New
#11
I don't know if this will help but I do find lots of things using this little free program.
Everything Search Engine
I don't know if this will help but I do find lots of things using this little free program.
Everything Search Engine
Despite the thread's title, the logs in question seem to be all of the event logs. As to why the OP wants to automate (as opposed to manually) clearing these, that question has sort of been asked, but might not have been answered.
Unless this was the reason/answer...
Having a corrupted/bad environmental PATH might be the reason for the high volume of "stupid warnings and errors". If not, then the OP show deal with the root cause and not the symptom.
:::back to lurking:::
This thread came from that tut's thread after 2 pages of post attempting to get that tut to work for this OP.
edit: now that the PATH issue seems to be fixed, perhaps the tut will work for the OP
Good idea, Layback Bear. +1 rep
The clear bat files work now to figure out why ther are a hundred plus 7036 entries everytime I boot up; but thanks for the help on the other stuff.
I think w7, and all Windows, are paranoics. They all keep log of every tiny little thing it does. It has many 'dire' warning which mean little to anyone. If some service or process doesn't start in 0.02 ms, it will give a warning.
Windows, like any other complicated system, records all events to make troubleshooting 'easier'. The logs are useful to a technical person trying to find the cause of an issue, but seem trivial to a regular user. Knowing what was started or stopped and when can often lead to a solution.
Clearing the logs when the system is running normally makes it a little easier to sort through the clutter when an issue occurs, but there isn't any performance gain and the log don't consume much disk space at all. In other words, there is no real reason to clear the event logs. The same things that bug a regular user (too many trivial entries) will written to the logs again.
More to the point, though... if you clear the logs too often, you might lose that important entry that can lead to quick resolution of an issue.
The best practice is to only view the logs when you need to troubleshoot an issue, otherwise don't bother looking at them. You can also filter the logs so that you don't see all of the information entries. The Administrative view organizes the event logs for you in this sort of manner.
About the 7036 log entry
Troubleshoot Event ID 7036 — Basic Service Operations
This is one of those technician type log entries - a service changed state (started or stopped). This is normal and there is nothing a user can do to change the entry being recorded.
Bill
.
Use more words!
What broke? How? Doing?
If you mean that wevutil or ForEach-Object, then you already know where to look -check your path environment.
Now why is it breaking?
Now to see why the path got altered in the first place, please run a quick on-demand scan for malware.
Check for malware #1
Anti-Malware Free
Malwarebytes Anti-Malware Free (Mbam) version 2.0 is an on-demand scanner that, in addition to your real-time Anti-Virus (AV) software, protects your system against malware.
It is good practice to run Mbam once a week.
1. Read the online documentation for Malwarebytes:2. Mbam requires administrator privileges
- FAQs (link is also available in Mbam Settings Help)
- Malwarebytes User Guide
- Malwarebytes Support: Guides and Videos
3. If you require assistance, SevenForums (SF) members helping you need feedback (log files, screen shots) from the processes you will run.
- your user profile must be an administrator, or
- you must elevate the privileges when you launch Mbam.
Malwarebytes Anti-Malware Free
4. On the Do you want to run or save ... Action Bar
Select Save asIn the left hand pane of the save location window,
Select the folder you created in the above Prepare section: C:\_SevenForums\Security
do not change the File Name or File Type, only the save location.
5. On the The ... download has completed Action Bar
- If your user profile is an Administrator User Account:
Select Run
- If your user profile is a Standard User Account:
Select Open folder
Launch Mbam with elevated privileges (Right click, pick Run as administrator from the context menu)
Allow the application to run (Yes or Run) if Windows User Access Control (UAC) requests permissionMalwarebytes offers you a free trial of the Premium version. This guide suggests that you decline the initial offer made at install time and use the Malwarebytes Free version. The Start Free Trial and the Buy Premuium options are always available to you on the Mbam Dashboard window.
- Read the End User Licenses Agreement, then
Tick I accept... and press the Next button
- Read the Information window and press press the Next button
- Accept the default install location and press the Next button
- Accept the default Start Menu folder and press the Next button
- Accept Create a desktop icon and press the Next button
- Verify the install parameters and press the Install button
Set the final install options as shown below:Press the Finish button to launch Mbam and update the database definitions.
Enable free trial...
Launch Malwarebytes Anti-Malware
If the malware prevents launching Mbam, watch: How to use Malwarebytes Chameleon from the Malwarebytes Youtube channel
6. After the Mbam database definitions are updated, the Dashboard Main window presents the initial status:
Press the Fix Now >> button to run the initial scan on your system with the default Mbam settings.
7. Threat detection results are presented in the main window of the Scan menu.If no threats were are detected, you can close the utility. This does not mean that your system is clean, it only means that Mbam did not detect any malware. Additional scans using different on-demand scanners might be advised by SF members. Each scanner has a particular focus of design and detects malware using different criteria.
If SF members are assisting you, let them know that Mbam did not find any threats
Threats detected during an Mbam scan are reported and automatically moved into quarantine. The threat(s) are isolated in the Mbam quarantine and can remain there until you are certain of the correct disposition of the file(s). Note that other malware scanners or AV applications might report the quarantined file as a threat.Mbam Scanning History Log | Detected threat table.Occasionally a scanner will identify a legitimate file as malware (false positive). You should check each suspicious file by following the instructions in:
Analyze suspicious files with VirusTotal
8. Disposition of malicious objectsIf the VirusTotal analysis determines that the file is malicious, return to the Mbam History Quarantine widow
Tick the checkbox next to the file that VirusTotal flagged as malicious and press the delete button.
After you have processed (deleted, restored, or retained in quarantine) all of the files detected, it is advised that you restart your machine.
Restart your machine to complete the Mbam malware removal process
9. Run the Windows System File Checker (SFC) to repair any system files that the malware might have corrupted.See: How to Repair Windows 7 System Files with System File Checker
If SF members are assisting you, attach the sfc_detail.txt file as described in the System File Checker tutorial.
10. Attach any logs, reports, or screen shots that were created during this exercise to a new post on your thread.See: How to attach files and screen shots
Mbam logs: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
Mbam log naming convention:
mbam-log-YYYY-MM-DD (HH-MM-SS).xml
example: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2014-03-17 (18-11-35).xml
protection-log-YYYY-MM-DD.xml
example: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\protection-log-2014-03-17.xml
- The log files are in XML format and must be viewed inside the utility (History menu Application Logs)
- Protection Logs contain update information (database, program, etc)
- Scan Logs contain the results of a scan
Once you open the log for viewing, you can export it to a text file.
- Export the log, select Text file(*.txt) as the output format
- Specify a filename and location for the exported log and press save
If SF members are assisting you, attach the exported Scan Log text file to a new post on your thread.
Last edited by Slartybart; 27 May 2014 at 19:46. Reason: Misread sgmdew's post, thought path issues resurfaced
Slartybart,
One way to rewrite the post quoted above might be:
WINDOWSPOWERSHELL is all together in the OS PATH variable.
WINDOWSPOWERSHEL L is indeed an artifact of the forum post.