F
Frog
Windows XP Pro SP3
My Event Viewer/System continues to show an ! in a yellow triangle
several times a day....for example:
Type: Warning, Date: 5/29/2009, Time: 7:48:46 AM, WinDefend, Category:
None, Event: 3004, User: N/a, Computer: Frog-ADF6F860
When I click on an entry of this type, I get the following:
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 5/29/2009
Time: 7:48:46 AM
User: N/A
Computer: Frog-ADF6F860
Description:
Windows Defender Real-Time Protection agent has detected changes.
Microsoft recommends you analyze the software that made these changes
for potential risks. You can use information about how these programs
operate to choose whether to allow them to run or remove them from your
computer. Allow changes only if you trust the program or the software
publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {BACBCD4F-70B0-4898-B483-2DA0C0F02692}
User: Frog-ADF6F860\Frog Pond
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found:
firewallport:HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1130:UDP
Alert Type: Unclassified software
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
When visiting this web page I get the following:
Results for: Microsoft Product: Windows Defender; Version: 1.1.1593.0;
Event ID: 3004; Event Source: WinDefend; File Name: MpEvMsg.dll;
No results were found for your query. Please see Search Help for
suggestions.
My many hours of trying to understand this problem, seeking help from
this news group, and watching this problem happen several times a day
has me completely baffled. First of all, I'm not sure that this is a
problem that I should really be concerned about. Secondly, I have no
clue as to what software on my system is causing this problem to occur.
It seems that Ports (several different ports numbers are involved) are
open via my Windows Firewall and that Windows Defender is letting me
know that this is a potential danger to my system. I'm not sure how
these ports were opened in the first place (I did not knowingly open any
ports on my Windows Firewall)and I do not know how to close ports on the
Windows Firewall. I have learned through my research that is is
possible to open ports on the Windows Firewall...but I did not learn how
to close ports. I also did not learn how to identify what ports are
open and what software is involved with open ports.
I have two thoughts about what could be causing this ongoing problem to
occur, but my limited technical skills are keeping me from knowing what
to do next. For example, I once had my Windows 98SE machine networked
with my Windows XP machine via a Verizon installed router. This
connection is currently not in use and could be terminated (not sure how
to do this). I believe this connection through the router must involve
open ports in some way. Secondly, I have a couple of games installed on
my system that are used on seldom occasions...one that shows in the
Windows Firewall/Exceptions window. I could remove this software from
my system via the Add/Remove process (I'm not sure whether this action
will also remove the game entry from the Windows Firewall/Exceptions
window). I have no other thoughts about what might have ports open on
my system. Is there a system log some place on my computer that records
information about port use? I'm not aware of such a log if it exists;
but, as I said earlier, I have limited knowledge about such details.
Would it be better for me to present this problem in a different
newsgroup, and, if so, what news group?
I am looking to any thoughts/guidance that you want to share with me on
this subject.
Frog
My Event Viewer/System continues to show an ! in a yellow triangle
several times a day....for example:
Type: Warning, Date: 5/29/2009, Time: 7:48:46 AM, WinDefend, Category:
None, Event: 3004, User: N/a, Computer: Frog-ADF6F860
When I click on an entry of this type, I get the following:
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 5/29/2009
Time: 7:48:46 AM
User: N/A
Computer: Frog-ADF6F860
Description:
Windows Defender Real-Time Protection agent has detected changes.
Microsoft recommends you analyze the software that made these changes
for potential risks. You can use information about how these programs
operate to choose whether to allow them to run or remove them from your
computer. Allow changes only if you trust the program or the software
publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {BACBCD4F-70B0-4898-B483-2DA0C0F02692}
User: Frog-ADF6F860\Frog Pond
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found:
firewallport:HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1130:UDP
Alert Type: Unclassified software
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
When visiting this web page I get the following:
Results for: Microsoft Product: Windows Defender; Version: 1.1.1593.0;
Event ID: 3004; Event Source: WinDefend; File Name: MpEvMsg.dll;
No results were found for your query. Please see Search Help for
suggestions.
My many hours of trying to understand this problem, seeking help from
this news group, and watching this problem happen several times a day
has me completely baffled. First of all, I'm not sure that this is a
problem that I should really be concerned about. Secondly, I have no
clue as to what software on my system is causing this problem to occur.
It seems that Ports (several different ports numbers are involved) are
open via my Windows Firewall and that Windows Defender is letting me
know that this is a potential danger to my system. I'm not sure how
these ports were opened in the first place (I did not knowingly open any
ports on my Windows Firewall)and I do not know how to close ports on the
Windows Firewall. I have learned through my research that is is
possible to open ports on the Windows Firewall...but I did not learn how
to close ports. I also did not learn how to identify what ports are
open and what software is involved with open ports.
I have two thoughts about what could be causing this ongoing problem to
occur, but my limited technical skills are keeping me from knowing what
to do next. For example, I once had my Windows 98SE machine networked
with my Windows XP machine via a Verizon installed router. This
connection is currently not in use and could be terminated (not sure how
to do this). I believe this connection through the router must involve
open ports in some way. Secondly, I have a couple of games installed on
my system that are used on seldom occasions...one that shows in the
Windows Firewall/Exceptions window. I could remove this software from
my system via the Add/Remove process (I'm not sure whether this action
will also remove the game entry from the Windows Firewall/Exceptions
window). I have no other thoughts about what might have ports open on
my system. Is there a system log some place on my computer that records
information about port use? I'm not aware of such a log if it exists;
but, as I said earlier, I have limited knowledge about such details.
Would it be better for me to present this problem in a different
newsgroup, and, if so, what news group?
I am looking to any thoughts/guidance that you want to share with me on
this subject.
Frog