Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 5000 Source: McLogEvent

Source
Level
Description
VirusScan McShield service started - scanning for 60576 viruses.
Engine version : 4.1.60
.DAT version : 4203
EXTRA.DAT name : None
Number of virus signatures in EXTRA.DAT : None
Names of viruses that EXTRA.DAT can detect : None
Comments
 
See the link to "McAfee Support Solution ID: nai12062" for information on this event.
This was happening on one of our servers. It had an old version on Norton Anti-Virus installed on it, when they were no longer able to update it, the purchased McAfee. So the site had McAfee and NAV install on it. Even though they weren't using NAV anymore, it kept disabling McAfee and every 15 minutes it would check for extra.dat to start it back up. Removing NAV fixed this issue.
This information type event is logged everytime the service starts and shows that it is working. It shows the version of the DATs and engine that are installed and information about any extra.dat file that has been installed.
Below is the response I received from McAfee online support. I followed the suggested "repair" and still have the error. Since this "error" is an informational event, and VirusScan 6.x is working well, I may not try much harder. To quote the sage; "If it ain't broke don't fix it"!
-----------------------------------
You are going to have to run a repair on virus scan 6 through add/remove programs in control panel.  To do this please follow the instructions below.
1.  Open add/remove programs in control panel.
2.  Click on Mcafee VirusScan to highlight it.
3.  Click on the add/remove button.
4.  Select repair and click on next.
5.  Follow the prompts to repair virus scan 6.
6.  Restart your computer.
7.  Launch virus scan 6 and update.
8.  Run a scan on your computer.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...