How do i delete a strange Event Log?

Discussion in 'other software & services' started by <DreamCatcher>, Jan 14, 2006.

Thread Status:
Not open for further replies.
  1. <DreamCatcher>

    <DreamCatcher> Registered Member

    Jan 6, 2006

    After uninstalling McAfee Internet Security 2005 I had a few problems but I think I sorted them, but I have been left with a Event Log in Event viewer called 'ACEEventlog' that I think was created with the McAfee Privacy service and it has nothing in it. When I search for anything to do with this file its located in>

    ACEEvent.evt C:\WINDOWS\system32\config

    I would like to know how to remove this event log from the event viewer section if its possible.

    Thanks for any help

  2. Bubba

    Bubba Updates Team

    Apr 15, 2002
    You should be able to right click that entry and select delete.

    However....if you are using ATI Catalyst Control might want to reconsider not removing it :doubt:
    Last edited: Jan 14, 2006
  3. DreamCatcher

    DreamCatcher Guest

    Hi, Bubba

    I have a ATI Catalyst Control Center so I will leave it for now, I have some other problems that you maybe able to help me with, since remove mcAfee I have been getting perfnet errors in my application logs event id 2004, but if I reinstall file and print sharing it stops, but how can I disable file and print sharing without getting these errors?

    Also I have for some reason started to get the odd event log:

    event id 540

    Success Audit



    I have looked on event id, but with no luck, so If you could provide some help it would be great,

    Thank you

  4. Snowie

    Snowie Guest

    ***copy and paste**

    Windows 2000 and Windows NT support anonymous logons that let users browse the servers on the network in Network Neighborhood and their shares' Network Neighborhood. When you double-click a computer in Network Neighborhood to view its shared folders, you usually haven't yet logged on to that computer. Your workstation connects anonymously to the server and queries the server for its shared folders. Then, when you actually map a drive to one of those shared folders, your workstation logs on to the server with your username and password. Contrary to popular belief, these anonymous logons don't provide access to any folders or
    other objects. However, the anonymous logons do present a risk: They let potential intruders connect anonymously and enumerate all the shared folders, usernames, and SIDs on a computer. Intruders can use this information to launch an attack. For example, even if you rename the Administrator account to protect the account from attack, an intruder who uses the proper APIs can enumerate the users on the computer and look for one whose SID ends in 500 (the built-in Administrator account SID always ends in 500) and thus discover the new name for the Administrator account. A familiar intruder tool called (clip) can perform this search for you. . . .
  5. snowie

    snowie Guest

  6. DreamCatcher

    DreamCatcher Guest

    Hi, Snowie

    I have diaabled and uninstalled the file and print sharing, so I have stopped geting the anonymous logons, but Im left with errors for something like PerfNet was unable to open the server service, any idea how I can stop this without having to reinstall file and print sharing, which thens keeps giving me the annonymous logons. Its wso strange as it only begun happening recently,


  7. DreamCatcher

    DreamCatcher Guest

    this is what im seeing;

    Subject: Event Viewer Error: PerfNet - Event ID: 2004

    I am getting the following RED Cross error message in
    Event Viewer:

    Unable to open the Server service. Server performance
    data will not be returned. Error code returned is in data
    DWORD 0.

    The source is: PerfNet, the event is 2004.

    There is no info on this error in Help & Support. I am on
    Win XP Home with sp2.
  8. Bubba

    Bubba Updates Team

    Apr 15, 2002
    Since you have now disabled File\Printer sharing....what is your Server service set to and have you been disabling in other services ?
  9. DreamCatcher

    DreamCatcher Guest

    Hi, bubba Im on a stand alone computer and due to file and print sharing being uninstalled I have stopped getting the anonymous logons, due to it being unistalled I have no server service in 'services'! I have downloaded a program called ''Fileexctrlst_setup.exe'' from the following link;

    Using this I have disabled the performance counters for perfnet.dll, so hopefully I wil not get these errors. they only started after I removed McAfee from my system though maybe removing it changed some setting? suggest anything?

    Thanks bubba and snowie for helping me out,

  10. Snowie

    Snowie Guest

    Don't completely rule out that you may have been got those logons from somewhere (somebody) the problem you experienced is very easy exploit........although this is the first mention of it I have seen on winXP...........

    If you are no longer having those to leave well enough alone.......M$ did issue two patches for this "HOLE" way back in 2004.......but they should be part of sp2..or so I would think....??

    You Are Most Welcomed

    Snowie The Snowman

    Pass It On
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.