locked
emet 3.0 Error writing to the event log RRS feed

  • Question

  • This concerns Windows 7 Enterprise when getting the Error Re-install Program--Emet software appears to be corrupt-also Cannot write to the event log-on login of any account-Go to event viewer with an Admin account and delete the application log. This will clear the pop-up error with Emet still doing it's job. Apparently this has not been documented anywhere that I have found on the Net. Just trial and error found it on my part. Hope this helps someone like me who googled this constantly with no definite answers. Also the first step was to unistall and reinstall the Emet program but still had the same results. Now the error is gone. so simple but who knew since searching for Emet after unistalling it no results were found. O well this case is closed. Posting this in case 2 years from now I can google it and remember the fix.
    Friday, January 18, 2013 3:35 AM

All replies

  • Did you try: 

    EMET_notifier.exe  --InitEventViewerSource --silent

    Deleting the Application Event log seems pretty extreme.

    Monday, February 4, 2013 10:00 PM
  • I had this issue again where do you type this command at (in the command prompt)?
    Saturday, February 16, 2013 5:46 PM
  • Hi ed_james08,

    You would first need to open the command prompt and navigate to your EMET installation folder. Once in that folder you can then run the command mentioned by derson2:

    -----------------------------------------------------------

    For Windows XP:

    Open a Windows Command Prompt window as follows:

    1. Press the Start button and click Run

    2. Type cmd in the dialog box that appears and click OK (or press Enter).

    -----------------------------------------------------------

    For Windows Vista and Windows 7:

    1. Press Start, type cmd in the search box of the Windows start menu.

    2. A black icon with the word cmd beside it will appear at the top of the Start menu.

    3. Right click this icon and choose "Run As Administrator" from the menu that appears. Click Yes or enter your administrator password to continue if UAC (User Account Control) is enabled.

    -----------------------------------------------------------

    For Windows 8:

    1. Press the Windows key to display the Windows Start screen. Type the letters “cmd” (without the quotes)

    2. A black icon with the words Command Prompt will appear on the left side of the screen. Right click this icon and then left click the “Run As Administrator" option that appears at the bottom of the screen. Click Yes or enter your administrator password to continue if UAC (User Account Control) is enabled.

    -----------------------------------------------------------

    My apologies if you are already familiar with launching the Command Prompt. I have also posted the above instructions for those not familiar with how to access the Command Prompt.

    Here is an example of navigating to the EMET folder for 32 bit Windows. Please press the Enter key(carriage return) at the end of each of the following lines:

    cd\
    
    cd Program Files
    
    cd EMET
    
    EMET_notifier.exe  --InitEventViewerSource --silent

    For a 32 bit version of Windows the default installation folder of EMET is:

    C:\Program Files\EMET

    For 64 bit Windows:

    C:\Program Files (x86)\EMET

    I hope this helps. Thank you.

    • Edited by JamesC_836 Monday, February 18, 2013 1:29 PM Fixed EMET Notifier command
    Sunday, February 17, 2013 11:10 AM