windows event ID when finding a virus??

[Guest]

Archived from groups: symantec.support,microsoft.public.windowsxp.security_admin,symantec.support.winnt.nortonantivirus.general,comp.infosystems.www.servers.ms-windows (More info?)

Hello,
I am using Symantec Antivirus and Norton Antivirus as antivirus
software in my network. Because I want to monitor my network with
whats'sup, I need the eventID that I get in the event manager when a
virus is found.
(For example, if a file could not be opened, the event ID I get is 6
(with as source Symantec Antivirus). Which is the corresponding event
ID when a virus is found???

Thanx in advance

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin,symantec.support.winnt.nortonantivirus.general,comp.infosystems.www.servers.ms-windows (More info?)

paul b wrote:

> I am using Symantec Antivirus and Norton Antivirus as antivirus
> software in my network. Because I want to monitor my network with
> whats'sup, I need the eventID that I get in the event manager when a
> virus is found.
> (For example, if a file could not be opened, the event ID I get is 6
> (with as source Symantec Antivirus). Which is the corresponding event
> ID when a virus is found???

You can use the Eicar test file to find out.

Newsgroups narrowed, follow-ups set.

Thor

--
http://www.anta.net/OH2GDF

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"Thor Kottelin" wrote:

>
>
> paul b wrote:
>
> > I am using Symantec Antivirus and Norton Antivirus as antivirus
> > software in my network. Because I want to monitor my network with
> > whats'sup, I need the eventID that I get in the event manager when a
> > virus is found.
> > (For example, if a file could not be opened, the event ID I get is 6
> > (with as source Symantec Antivirus). Which is the corresponding event
> > ID when a virus is found???
>
> You can use the Eicar test file to find out.
>
> Newsgroups narrowed, follow-ups set.
>
> Thor
>
> --
> http://www.anta.net/OH2GDF
> what is the Eicar test file?

 

[galen]

Archived from groups: symantec.support,microsoft.public.windowsxp.security_admin,symantec.support.winnt.nortonantivirus.general,comp.infosystems.www.servers.ms-windows (More info?)

In news:1f716d42.0504280657.43fe5937@posting.google.com,
paul b <bisibis@pt.lu> had this to say:

My reply is at the bottom of your sent message:

> Hello,
> I am using Symantec Antivirus and Norton Antivirus as antivirus
> software in my network. Because I want to monitor my network with
> whats'sup, I need the eventID that I get in the event manager when a
> virus is found.
> (For example, if a file could not be opened, the event ID I get is 6
> (with as source Symantec Antivirus). Which is the corresponding event
> ID when a virus is found???
>
> Thanx in advance

I don't know if NAV does but I know KAV doesn't (from my logs though it
could be my configuration) write an event to the event log when viruses (or
is that virii??? no one seems to know) found. All I can say is you've been
told where to download eicar which might trigger the event if, indeed, one
is found. I just tested that and nothing came up in mine.

Galen
--

"My mind rebels at stagnation. Give me problems, give me work, give me
the most abstruse cryptogram or the most intricate analysis, and I am
in my own proper atmosphere. I can dispense then with artificial
stimulants. But I abhor the dull routine of existence. I crave for
mental exaltation." -- Sherlock Holmes