Firewall log

All replies

• 

  

  0

  Sign in to vote

  Onecare firewall will block when you try to ping other computers.
  
  ICMPv4 is the protocal which will allow users to ping other computer. (Ping is used to check the connection between the computers)
  
  Try to run a complete online scan. www.safety.live.com --->Full service scan.
  

  • Marked as answer by Stephen BootsMVP, Moderator Friday, April 3, 2009 3:24 PM
  • Unmarked as answer by Stephen BootsMVP, Moderator Friday, April 3, 2009 6:43 PM

  Friday, April 3, 2009 2:07 PM
• 

  

  0

  Sign in to vote

  To expand on onecare_Ravi's reply, you can either configure the firewall to allow ICMP outbound under the advanced firewall settings or you can ignore the log entries.
  As to what on your PC is trying to use that protocol outbound, it isn't clear from the log, but it can be any number of things. If you suspect malware, you may want to contact support. The online safety scan uses the same signatures as the installed copy, so I'd not go that route.
   

  How to reach support (FAQ) - http://social.microsoft.com/Forums/en-US/onecareinstallandactivate/thread/30400b52-7f26-4ba0-bc18-17e305329d90
  
  -steve

  ---

  Microsoft MVP Windows Live / Windows Live OneCare & Live Mesh Forum Moderator

  • Marked as answer by peters4000 Friday, April 3, 2009 4:05 PM
  • Unmarked as answer by Stephen BootsMVP, Moderator Friday, April 3, 2009 6:43 PM

  Friday, April 3, 2009 3:27 PM

  Moderator
• 

  

  0

  Sign in to vote

  The protacal is IGMP not ICMP this is why i'm asking please look again ,  small print i know !
   
  

  	The following request was blocked:
  	Full Application Path:	Unknown
  	Version:	Unknown
  	Local Computer:	192.168.***.***:0
  		224.0.0.22:0
  	Protocol Name:	IGMP
  	Protocol Number:	2
  	Traffic Direction:	Outbound

  Friday, April 3, 2009 4:04 PM
• 

  

  0

  Sign in to vote

  It's Universal Plug and Play (UPnP) using Internet Group Management Protocol (IGMP) to look for either routers, networked printers or other networked devices.
  
  This protocol has been found to be exploitable on many router devices, so it's probably being blocked to reduce the risk.
  
  Unless you're having issues with either management or operation of your router or another networked device, I wouldn't be concerned.  Few devices actually require it for operation, it's usually simply used to allow easy identification and setup initially.
  
  OneCareBear

  ---

  Windows OneCare Forum Moderator

  • Marked as answer by Stephen BootsMVP, Moderator Friday, April 3, 2009 6:43 PM

  Friday, April 3, 2009 4:35 PM

  Moderator
• 

  

  0

  Sign in to vote

  ok ......  now I understand
  
  thanks for your help OneCareBare
  
  peter

  Friday, April 3, 2009 4:55 PM
• 

  

  0

  Sign in to vote

  Oops. I need new glasses, apparently! I see that OneCareBear has already provided the correct answer for you.
  -steve

  ---

  Microsoft MVP Windows Live / Windows Live OneCare & Live Mesh Forum Moderator

  Friday, April 3, 2009 6:42 PM

  Moderator
• 

  

  0

  Sign in to vote

  Sorry... thought it as ICMP.... :P

  Friday, April 3, 2009 10:27 PM
• 

  

  0

  Sign in to vote

  I need to find out why you continue to send out a notice that my firewall is OFF.  I never turn it off.  Why would it be off?

  Sunday, April 5, 2009 1:51 AM
• 

  

  0

  Sign in to vote

  If you are receiving this notice from One Care and your firewall is turned off try the firewall repair tool - http://social.microsoft.com/Forums/en-US/onecarefirewall/thread/e67b1989-afd5-47e5-a393-3a551c7c7e60

  ---

  Jim - MVP Windows Live - Forum Moderator - Live One Care - Live Mesh

  Sunday, April 5, 2009 2:02 AM

  Moderator