Archived from groups: microsoft.public.windowsxp.general (
More info?)
I've cleared the event log but the problem remains. (!)
"Wesley Vogel" wrote:
> The Security log doesn't clear?
>
> [[You cannot clear archived logs; instead, delete the archived log file. ]]
>
> SecEvent.Evt is the Security log.
>
> C:\WINDOWS\System32\config\SecEvent.Evt
> or
> %windir%\System32\config\SecEvent.Evt
>
> How to Delete Corrupt Event Viewer Log Files
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;172156
>
> --
> Hope this helps. Let us know.
>
> Wes
> MS-MVP Windows Shell/User
>
> In news:040B0569-6711-4787-BDDC-1BAC7D297FEF@microsoft.com,
> Stefan <Stefan@discussions.microsoft.com> hunted and pecked:
> > I've also tried to clear the security log (with a backup of the .evt
> > file), BUT it doesn't work.
> >
> > :-(
> >
> >
> > "Wesley Vogel" wrote:
> >
> >> Stefan,
> >>
> >> I don't know. Clear the Security log.
> >>
> >> Open the Event Viewer...
> >> Start | Run | Type: eventvwr | Click OK |
> >> Right click Security and select Clear all Events |
> >> Click No to: Do you want to save "Security" before clearing it? |
> >>
> >> --
> >> Hope this helps. Let us know.
> >>
> >> Wes
> >> MS-MVP Windows Shell/User
> >>
> >> In news:6F95388B-C19F-4F87-8968-88E9874941E9@microsoft.com,
> >> Stefan <Stefan@discussions.microsoft.com> hunted and pecked:
> >>> I've already tried to use this solution BUT it doesn't work in my
> >>> scenario.
> >>>
> >>>
> >>> "Wesley Vogel" wrote:
> >>>
> >>>> Stefan,
> >>>>
> >>>> From your first post...
> >>>> [[You may be able to use the /AUXSOURCE= flag to retrieve this
> >>>> description; see Help and Support for details.]]
> >>>>
> >>>> This is what /AUXSOURCE brought up from Help and Support...
> >>>>
> >>>> Detailed Usage of the Event Viewer /AUXSOURCE Switch Option
> >>>>
http://support.microsoft.com/default.aspx?scid=kb;en-us;312216
> >>>>
> >>>> Read the article.
> >>>>
> >>>> --
> >>>> Hope this helps. Let us know.
> >>>>
> >>>> Wes
> >>>> MS-MVP Windows Shell/User
> >>>>
> >>>> In news:BB3185C0-AAE6-46C2-8D08-76DD2A2671AD@microsoft.com,
> >>>> Stefan <Stefan@discussions.microsoft.com> hunted and pecked:
> >>>>> My machine is not in a domain
> >>>>> and my account is a local administrator.
> >>>>> In the local security settings,
> >>>>> the 'manage auditing and security log' is set with 'Administrators'.
> >>>>>
> >>>>> Recently i've installed some log analyzers and made a windows update.
> >>>>> Could it be one of them the reason of my problem?
> >>>>>
> >>>>> Thanks
> >>>>> Stefan
> >>>>>
> >>>>> "Wesley Vogel" wrote:
> >>>>>
> >>>>>>
http://www.mcse.ms/archive48-2004-7-855064.html
> >>>>>>
> >>>>>> --
> >>>>>> Hope this helps. Let us know.
> >>>>>>
> >>>>>> Wes
> >>>>>> MS-MVP Windows Shell/User
> >>>>>>
> >>>>>> In news:eXzBl0WrFHA.1172@TK2MSFTNGP11.phx.gbl,
> >>>>>> MSDN <StefanManf@newsgroups.nospam> hunted and pecked:
> >>>>>>> Hi all,
> >>>>>>> I cannot read properly my security section of the event viewer
> >>>>>>> anymore.
> >>>>>>>
> >>>>>>> The description of an item is now like the following:
> >>>>>>>
> >>>>>>> "The description for Event ID ( 538 ) in Source ( Security )
> >>>>>>> cannot be found. The local computer may not have the necessary
> >>>>>>> registry information or message DLL files to display messages from a
> >>>>>>> remote computer. You may be able to use the /AUXSOURCE= flag to
> >>>>>>> retrieve this description; see Help and Support for details. The
> >>>>>>> following information is part of the event: IUSR_<myUser>, KIP,
> >>>>>>> (0x0,0x5229A9),
> >>>>>>> 3."
> >>>>>>>
> >>>>>>> Moreover, the category are now filled with numbers.
> >>>>>>>
> >>>>>>>
> >>>>>>> I found on the web that the reason is probably due to some loss of
> >>>>>>> permissions...
> >>>>>>> i checked the .evt files and my user has full control over them.
> >>>>>>> Is there something else to check?
> >>>>>>> Do you have any suggestions for this problem?
> >>>>>>>
> >>>>>>> Thanks in advance,
> >>>>>>> Stefan
>
>
Facebook
Twitter
Instagram