWERSHEL L is indeed an artifact of the forum post.
My System SpecsSystem Spec
Reply

 Clear Admin Log




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Admin wants to share a directory with non-admin users
There is a user, Dad, with admin privileges on a Windows 7 machine (this is me). There are other users, kid1 and kid2, with no admin privileges (my kids ;-) ) I want to let kid1 and kid2 access the contents of a directory in my userspace C:\Users\Dad\ . In fact it's not at the top level,...
General Discussion
I need admin permission to delete/move file (but I'm both admin/owner)
Hi, I'm new to Windows 7. I'm still trying to master the file permissions.. I need some help and I'd appreciate it if someone could help me out. I have a folder with mp3s (created with my old Windows XP system). I've included this mp3s folder in the "my music" library and then I inspected...
System Security
WinUpdate made Admin act as no admin privileges available?
So, for the second time this month:sarc:, a Windows Update has basically killed my machine. As I was going to bed at 0230GMT, WindowsUpdate started an auto-install and rebooted my machine. As I logged into the Admin-level account normally, it appears to stop loading any of my programs -...
Windows Updates & Activation
admin user lost some admin rights
I can't delete a file from the desktop. When I try, it says to get the rights from the specified admin user (which I'm logged on). The strange thing is that I still can create other users from this account (including admins). Any suggestion on what to do?
BSOD Help and Support
Recover/Clear Windows 7 Admin Password
Hi all, I'm having a bit of difficulty with something. I have two accounts on my computer, a Admin and a local user account under my name. I have forgotten the password that I put on the admin account and now I need to download Microsoft Office and it is not allowing me to do so because it...
General Discussion
Admin acount no longer has admin privileges?
Hi. The main (and only account) I have been using since the first beta came out had administrator privileges. Today when I booted up I noticed that my account could no longer do things that are associated with an admin account, such as installing certain programs and writing to certain...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:28.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App