Re: Malicious Software Removal Tool Errors Reported



"DavidB" wrote:

Please if you wish to "SNIP" snip all or leave all as we are here for links?.
That been said, I hope you performed a scan on your machine and made sure
all okay.
There is another option but we will come to it if these steps didn't help or
not completely eliminate the Issue.

My reply is under each error message:

From application :

Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: 13/12/2007
Time: 16:43:24
User: N/A
Computer: PHANTOM
Description:
Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

This can indicate a memory is Bad so check your RAM sticks by downloading
this tool to check it with:
You may have a bad RAM try to test your RAM by running Memtest by
downloading this tool and unzip it and make a floppy or CD/DVD and run it on
Reboot.
http://www.memtest86.com/
You may need to reposition/reset the RAM sticks in their slots.


From security:

Event Type: Failure Audit
Event Source: Security
Event Category: Policy Change
Event ID: 615
Date: 13/12/2007
Time: 16:45:41
User: NT AUTHORITY\NETWORK SERVICE
Computer: PHANTOM
Description:
IPSec Services: IPSec Services failed to get the complete list of network
interfaces on the machine. This can be a potential security hazard to the
machine since some of the network interfaces may not get the protection as
desired by the applied IPSec filters. Please run IPSec monitor snap-in to
further diagnose the problem.

Make sure this service "IPSec Service" is started Automatically or manullay
in Services control panel.
When this error occur?.

<MS::>
Event Message:

IPSec policy agent changed: parameter PolicySource: parameter parameter
Source Event Log Event ID Event Type
Security Security 615 Success Audit
Explanation:

This event record indicates that a local group account has been created.
</MS::>
Troubleshooting VPN over IPsec
http://www.microsoft.com/technet/isa/2006/ts_vpn_ipsec.mspx
Step-by-Step Guide to Internet Protocol Security (IPSec)
http://technet.microsoft.com/en-us/library/bb742429.aspx

IPsec Policy Agent Service Runtime
http://technet2.microsoft.com/windowsserver2008/en/library/458fbffb-1c13-4900-b22a-2fd62578f74c1033.mspx?mfr=true



From System:

Event Type: Error
Event Source: Dhcp
Event Category: None
Event ID: 1002
Date: 13/12/2007
Time: 16:46:15
User: N/A
Computer: PHANTOM
Description:
The IP address lease 192.168.1.2 for the Network Card with network address
0018F378EB3C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Log into the Router or the server that assign the IP and click on the DHCP
there and see the MAC address for the machine having trouble.
You will find a log of bad IP addresses obtained by this machine, please
delete this log and make sure the machine is get the IP address Auto.
On the machine having trouble obtaining IP address Open a run command and
type in:
ipconfig /flushdns click [OK]
ipconfig /renew click [OK]
netsh winsock reset click [OK]
Reboot the machine and see if the error will be lgged after a while.


DHCP Across IP Routers
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/intwork/inae_ips_blgx.mspx?mfr=true

HTH.
nass
----
http://www.nasstec.co.uk
.

Relevant Pages

  • Re: Allow DHCP only to Client Computers?
    ... network from getting an address from DHCP, ... Couldn't you achieve such a thing with IPSec. ... be assigning the classid to the adaptor - if the adaptor has a ...
    (microsoft.public.windows.server.sbs)
  • Re: stop DHCP
    ... Unfortunately since computers need network details before they can ... Limiting the scope of DHCP and reserving IPs for MAC ... One of the most effective solutions is to use IPSec AH (authentication ...
    (microsoft.public.windows.server.sbs)
  • Re: assigning ip addresses on a secure way
    ... DHCP works off of broadcasts. ... has network access to a DHCP server can get an address as long as there are address ... allows you to filter mac addresses in a learn mode that can lock ports to the current ... Only W2K, XP Pro, and Windows 2003 are ipsec aware. ...
    (microsoft.public.security)
  • Re: Group policy to restrict who Recieves an IP from DHCP???
    ... DHCP is not a good security mechanism though you can use reservations that ... capable switches, compatible operating systems, PKI, and IAS server on the ... Ipsec may be something to look at. ... While you can use ipsec to protect domain computers, ...
    (microsoft.public.win2000.group_policy)
  • Re: assigning ip addresses on a secure way
    ... > superscope scenario to configure the DHCP to assign 10.3.ip s just to the ... >> allows you to filter mac addresses in a learn mode that can lock ports to ... >> configurations and can allow all computers internet access while not ... >> Within a domain ipsec by default will use kerberos authentication and any ...
    (microsoft.public.security)