Re: Event Viewer
- From: "Michael Jennings" <metarhyme@xxxxxxxxx>
- Date: Mon, 31 Aug 2009 20:07:15 -0500
Microsoft has made the spyware newsgroups private:
http://www.microsoft.com/windows/products/winfamily/defender/support.mspx
For defender, among other things, they also have a public newsgroup:
news://msnews.microsoft.com/microsoft.public.security.homeusers
You may wish to state how and when you have scanned for malware
if you decide to post in one of these newsgroups. I have a habit of
advising people to do a clean install of Windows - you don't want me.
"Frog" <frog@xxxxxxxx> wrote in message
news:e6D$9XkKKHA.4376@xxxxxxxxxxxxxxxxxxxxxxx
If I have something that is advertised as a tool, but I don't know how to use
that tool, is it really a tool?
I continue to observe entries in my Event Log with little or no knowledge
about the meaning of their content. Yes, I have asked on this group about
specific Event Log entries in the past, and yes, you have been forthcoming
with helpful guidance. I personally, however, don't know how to use this tool
effectively, and that is my problem.
Is there some place you could point me where there is a detailed users guide
for this Event Viewer tool?
I will say that nearly all of the entries in my Event Viewer log, those
preceded by a yellow triangle with an ! mark, have to do with WinDefend
finding open ports. With my limited technical skills, I attempt to determine
why Windows Defender is saying there is possibly a problem with my system. In
nearly all cases, the problem has to do with "GloballyOpenPorts". I proceed
to the Registry location where the details of the Event Viewer log is pointing
and there I find nothing to do with the open port number that was the problem.
It refers to FirewallPolicy, so I next go there to see what might be going a
stray. I find no exceptions to the port policy there--it remains as it was
when I loaded Windows XP on my system. I continue to search for something
that will improve the communications between myself and this event log.
Here is what I am seeing--a lot of vague references to some program that was
added to my system that I should check. How in the heck do I know what vague
program I'm suppose to check or the reason for the "GloballyOpenPort". I'm
lost and need to learn how to use this tool.
Thanks for any help sent my way.
Windows XP SP3
Frog
P.S. Here is an example of what I am finding in my Event log for yesterday.
Note, there were 13 such entries in yesterdays log--all occurring between 5:35
P.M. and 7:36 P.M..
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 8/30/2009
Time: 5:35:04 PM
User: N/A
Computer: Frog-ADF.....
Description:
Windows Defender Real-Time Protection agent has detected changes. Microsoft
recommends you analyze the software that made these changes for potential
risks. You can use information about how these programs operate to choose
whether to allow them to run or remove them from your computer. Allow changes
only if you trust the program or the software publisher. Windows Defender
can't undo changes that you allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {536F062E-5D8F-4A18-A86F-D450D57EDAB5}
User: Frog-ADF.....\Kermit Taylor
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found:
firewallport:HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2006:UDP
Alert Type: Unclassified software
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
When I go to the microsoft site, I get the following:
Results for: Microsoft Product: Windows Defender; Version: 1.1.1593.0; Event
ID: 3004; Event Source: WinDefend; File Name: MpEvMsg.dll;
No results were found for your query. Please see Search Help for suggestions.
.
- Prev by Date: Re: Windows XP: Can't get into window--Stop: c000021a {Fatal Syste
- Next by Date: RE: rundill pop up
- Previous by thread: Re: SendTo - Add
- Next by thread: RE: rundill pop up
- Index(es):
Relevant Pages
|
