Win7专用系统清理工具-『作品展览』-AUTOIT CN

553670595 发表于 2011-1-7 10:17:34

很不错，楼主能放出源码好了，问下，那个BAT怎么转换的AU3，能否提供一个工具，谢谢。

lixiaolong 发表于 2011-1-7 12:56:08

本帖最后由 lixiaolong 于 2011-1-7 12:58 编辑

回复 16# 553670595

没有BAT转换AU3的工具，我自己写了一个简单的替换字符代码.

这是批处理代码：
wevtutil.exe cl "ACEEventLog"
先备份批处理文件，
然后把 wevtutil.exe 替换到 _RunDos('wevtutil.exe

然后把回车（@CRLF）替换到 ') & @CRLF
代码简单，想要代码的话可以给你.

553670595 发表于 2011-1-7 15:04:31

回复553670595

没有BAT转换AU3的工具，我自己写了一个简单的替换字符代码.

这是批处理代码：
wev ...
lixiaolong 发表于 2011-1-7 12:56 http://www.autoitx.com/images/common/back.gif

谢了，麻烦压缩下发到29844465@qq.com 邮箱一下，正好需要，3Q..

lixiaolong 发表于 2011-1-7 16:38:07

回复 18# 553670595

还是写在这里吧，给新人学习.

BatTo_RunDos().au3:

_FileReplace() 和 _FileReplace2() 一起用.

#include <File.au3>

Dim $szDrive, $szDir, $szFName, $szExt
$batfile = @ScriptDir & "\删除win7事件查看器中的所有日志.bat"
$arrPath = _PathSplit($batfile, $szDrive, $szDir, $szFName, $szExt)
_FileReplace($batfile, 'wevtutil.exe', "_RunDos('wevtutil.exe")
_FileReplace2($batfile, @CRLF, "')" & @CRLF)

Func _FileReplace($SelectFile, $String1, $String2)
FileCopy($SelectFile, $SelectFile & ".bak")
$File1 = FileOpen($SelectFile, 0)
$File3 = StringReplace(FileRead($File1), $String1, $String2)
FileClose($File1)
$File2 = FileOpen($SelectFile, 2)
FileWrite($File2, $File3)
FileClose($File2)
EndFunc ;==>_FileReplace

Func _FileReplace2($SelectFile, $String1, $String2)
$File1 = FileOpen($SelectFile, 0)
$File3 = StringReplace(FileRead($File1), $String1, $String2)
FileClose($File1)
$File2 = FileOpen($SelectFile, 2)
FileWrite($File2, '#include<Process.au3>' & @CRLF)
FileClose($File2)
$File4 = FileOpen($SelectFile, 1)
FileWrite($File4, $File3 & "')" & @CRLF)
FileClose($File4)
FileMove($SelectFile, $szDrive & $szDir & $szFName & '.au3')
FileDelete($SelectFile)
EndFunc ;==>_FileReplace2

yfh131 发表于 2011-1-7 16:55:44

很有价值，值得学习

netegg 发表于 2011-1-8 03:14:07

本帖最后由 netegg 于 2011-1-8 04:58 编辑

回复 15# lixiaolong
如果你确定那个没问题的话，可以看看这段有没有问题

While 1
   $sSourceName = RegEnumKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\" & $w, $i)
      If $sSourceName = '' Then ExitLoop (1)
      $hEventLog = _EventLog__Open("", $sSourceName)
      consolewrite($i &')'& $sSourceName & "-----Log record count : " & _EventLog__Count($hEventLog)& @crlf )
      _EventLog__Close($hEventLog)
      $i += 1
WEnd
Next
还是没找到清除方法
不过，可以试试下面这个：#include <EventLog.au3>
#include <Array.au3>
$i = 1
For $w In _arraycreate("Application", "Key Management Service", "Security", "System", "Windows PowerShell", "Internet Explorer", "HardwareEvents")
While 1
$sSourceName = RegEnumKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\" & $w, $i)
If $sSourceName = '' Then ExitLoop (1)
$hEventLog = _EventLog__Open("", $w)
ConsoleWrite($i & ')' & $sSourceName & "Log record count : " & _EventLog__Count($hEventLog) & @CR )
_EventLog__Clear($hEventLog, "")
ConsoleWrite("////////" & _EventLog__Count($hEventLog) & @CR )
_EventLog__Close($hEventLog)
$i += 1
WEnd
Next

lixiaolong 发表于 2011-1-8 12:28:29

本帖最后由 lixiaolong 于 2011-1-8 14:15 编辑

回复 21# netegg

我测试了_EventLog__Clear()，可以删除以下7个日志了谢谢{:face (88):}
HardwareEvents
Internet Explorer
Key Management Service
Media Center
Security
System
Windows PowerShell

netegg 发表于 2011-1-8 14:47:03

回复 22# lixiaolong
好像循环错了，试试
#include <EventLog.au3>
#include <Array.au3>
$j=0
For $w In _arraycreate("Application", "Key Management Service", "Security", "System", "Windows PowerShell", "Internet Explorer", "HardwareEvents")
$i = 1
While 1
$sSourceName = RegEnumKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\" & $w, $i)
If $sSourceName = '' Then ExitLoop (1)
$hEventLog = _EventLog__Open("", $w)
   ConsoleWrite($i & ')' & $sSourceName & "Log record count : " & _EventLog__Count($hEventLog) & @CR )
_EventLog__Clear($hEventLog, "")
   ConsoleWrite("////////" & _EventLog__Count($hEventLog) & @CR )
   _EventLog__Close($hEventLog)
   $i += 1
WEnd
$j+=$i
ConsoleWrite('---------------------'&$j&'------------------------' & @CR )
Next

lixiaolong 发表于 2011-1-8 15:37:55

回复 23# netegg

我自己修改了代码，很爽{:face (427):}

删除XP的Windows日志：
Func _CleanWindowsEventXP()
Dim $sSourceName = ["Application", "Internet Explorer", "Security", "System"]
For $i = 0 To 3
$hEventLog = _EventLog__Open("", $sSourceName[$i])
_EventLog__Clear($hEventLog, "")
_EventLog__Close($hEventLog)
Next
EndFunc ;==>_CleanWindowsEventXP

删除Win7的Windows日志：
测试结果：
最后删除"System"日志就能清理干净.
Func _CleanWindowsEventWin7()
Dim $sSourceName = ["Application", "HardwareEvents", "Internet Explorer", "Key Management Service", "Media Center", "Windows PowerShell", "Security", "System"]
For $i = 0 To 7
$hEventLog = _EventLog__Open("", $sSourceName[$i])
_EventLog__Clear($hEventLog, "")
_EventLog__Close($hEventLog)
Next
EndFunc ;==>_CleanWindowsEventWin7

删除Win7的事件查看器中全部日志400多个:
Func _CleanALLEventWin7()
RunWait(@ComSpec & ' /c For /F "tokens=*" %1 in (' & "'wevtutil.exe el'" & ') DO (wevtutil.exe cl "%1")', '', @SW_HIDE)
EndFunc ;==>_CleanALLEventWin7

netegg 发表于 2011-1-8 16:15:12

回复 24# lixiaolong
恭喜

moxienideai 发表于 2011-1-9 09:41:20

观摩一下{:face (456):}

zhongzijie 发表于 2011-1-9 17:38:28

谢谢iaolong 分享

zjw767676 发表于 2011-1-9 19:22:14

感谢分享！！！！！！！！！！！！！！！

ljf840212 发表于 2011-3-3 17:12:35

{:face (316):}很不错~嘿嘿

xiaolingdan 发表于 2013-9-20 14:06:32

好用，我在看到每项对应的文件位置在哪里，我想做个批处理，如果楼主有，直接告诉我呗，谢谢啊，直接留言，或者发我邮箱xxiu860702@163.com，谢谢。

页: 1 [2] 3

AUTOIT CN's Archiver