Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows VistaWindows XPWindows MeWindows 98Windows 95Virtual PCInternet ExplorerOutlook ExpressWindows MediaSecurity
Related Topics
MS Server ProductsMS OfficePC HardwareMore Topics ...
Windows Forum / Windows XP / Security and Administration / April 2005

Tip: Looking for answers? Try searching our database.

windows event ID when finding a virus??

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
paul b - 28 Apr 2005 15:57 GMT
Hello,
I am using Symantec Antivirus and Norton Antivirus as antivirus
software in my network. Because I want to monitor my network with
whats'sup, I need the eventID that I get in the event manager when a
virus is found.
(For example, if a file could not be opened, the event ID I get is 6
(with as source Symantec Antivirus). Which is the corresponding event
ID when a virus is found???

Thanx in advance
Reply to this Message
Thor Kottelin - 28 Apr 2005 17:49 GMT
> I am using Symantec Antivirus and Norton Antivirus as antivirus
> software in my network. Because I want to monitor my network with
[quoted text clipped - 3 lines]
> (with as source Symantec Antivirus). Which is the corresponding event
> ID when a virus is found???

You can use the Eicar test file to find out.

Newsgroups narrowed, follow-ups set.

Thor

Signature

http://www.anta.net/OH2GDF

Reply to this Message
matchstich - 28 Apr 2005 20:43 GMT
> > I am using Symantec Antivirus and Norton Antivirus as antivirus
> > software in my network. Because I want to monitor my network with
[quoted text clipped - 9 lines]
>
> Thor
Reply to this Message
Galen - 29 Apr 2005 04:29 GMT
My reply is at the bottom of your sent message:

> Hello,
> I am using Symantec Antivirus and Norton Antivirus as antivirus
[quoted text clipped - 6 lines]
>
> Thanx in advance

I don't know if NAV does but I know KAV doesn't (from my logs though it
could be my configuration) write an event to the event log when viruses (or
is that virii??? no one seems to know) found. All I can say is you've been
told where to download eicar which might trigger the event if, indeed, one
is found. I just tested that and nothing came up in mine.

Galen
Signature


"My mind rebels at stagnation. Give me problems, give me work, give me
the most abstruse cryptogram or the most intricate analysis, and I am
in my own proper atmosphere. I can dispense then with artificial
stimulants. But I abhor the dull routine of existence. I crave for
mental exaltation." -- Sherlock Holmes

Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.