Prev: Where to Find WinXP Home ISO Image
Next: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5
From: fwall4 on 4 Jul 2010 19:53
Hello: Today I noticed a new entry in the Event Viewer named
"Microsoft-Windows-Forwarding/Operational". When I clicked on "Properties" it
shows C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
Can anyone explain what this means and if I can remove it from the Event
Viewer?
I downloaded Window Live Photo Gallery but I don't know if this is the cause.
I appreciate your reply. Fred
From: VanguardLH on 4 Jul 2010 20:32
fwall4 wrote:

> Hello: Today I noticed a new entry in the Event Viewer named
> "Microsoft-Windows-Forwarding/Operational". When I clicked on "Properties" it
> shows C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
> Can anyone explain what this means and if I can remove it from the Event
> Viewer?
> I downloaded Window Live Photo Gallery but I don't know if this is the cause.
> I appreciate your reply. Fred

Any program (as long as it can use admin privileges to update the
registry) can add an event "category" or log under which those type of
events get logged. Look in the registry at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog


http://msdn.microsoft.com/en-us/library/bb427443(v=VS.85).aspx
http://msdn.microsoft.com/en-us/library/bb870973(VS.85).aspx

http://www.windowsecurity.com/articles/Centralized-Auditing-here-FREE.html

You event logs are getting sent or collected to somewhere else. Ask the
IT folks at your company why they want these logs.
From: fwall4 on 5 Jul 2010 02:31


"VanguardLH" wrote:

fwall4 wrote:
Hello: Today I noticed a new entry in the Event Viewer named
"Microsoft-Windows-Forwarding/Operational". When I clicked on "Properties"
it
shows C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
Can anyone explain what this means and if I can remove it from the Event
Viewer?
I downloaded Window Live Photo Gallery but I don't know if this is the cause.
I appreciate your reply. Fred

Any program (as long as it can use admin privileges to update the
registry) can add an event "category" or log under which those type of
events get logged. Look in the registry at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog


http://msdn.microsoft.com/en-us/library/bb427443(v=VS.85).aspx
http://msdn.microsoft.com/en-us/library/bb870973(VS.85).aspx

http://www.windowsecurity.com/articles/Centralized-Auditing-here-FREE.html

You event logs are getting sent or collected to somewhere else. Ask the
IT folks at your company why they want these logs.

Hi VanguardLH: Thanks for your reply. I deleted the registry and that
cleared the entry in the Event Viewer. I appreciate your help. Fred
 | 
Pages: 1
Prev: Where to Find WinXP Home ISO Image
Next: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5