- Thread Author
-
- #1
Thanks in advance for your assistance. I have a weekly requirement to view and clear the Windows Security Logs on my hardened Windows 7 computer. This has been working fine up until last week. When I open up my saved EventViewer.mmc console, I receive the following error: "Event Log Service is unavailable, verify that the service is running." When I go to services.exe (Run as Administrator) and try to start the Windows Event Log service, I receive the following error: "Windows could not start the Windows Event Log service on Local Computer. Error 5: Access is denied."
Some of the steps already taken to correct this
-Used System Restore to restore to a previous time
-Added "NT SERVICE\EventLog" to the access list for C:\Windows\System32\winevt\logs and applied "Full Control" permissions
-Checked box for "Include inheritable permissions from this object's parent" on the Security properties for C:\Windows\System32\LogFiles\WMI
-Was unable to perform this potential fix due to an "Access Denied" error: Started in Safe Mode, started Cmd" as Administrator and typed "net stop winmgnt" then navigated to C:\Windows\System32\wbem, then tried to rename the Repository folder, but this is when I received my error.
Some of the steps already taken to correct this
-Used System Restore to restore to a previous time
-Added "NT SERVICE\EventLog" to the access list for C:\Windows\System32\winevt\logs and applied "Full Control" permissions
-Checked box for "Include inheritable permissions from this object's parent" on the Security properties for C:\Windows\System32\LogFiles\WMI
-Was unable to perform this potential fix due to an "Access Denied" error: Started in Safe Mode, started Cmd" as Administrator and typed "net stop winmgnt" then navigated to C:\Windows\System32\wbem, then tried to rename the Repository folder, but this is when I received my error.