Wealth of information from Defender....

[Mhzjunkie]

With the wealth of information that Window Defender gives you about items
that it finds on your system, it's hard to find out what when or where. I
have multiple instances in the Event Viewer from this ...


Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 5/11/2006
Time: 10:07:47 PM
User: N/A
Computer: XXXXXXXX-XXXXXX\XXXX
Description:
Windows Defender Real-Time Protection agent has detected spyware or other
potentially unwanted software.
For more information please see the following:
http://www.microsoft.com
Scan ID: {6AB1F5BA-7603-4992-A2C7-C7350BAE36CA}
User: XXXXXXXX-XXXXXX\XXXX
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: service:gdrv
Alert Type: Unknown
Detection Type:


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Can some one give a me a clue as to what that (gdrv) is ? Windows Defender
is no help in identifying it what so ever.

--
Mhzjunkie

1 PRINT "Windows XP ERROR"
GOTO 1
END

 

[Bill Sanderson MVP]

Yup--so--that's a service. You can do start, run, services.msc and find it
in the list, and probably get a complete path and executable name?

Windows Defender doesn't know what it is either--that's why it is "unknown."

 

[Mhzjunkie]

Bill Sanderson MVP spewed out this bit, and i'll scatter a few bits myself

Yup--so--that's a service. You can do start, run, services.msc and
find it in the list, and probably get a complete path and executable
name?
Windows Defender doesn't know what it is either--that's why it is
"unknown."

I had a look through the services before posting. I have nothing listed in
services by the name "gdrv".

I'll open the windows search and do a search of my drive for "gdrv" and see
what i come up with.
--
Mhzjunkie

1 PRINT "Windows XP ERROR"
GOTO 1
END

 

[Mhzjunkie]

Mhzjunkie spewed out this bit, and i'll scatter a few bits myself

Bill Sanderson MVP spewed out this bit, and i'll scatter a few bits
myself

I had a look through the services before posting. I have nothing
listed in services by the name "gdrv".

I'll open the windows search and do a search of my drive for "gdrv"
and see what i come up with.

Absolutely nothing, that's what I find. Nothing listed in Task Manager
either, googles not even my friend. I don't have a clue as to what it is.

<throws up hands>

--
Mhzjunkie

1 PRINT "Windows XP ERROR"
GOTO 1
END

 

[Bill Sanderson MVP]

What kind of a video driver do you run?

I'm not sure whether there's such a thing as a hidden service--seems
likely--there are hidden devices, hidden shares, hidden scheduled tasks,
surely there are hidden services?

Yeah--google doesn't help much.

Anything happening at that time--this isn't a one-off critter--say, a
root-kit detection run or something?
--

 

[Mhzjunkie]

Bill Sanderson MVP spewed out this bit, and i'll scatter a few bits myself

What kind of a video driver do you run?

I run the latetest video driver from Nivida.

I'm not sure whether there's such a thing as a hidden service--seems
likely--there are hidden devices, hidden shares, hidden scheduled
tasks, surely there are hidden services?

Well the way I've always approached this, and the way I've always thought to
be the correct way. Open device manager and at the top click on View >Show
Hidden Device. This will add non plug and play drivers section to the device
manager. It usually shows items you never knew where running or on board
your system.

Nothing shown there...

Anything happening at that time--this isn't a one-off critter--say, a
root-kit detection run or something?

No, far as I can tell nothing happening at the time the warnings are listed.
I can't pin it down yet, but im very curios. I'll keep digging and see what
I can come up with. I'm starting to think that it was something that I've
installed recently, and didn't like it and removed it. As im not getting the
warnings today, but plenty yesterday, and can't find "gdrv" any where. I'll
keep digging and post when i figure it out.


--
Mhzjunkie

1 PRINT "Windows XP ERROR"
GOTO 1
END

 

[Bill Sanderson MVP]

Thanks - one google seemed to associate that name with video--but none of
them were real clear at all.

--