×
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dbenjaminod
Former Member
Message 1 of 16
‎11-11-2011 01:26 AM

Incoming Events Not Being Logged

Well I hoped I'd not be posting a problem again, however it seems another has popped up, I'll summarize what has happened and the problem.

The other day on Wednesday I was checking over McAfee when I noticed that the list of incoming events was somewhat lacking compared to the usual bombardment and now it seems that nothing is being logged at all.  According to the Virtual Technician my copy of McAfee is fully operational and has no problems but this issue with the log is rather frustrating.  I know from reading here that the incoming log is a list of attempts/connections that have failed.  I'm bothered about the fact that I cannot see these and know that they are being blocked.

The firewall is up, it says my computer is secured and no action is required.  I attempted a system restore back to the start of this week and that appears to have done nothing, in fact the issue seemed to get worse with hardly anything being logged in the incoming events.  After that did not work I got onto the Technical Support Chat and one of the techs inspected my McAfee and told me the program was fully operational and fine but he recommended that I reinstall McAfee and sent me the info I needed to do so by email.  I removed everything and completed a new install last night.  However the problem still seems apparent and there is minimal activity in my incoming log when at one time I was constantly told that such and such was attempting a unsolicited connection.

I remember reading a thread here similar to this but it appears that the solution that helped them has not done the same for me, I am monitoring the log to check that it is now doing it's job since booting the computer up.

I would like to add that most other things are working perfectly fine, the realtime scanner is blocking and deleting tracking cookies and has done in the last 10 minutes and most other things appear to be showing, it's only the log that seems to be problematic.

This past week there have been two updates both for McAfee and for Windows (I believe in the form of a Security Update) which after reading a previous thread does seem to be a likely culprit for this problem but I am rather stuck now and was hoping I was not the only person in the world who has had this issue.  It's a comfort knowing my firewall is blocking things so if I can be helped to resolve this issue, I would be most grateful.

So does anyone know/has anyone else experienced issues with their firewall log?

0 Kudos
Reply
15 Replies
theflyingmonkey
Former Member
Message 2 of 16
‎11-11-2011 03:43 PM

Re: Incoming Events Not Being Logged

The only advice I can give you is that sometimes the logs will log activities such as going to google and stuff and sometime it doesn't.  I had a online chat with support and I was redirected 3 times to their supervisor, when I asked why it logs it sometime and other times it doesn't.

The answer they gave me wasn't really an anwer as to why today I will get activity logged with google's ip and then tomorrow I don't.  The only thing they kept telling me was that as long as the firewall was on and set correct it is blocking any incoming connections that are being used by your programs in the Internet Connection Programs list.

0 Kudos
Reply
dbenjaminod
Former Member
Message 3 of 16
‎11-15-2011 08:21 AM

Re: Incoming Events Not Being Logged

Yeah your situation does sound similar to mine, it has been logging things down but it's rather selective as to when.  I've had a few instances where I've left the computer idle and then surfed and I then get a list of like 7-10 attempted connections all at the same time (I assumed these happened across the time I was idle but were updated all at once).  As mentioned it does appear to be logging things and it clearly states that my firewall is on and even MVT tells me that everything is perfectly fine. 

I had the same sort of thing with tech support, I don't really get a conclusive answer as to why it was happening and was just told to reinstall.

Reinstalling McAfee did not seem to correct the problem, it does much the same as before and it's been like a week now and the computer hasn't looked slower or any different in terms of performance so one would assume the firewall is actually doing it's job.  The tech I chatted to before installing looked at McAfee on my computer and told me everything was working fine and I'm getting the same thing now too with everything being "secure".  It seemed to happen after the updates this past week, there was one for xp sp3 and McAfee that required me to restart (if I remember correctly).  I'm going to see how it goes and later may try and uninstall things like Malwarebytes and Ad-aware and see if that changes anything.

If nessesary I may even try reinstalling mcafee without MWB and AA on the computer and see what that does.  I presume by the lack of responses that this is something I should not worry to much about, what with mcafee telling me it's secure, the firewall is on and that MVT is also telling me my McAfee software is running with no issues?

0 Kudos
Reply
theflyingmonkey
Former Member
Message 4 of 16
‎11-15-2011 12:47 PM

Re: Incoming Events Not Being Logged

The only thing I can tell you is that the McAfee tech guy said that this is normal and I shouldn't worry about it as this is what it does and said that he couldn't tell me why because he isn't the Firewall team that made the firewall.

The interesting thing was that he told me all of the events being logged were blocked and stuff, so at this point I really stopped caring too much.  But for some reason, the activities I am getting on my logs are coming from google's ip address whenever I go to google.  The latest one which has me worried is that the ip address 74.125.239.11 accessing TCP Port 1777.  Upon research it showed that this port and some other ports that google was trying to access (recently) were used by trojans and worms before.

So whether this activity was blocked or not, I don't personally know as the tech said it was.  But I did do something before which was to download bittorrent and tried to run it with the port it is suppose to use as 50000.  The logs showed 5 ip addresses, which were the ones that I was downloading from and they were downloading from me.  This makes you wondered, if the activity in the incoming events logs means that the attempts are blocked.  Then how is it that those ip addresses were listed in the logs accessing TCP Port 50000, yet they were able to download from me?

I asked the tech and they couldn't give me an answer why it is listed, when they say that the listed events are blocked.  But clearly if those ip addresses were blocked they wouldn't be able to download from me.  So I guess the only thing I can say is that sometimes there will be events and sometimes there aren't.  But recently, whenever I go to google I would get incoming events from them.  Not sure if it was the newest update to the Security Center and Firewall or not.

But I wouldn't uninstall Malwarebyteses as that doesn't affect McAfee at all, unless you are using the Pro edition which has the real-time scanning.  If you aren't using that then, I would say don't bother uninstalling Malwarebytes, since it probably wouldn't do a thing.

0 Kudos
Reply
dbenjaminod
Former Member
Message 5 of 16
‎11-19-2011 08:39 AM

Re: Incoming Events Not Being Logged

Okay I yesterday formatted my computer and reinstalled windows, it's fully updated and I have a copy of McAfee running with it telling me that McAfee is secure and protecting my computer.  However I still seem to have exactly the same issue with the firewall and it's apparent not wanting to log incoming connections.  McAfee tells me that it's on, all the settings appear to be at default as before yet there seems to be a lack of things in the logs.  It also sometimes does the same thing where I get a number of logged events all in the same minute sometimes from the same ip.

I must say I'm not overly happy about this, is it so wrong to be bothered about my computers security, I realize what the log is for, telling me that certain things are failing to connect to my computer but I would very much like the peace of mind and know what is trying to and when.  From what I can tell from the past week before reformatting (where it was much the same) everything appears to be alright, however this is just an irritance and how am I going to know when things are getting through? Is the firewall doing it's job still, despite the lack of logged events?

Things are appearing in the logs but I remember about 2 or 3 weeks ago and the months before I was being informed of a multitude of attempted connections, yet now there seem to be far less.  Is there something that has happened in the last update to cause this?  I can't believe that I'm the only person using XP sp3 who is having problems.

-I've tried reinstalling

-I've chatted to support and been informed before the format that everything was working fine.

-I've formatted my computer with windows now entirely fresh.

-If anyone can chime in with some wisdom I'd very much appreciate it.

0 Kudos
Reply
Hayton
Reliable Contributor
Reliable Contributor
Message 6 of 16
‎11-19-2011 10:10 AM

Re: Incoming Events Not Being Logged

Open your Security Center and click on Firewall, then on Settings.

Under Security Levels, what setting is selected?

And under Firewall History, how many boxes are checked under "Log these events"?

0 Kudos
Reply
dbenjaminod
Former Member
Message 7 of 16
‎11-19-2011 10:42 AM

Re: Incoming Events Not Being Logged

Thanks,

Security Settings are the default/recommended "Outgoing Access - Give all my programs out-going access only"

Under Firewall History all those boxes are ticked, with "Log these events" and then all the individual ones also ticked. The "Don't Log Events on these ports" is unchecked and the bar greyed out.

0 Kudos
Reply
Peacekeeper
MVP
MVP
Message 8 of 16
‎11-19-2011 12:32 PM

Re: Incoming Events Not Being Logged

Does selecting monitored access change things? I prefer this setting.

0 Kudos
Reply
dbenjaminod
Former Member
Message 9 of 16
‎11-19-2011 12:42 PM

Re: Incoming Events Not Being Logged

Not that I've noticed, there was two attempts before I changed the setting about half an hour ago, the last lot were when I was surfing an hour beforehand.  Besides that theres not been any at all the past 30 minutes.  Should I be bothered by this?  It's acted like this the past 2 weeks or so and I've not really noticed anything abnormal.  I just find it bizarre that there are not as many logged connections as there were before.

edit: It just logged two attempts a second ago, I have a feeling it would have done that regardless of what setting the Firewall was set up as.

Message was edited by: dbenjaminod on 19/11/11 14:45:27 CST
0 Kudos
Reply
Peacekeeper
MVP
MVP
Message 10 of 16
‎11-19-2011 12:49 PM

Re: Incoming Events Not Being Logged

Please monitor it and post back Monday morning so I can add this to our phone call Monday arvo

0 Kudos
Reply
How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community

* Important Terms and Offer Details:

  Subscription, Free Trial, Pricing and Automatic Renewal Terms:

  • The amount you are charged upon purchase is the price of the first term of your subscription. The length of your first term depends on your purchase selection (e.g. 1 month or 1 year).  Once your first term is expired, your subscription will be automatically renewed on an annual basis (with the exception of monthly subscriptions, which will renew monthly) and you will be charged the renewal subscription price in effect at the time of your renewal, until you cancel (Vermont residents must opt-in to auto-renewal.)
  • Unless otherwise stated, if a savings amount is shown, it describes the difference between the introductory first term price (available only to customers without an existing McAfee subscription) and the renewal subscription price (e.g., first term price vs. each year thereafter).
  • Pricing is subject to change. If the renewal price changes, we will notify you in advance so you always know what’s going on.
  • You can cancel your subscription or change your auto-renewal settings any time after purchase from your My Account page. To learn more, click here.
  • You may request a refund by contacting Customer Support within 30 days of initial purchase or within 60 days of automatic renewal (for 1 year terms or longer).
  • Your subscription is subject to our License Agreement and Privacy Notice. Subscriptions covering "all" devices are limited to supported devices that you own. Product features may be added, changed or removed during the subscription term.  Not all features may be available on all devices.  See System Requirements for additional information.
  • Free Trial Terms: At the end of your trial period you will be charged $39.99 for the first term. After the first term, you will be automatically renewed at the renewal price (currently $124.99/yr). We will charge you 7-days before renewal. You can cancel at any time before you are charged. ​

 **Free Benefits With Auto-Renewal:

  • For many qualifying product subscriptions McAfee offers additional benefits for free when you are enrolled in auto-renewal. You can check your eligibility for these benefits in your My Account page. Not all benefits are offered in all locations or for all product subscriptions.  System Requirements apply.   Turning off auto-renewal terminates your eligibility for these additional benefits. 
  • Virus Protection Pledge (VPP): If we cannot remove a virus from your supported device we’ll refund you the amount you paid for your current term subscription.  The refund does not apply to any damage or loss caused by a virus.  You are responsible for backing up your data to prevent data loss. See terms here: mcafee.com/pledge.
  • Safe Connect VPN:  You will receive free, unlimited access to our VPN wireless on supported devices. Users not on auto-renewal have access to 500 MB/month of bandwidth.

   Additional Terms Specific to Identity Monitoring Service:

  • Eligibility: McAfee® Identity Monitoring Service Essentials is available within active McAfee Total Protection and McAfee LiveSafe subscriptions with identity monitoring for up to 10 unique emails. Phone number monitoring is enabled upon activation of Automatic Renewal. Not all identity monitoring elements are available in all countries. See Product Terms of Service for more information. 
  • Your subscription is subject to our License Agreement and Privacy Notice. Product features may be added, changed or removed during the subscription term. Some features may require registration and a valid ID number to activate. See System Requirements for additional information.
  • While McAfee Identity Monitoring Service provides you tools and resources to protect yourself from identity theft, no identity can be completely secure.
  • US Only:
    Fair Credit Reporting Act: You have numerous rights under the FCRA, including the right to dispute inaccurate information in your credit report(s). Consumer reporting agencies are required to investigate and respond to your dispute, but are not obligated to change or remove accurate information that is reported in compliance with applicable law. While this plan can provide you assistance in filing a dispute, the FCRA allows you to file a dispute for free with a consumer reporting agency without the assistance of a third party.
  • Identity theft coverage is not available in New York due to regulatory requirements.


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Products

McAfee® Total Protection
McAfee® Gamer Security
McAfee® Identity Monitoring Service
McAfee® Security Scan Plus
McAfee® WebAdvisor
McAfee® Techmaster Concierge
McAfee® Virus Removal Service

Resources

Antivirus
Free Downloads
Parental Controls
Malware
Firewall
 Blogs
Activate Retail Card
Threat Center
McAfee Enterprise

Support

Consumer Support
FAQs
Renewals
Support Community

About

About McAfee
Careers
Contact Us
Newsroom
Investors
Legal Terms
Your Privacy Choices
System Requirements
Sitemap

Copyright © 2022 McAfee, LLC
Copyright © 2022 McAfee, LLC