VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Errory Microsoft Security Client

https://forum.viry.cz:443/viewtopic.php?t=114175

Stránka 1 z 1

Errory Microsoft Security Client

Napsal: 04 srp 2011 10:32
od dusan612
Dobri den niejako často mi robi errory Microsoft Security nerobi to naštastie nič ale tie errory to robi
tu je General o errore
Log name Microsoft-Windows-Kernel-EventTracing/Admin
Source Kernel-EventTracing
EventID 3
Level Error
User System
OpCode Stop
Logged 4.8.2011 11:03:15
Task Category Session
Keywords session

tu su details
+ System

- Provider

[ Name] Microsoft-Windows-Kernel-EventTracing
[ Guid] {B675EC37-BDB6-4648-BC92-F3FDC74D3CA2}

EventID 3

Version 0

Level 2

Task 2

Opcode 14

Keywords 0x8000000000000010

- TimeCreated

[ SystemTime] 2011-08-04T09:03:15.125000000Z

EventRecordID 260

Correlation

- Execution

[ ProcessID] 4
[ ThreadID] 144

Channel Microsoft-Windows-Kernel-EventTracing/Admin



- Security

[ UserID] S-1-5-18


- EventData

SessionName Microsoft Security Client OOBE
FileName C:\ProgramData\Microsoft\Microsoft Security Client\Support\EppOobe.etl
ErrorCode 3221225485
LoggingMode 5

Re: Errory Microsoft Security Client

Napsal: 04 srp 2011 10:38
od dusan612
A ešte Varovania ale to neviem či to robi microsoft Security

Event 1530,User Profile Service

+ System

- Provider

[ Name] Microsoft-Windows-User Profiles Service
[ Guid] {89B1E9F0-5AFF-44A6-9B44-0A07A7CE5845}

EventID 1530

Version 0

Level 3

Task 0

Opcode 0

Keywords 0x8000000000000000

- TimeCreated

[ SystemTime] 2011-08-03T21:13:30.706054600Z

EventRecordID 24084

Correlation

- Execution

[ ProcessID] 1064
[ ThreadID] 2012

Channel Application

- Security

[ UserID] S-1-5-18


- EventData

Detail 20 user registry handles leaked from \Registry\User\S-1-5-21-2077639707-384719932-3077192631-1000: Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 1964 (\Device\HarddiskVolume1\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 1964 (\Device\HarddiskVolume1\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 1964 (\Device\HarddiskVolume1\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 1964 (\Device\HarddiskVolume1\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 1964 (\Device\HarddiskVolume1\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\My Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\Root Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\CA Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\Disallowed Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 896 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\trust

Re: Errory Microsoft Security Client

Napsal: 04 srp 2011 10:48
od dusan612
a varovanie dalšie

Event 1014,Dns Clients Events

+ System

- Provider

[ Name] Microsoft-Windows-DNS-Client
[ Guid] {1C95126E-7EEA-49A9-A3FE-A378B03DDB4D}

EventID 1014

Version 0

Level 3

Task 0

Opcode 0

Keywords 0x4000000000000000

- TimeCreated

[ SystemTime] 2011-08-03T19:45:43.370117100Z

EventRecordID 242441

Correlation

- Execution

[ ProcessID] 1368
[ ThreadID] 3236

Channel System

- Security

[ UserID] S-1-5-20


- EventData

QueryName www.youtube.co
AddressLength 16
Address 02000035C0A800C80000000000000000

A User Profile Service

+ System

- Provider

[ Name] Microsoft-Windows-User Profiles Service
[ Guid] {89B1E9F0-5AFF-44A6-9B44-0A07A7CE5845}

EventID 1530

Version 0

Level 3

Task 0

Opcode 0

Keywords 0x8000000000000000

- TimeCreated

[ SystemTime] 2011-08-03T16:08:47.253906200Z

EventRecordID 24060

Correlation

- Execution

[ ProcessID] 1080
[ ThreadID] 872

Channel Application

- Security

[ UserID] S-1-5-18


- EventData

Detail 16 user registry handles leaked from \Registry\User\S-1-5-21-2077639707-384719932-3077192631-1000: Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 2028 (\Device\HarddiskVolume1\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000 Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\My Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\Root Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Policies\Microsoft\SystemCertificates Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\CA Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\Disallowed Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 536 (\Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2077639707-384719932-3077192631-1000\Software\Microsoft\SystemCertificates\trust

Microsoft Antimalware

+ System

- Provider

[ Name] Microsoft Antimalware

- EventID 1002

[ Qualifiers] 0

Level 3

Task 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2011-08-03T13:07:00.000000000Z

EventRecordID 242202

Channel System

Security


- EventData

%%860
3.0.8402.0
{A01B8769-BB2B-485A-BA30-6A91DB619BFB}
2
%%802
2
%%805

S-1-5-21-2077639707-384719932-3077192631-1000

Microsoft Antimalware scan has been stopped before comlection.
Scan ID:(A01B8767-BB2B-485A-BA30-6A91DB619BFB)
Scan Type:Antimalware
Scan Parameters: full Scan
User a moje meno tu ma byt napisane

Prepačte že ich je tolko

Re: Errory Microsoft Security Client

Napsal: 04 srp 2011 10:57
od Roli
Zdravím, bylo by dobré pokračovat TADY s kolegou a nezakládat kvůli jednomu PC více topiků.

Zde :closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz