Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 5051 Source: McLogEvent

Source
Level
Description
A thread in process <path to antivirus program> took longer than <number> ms to complete a request. The process will be terminated. Thread id : 474 (0x1da) Thread address : 0x012f6701 Thread message : Build <date> <time> / 4.24 Object being scanned = <path to file> ( @ 10003 (10003,10000,10002,10001))
Comments
 
The error cause a Dr. Watson error or a general protection fault. See Release Notes for McAfee NetShield v4.5 Anti-Virus Software for Windows NT and Windows 2000 Service Pack 1.
See the links to "Network Associates Support Solution ID: nai18383", "Network Associates Support Solution ID: nai18427", "Network Associates Support Solution ID: nai2482", "McAfee Support Solution ID: nai7440", "McAfee Support Solution ID: nai14238", and "McAfee Support Solution ID: nai25225" for information on this problem.
McAfee recommends that you experiment with increasing the number of milliseconds contained in the ScannerThreadTimeoutEx registry value. This approach increases the length of time available to the engine for recovery before the exception occurs. To determine the optimum number of milliseconds in your environment, you must balance the risk of receiving a Dr. Watson or GPF and a failed scan on the one hand, with the inconvenience of devoting additional time to the scanning of very large files, on the other hand.
To get around this, increase the ScannerThreadTime variable in the registry. It is under the HKLM\SOFTWARE path. I cannot comment on the full impact this may have. Obviously it may slow things down as the antivirus software may take longer time to scan files but this may only be applicable to large files. Test on a non-critical machine before implementing.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...