Event 5440 Expand / Collapse
Author
Message
Posted 1/10/2014 10:56:33 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Forum Members
Last Login: 8/9/2010 4:24:31 PM
Posts: 1, Visits: 0
I scrubbed it a little bi by removing the computer name but the rest of it is what I get.

Log Name:     Security

Source:       Microsoft-Windows-Security-Auditing

Date:         1/10/2014 8:29:29 AM

Event ID:      5440

Task Category: Filtering Platform Policy Change

Level:        Information

Keywords:      AuditSuccess

User:          N/A

Computer:    (Name ispresent in readable form)

Description:

The following callout was present when the Windows FilteringPlatform Base Filtering Engine started.

 

Provider Information:  

         ID:            {06e9d64c-15e9-4615-a862-1f0dc2674c6a}

         Name:                SYMANTEC CORPORATION

 

Callout Information:

         ID:            {0602ac30-ceee-4418-90cd-3f02af787de7}

         Name:                SYMANTEC CALLOUT DATABASELISTEN_V4

         Type:         Persistent

         Run-Time ID:      294

 

Layer Information:

         ID:            {88bb5dad-76d7-4227-9c71-df0a3ed7be7e}

         Name:                ALE Listen v4 Layer

         Run-Time ID:      40

Event Xml:

<Eventxmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

    <ProviderName="Microsoft-Windows-Security-Auditing"Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />

   <EventID>5440</EventID>

   <Version>0</Version>

   <Level>0</Level>

   <Task>13572</Task>

   <Opcode>0</Opcode>

   <Keywords>0x8020000000000000</Keywords>

    <TimeCreatedSystemTime="2014-01-10T14:29:29.568028200Z" />

   <EventRecordID>2293474</EventRecordID>

    <Correlation/>

    <ExecutionProcessID="916" ThreadID="1000" />

   <Channel>Security</Channel>

    <Computer>(Nameis present in readable form)</Computer>

    <Security />

  </System>

  <EventData>

    <DataName="ProviderKey">{06E9D64C-15E9-4615-A862-1F0DC2674C6A}</Data>

    <DataName="ProviderName">SYMANTEC CORPORATION</Data>

    <DataName="CalloutKey">{0602AC30-CEEE-4418-90CD-3F02AF787DE7}</Data>

    <DataName="CalloutName">SYMANTEC CALLOUT DATABASELISTEN_V4</Data>

    <DataName="CalloutType">%%16387</Data>

    <DataName="CalloutId">294</Data>

    <DataName="LayerKey">{88BB5DAD-76D7-4227-9C71-DF0A3ED7BE7E}</Data>

    <DataName="LayerName">ALE Listen v4 Layer</Data>

    <DataName="LayerId">40</Data>

  </EventData>

</Event>

Post #1305
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 4:06pm