Event Viewer Question

  • Thread starter Thread starter JamesJ
  • Start date Start date
J

JamesJ

I have a sound trigger for the 'Open program' event in Vista Basic sp2 x32
When my computer is idle and I "here" a program open the
only thing I have to go by is the time it occurred.

If I want to go to Event Viewer in Administrative Tools and see what
this event was that triggered the event sound I'm overwhelmed with
a bunch of categories and sub-categories.

In order to find what opened at the specific time I need to check each
category and
sub-category. That is a real pain in the ass.

I find no search capabilities in Event Viewer unless I've missed it.

Is there some way of making a hunt for a specific time easier in Event
Viewer?
Or, is there some 3rd party software with the capability to sort all events
by
data and time??

Thanks,
James
 
JamesJ said:
I have a sound trigger for the 'Open program' event in Vista Basic sp2
x32 When my computer is idle and I "here" a program open the
only thing I have to go by is the time it occurred.

If I want to go to Event Viewer in Administrative Tools and see what
this event was that triggered the event sound I'm overwhelmed with
a bunch of categories and sub-categories.

In order to find what opened at the specific time I need to check each
category and
sub-category. That is a real pain in the ass.

I find no search capabilities in Event Viewer unless I've missed it.

Is there some way of making a hunt for a specific time easier in Event
Viewer?
Or, is there some 3rd party software with the capability to sort all
events by
data and time??
Click to expand...

http://www.petri.co.il/vista-event-viewer.htm
http://technet.microsoft.com/en-us/library/cc766042.aspx

Both links discuss how to filter.

Malke
 
JamesJ said:
Both articles seem very useful.

Thanks,
James
Click to expand...

Just out of idle curiosity I'd be interested to know what you find as the
"offending" program.
Geo.
 
1) I never said there was an offending program.
2) I've get other problems with my Vista os right now.

You'll be the first to know.
 
JamesJ said:
1) I never said there was an offending program.
Click to expand...

I was using the expression "offending program" loosely.
Your original post said you had sound trigger for running a program and
(the implication was since you posted) you didn't know what it was and
wanted to find out.
My question was along the lines of did the filtering lead you to what
you wanted to know and what did you discover.
Again, as I noted, I'm just curious.
2) I've get other problems with my Vista os right now.
Click to expand...

Hope you get it sorted out
Geo.
 
Something WAS triggering the open event,
I found it was the Windows Error Reporting Service.

James
 
JamesJ said:
Something WAS triggering the open event,
I found it was the Windows Error Reporting Service.
Click to expand...

Interesting.
Was the Error Report able to clarify what the problem is?
Not meaning to bog you down here but, in my experience, sometimes writing
down discoveries helps in uncovering the real issue.
James
Click to expand...
[snip]
 
I copied and pasted the 2 Warnings:

'Code Integrity determined an unsigned kernel module
system32\drivers\TfFsMon.sys is loaded into the system.
Check with the publisher to see if a signed version of the kernel module is
available.'

'Code Integrity determined an unsigned kernel module
\Device\HarddiskVolume1\Windows\System32\drivers\pctgntdi.sys
is loaded into the system. Check with the publisher to see if a signed
version of the kernel module is available.'

Not sure what either of these are for.

James

GSalisbury said:
JamesJ said:
Something WAS triggering the open event,
I found it was the Windows Error Reporting Service.
Click to expand...

Interesting.
Was the Error Report able to clarify what the problem is?
Not meaning to bog you down here but, in my experience, sometimes writing
down discoveries helps in uncovering the real issue.
James
Click to expand...
[snip]
Click to expand...
 
JamesJ said:
I copied and pasted the 2 Warnings:

'Code Integrity determined an unsigned kernel module
system32\drivers\TfFsMon.sys is loaded into the system.
Check with the publisher to see if a signed version of the kernel module is
available.'

'Code Integrity determined an unsigned kernel module
\Device\HarddiskVolume1\Windows\System32\drivers\pctgntdi.sys
is loaded into the system. Check with the publisher to see if a signed
version of the kernel module is available.'

Not sure what either of these are for.

James
Click to expand...

When I Google the files I get these:

Tffsmon.sys
Company: PC Tools
Productname: ThreatFire
Description: ThreatFire System Monitor

Product name PC Tools Generic TDI Driver
Company name PC Tools
File description PC Tools Generic TDI Driver
Internal name pctgntdi
Original filename pctgntdi.sys

So it looks like it's PC Tools you can blame for all your troubles.
 
This wasn't causing problems that I can see.
I figured the pctgntdi was pctools.
I doubt if these are the only files cause a Code Integrity error.

James
 
JamesJ said:
This wasn't causing problems that I can see.
I figured the pctgntdi was pctools.
I doubt if these are the only files cause a Code Integrity error.

James
Click to expand...

Do these Code Integrity Errors interfere, or show up as error
messages, in the day to day use of the computer ?
Are they worth worrying about ?
 
No error messages . And I'm by no means worried.
I don't believe I said anything in my original post about being worried
about anything.
I was simply curious about what programs or processes start when my computer
is idle.
I paid good money for this and I like to know what goes on behind the
scenes.

Is that ok??

James
 
Back
Top