What creates these files?

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Rest password emails I have received at least 10 emails recently from Microsoft Customer Support saying I have requested via email to reset my hotmail password. Enter this link to reset, or if you did not request enter this link. I have never once asked to reset my password, so i always click the 2nd link, but why am I receiving these? Tag: What creates these files? Tag: 76001
  - 2
    - Where to send fraud e-mails? Hi Does anybody know what government agency to send a fraud e-mail? I just received one from the Nigerian crew. Thanks. Tag: What creates these files? Tag: 75999
  - 3
    - Serial/Thumbprint of Certificate attached to CA? Hello all, I was wondering if anyone could tell me if it is possible to find out the Serial # and/or thumbprint of the certificate that is associated with a Certification Authority. The problem is we have multiple certificates with the same name, and since there is a problem with the certificate I get an "access denied" when I attempt to access it through the CA properties. I have tried to back up the CA but always get an error, perhaps associated with the "acess denied" to the certificate itself. If anyone could adivse on this I would be most appreciative. Thanks! Tag: What creates these files? Tag: 75994
  - 4
    - Spyware doctor. Is it free? I installed 1 month ago spyware doctor ver. 3.2.1.359 on one pc; supposedly, free. Well, i want to install it at my home pc too. But, at a few known sites, like tucows, download.com and majorgeeks, this program is says shareware for $29.95. I remember reading something about this on the other pc. but, my work pc still has this program installed and its not a registered version nor a dime has been paid for it. Can I safetly download it at home. And assume that I wont get charged later on? is it a trial with a time limit?? If something says it needs or if I want to register it, does that mean $$$$$ time?? Tag: What creates these files? Tag: 75985
  - 5
    - Administrator's Account Name Reverts to Original Name I have one of our Network gurus' telling me that after they have renamed the Administrator's name on some of our network systems, that the systems are reverting back to the original name...Administrator I have never seen or heard of this. Any Truth to this orideas? Thanks -- Jerry Tag: What creates these files? Tag: 75984
  - 6
    - hotbar trying to install Hi- I have been using the ms antispy program at home for about 2 months now. when I log on to my user account, all is ok. But lately, when my daughter logs into her user account, after a few seconds, the red box from Microsoft antispy program says that this threat wants to install; and if I want to remove it. I click yes. it says it removes it. I scan right away, and the next time we turn off/on the pc and go into her acc't, this warning comes back. scans done= ad-ware, spybot S & D, spyware doctor, Ewido, MS antispy. Did them in safe mode. Only thing found, this last time, was with MS-antispy; and it was some searchbar threat and a tracking cookie. I went to Majorgeeks and dloaded a program specifically for this threat and it come up clean. will try it again as well as any others suggested here. hope you can help. PS, i also have HJT if I need to post a log at those forums. Thanks -- Tag: What creates these files? Tag: 75982
  - 7
    - SSL Padlock shows then disappears when viewing a site (asp.net) that I created the browser (ie 6, XP SP2) address shows https: but the padlock only shows when the site loads then disappears, any help would be appreciated... Thanks, Rico Tag: What creates these files? Tag: 75979
  - 8
    - How can you compromise a SQL Server via Front-End Server ? Imagine this: I have a Sharepoint Front-End web server in the "Forest-Perimeter" network (some call it DMZ). Imagine the SQL server such Sharepoint server uses continues to be housed in the "Internal" network. Therefore I would need to open a hole in the ISA firewall to allow communication between the Sharepoint Front-End<----> SQL Server (internal) network. Can you tell me the mechanism and likelyhood of getting such SQL server compromised via this Front-End web server ? I know you can hit a SQL server pretty hard if you can explore SQL server injections, but let's assume you use store procedures to avoid SQL server injections. Tag: What creates these files? Tag: 75978
  - 9
    - LU1806 Re : Live update problem. I am constantly receiving LU1806 error when trying to run live update. I have read all the information from Symantec. Attemtped to reload Norton Antivirus however the errors still occur. This problem has only been happening since I loaded Windows Internet Security. Any ideas how to get around the problem? Tag: What creates these files? Tag: 75970
  - 10
    - Reasons TO use full HHD encryption vs File/Folder (non-EFS) Hello - if anyone has any good argumements regarding why to USE Full Hard Disk Encryption -vs- just Folder (& file) Encryption, please post some comments. My boss wants to just do Folder, but I am leaning toward encrypting the full HHD to cover all the bases - thinking of using something like SafeGuard Easy 4.11. Please note: we are not considering EFS (sorry MS). Thank you all in advance! -- Take care! Mark -- Take care! Mark Tag: What creates these files? Tag: 75964
  - 11
    - how to delete a contact from the block list in privacy tab please let me know if there is a way to delete a contact from the block list in privacy tab. Tag: What creates these files? Tag: 75959
  - 12
    - ICMP Hardware Error Help. I have a few networks here. EXT FW&WAP -> SBS2003 w/ ISA2004 -> Internal LAN -> LAN GW&WAP -> Internal LAN DSL -> 192.168.1.x -> 192.168.16.x SBS is 192.168.1.200 LAN GW&WAP is 192.168.1.2 EXT FW&WAP is 192.168.1.1 SBS Internal is 192.168.16.4 LAN GW&WAP is 192.168.16.1 LAN/DHCP (on SBS) Default Gateway is 192.168.16.1 SBS Defautl GW in on Ext NIC and is 192.168.1.1 No GW defined on SBS internal NIC Problem.... Everytime I try to ping or tracert from my SBS Server to the internet my External Network Interface goes offline and reports "unplugged" and I get a "Hardware Error" in my CMD windows. A few minutes later the interface re-initializes and goes online. This server publishes content to the internet frequently every day, and serves as a Web, FTP, SMTP and other services server, all day long. Nothing else causes this, it only happens if I try to Ping or Tracert. Any ideas? Tag: What creates these files? Tag: 75954
  - 13
    - How prevent data steal thru pen drives? Tag: What creates these files? Tag: 75946
  - 14
    - How blocking some attachments helps protect your computer How the hell can i turn that thing off? i don't want windows to block an mp3 file when somebody sends me one through msn. And deblocking don't help either, cuz help and support says that i should just look for the file on my computer and deblock it, but it ain't even on my computer. It didn't save the file. I can judge myself whether or not a file can be trusted, i don't need windows doing that for me and what bugs me the most is that i can't seem to find a way to turn it off.....somebody? Tag: What creates these files? Tag: 75943
  - 15
    - IE Send Mail When I'm on MSNBC and I try to send a page via email to a friend, I receive: The current document type can not be sent as mail. Would you like to send a shortcut instead? I was able to do this before. Why not now? Tag: What creates these files? Tag: 75942
  - 16
    - Monitoring file usage I would like to know if there is a way to monitor when a user copy or move a file to an usb memory device. Our network have 200 + advanced clients with a domain controller and Systems Managment Server 2003 SP1. Thanks for your response. Tag: What creates these files? Tag: 75929
  - 17
    - smscfg.ini, 7 copies, won't defragment Hello, I've just defragmented my sony laptop, 5th time in 2 yrs, not too bad, because it seemed to be slowing down. My D drive went fine. My C drive had a failure to defragment smscfg(2).ini so I looked it up and I actually have 7 copies of this. I am not networked, I don't SMS, I internet via wifi. Is this anything I should be concerned about? Tag: What creates these files? Tag: 75924
  - 18
    - Can i run more then one session on the computer? Multiple sessions is pretty feature of XP. In domain environment its not working by default. How can i use this feature in domain environment? May be Vista can help me? Tag: What creates these files? Tag: 75918
  - 19
    - nigerian scams lately, i ve been getting a lot of mail from nigerians saying i can make millions if i give them my account number so they can deposit money from folks over there who died and left me in thier wills., and other such crap. is there somewhere i can report these to. i imagine some folks get this stuff and beleive it. -- xp-pro,sp2,ff1.0.6,40gb,380mb vig mobo,900gz, computer newbie Tag: What creates these files? Tag: 75917
  - 20
    - Infected from Google Virus from maxfiles.com It seems i am infected from some virus from Google toolbar, everytime am clicking search on google.com or googletoolbar my internet explore hangs/freezes the system for few mins . It also opens a pop-up on right-side of internexplorer screen. I think it is from maxfiles.com ? Please hel -- jigu90200 ----------------------------------------------------------------------- jigu902003's Profile: http://forums.techarena.in/member.php?userid=884 View this thread: http://forums.techarena.in/showthread.php?t=36450 Visit - http://www.techarena.in | http://forums.techarena.in | http://forums.techarena.in/archive/index.ph Tag: What creates these files? Tag: 75914
  - 21
    - FTP Server HELP!!! An unknown user used a program to try to script through about 8 different usernames, and like 300 passwords each in attempts to hack my FTP Server on my SBS 2003 Premium Server. Dilema, I hadn't ever created a "just in case" backup admin account. I try to never use admin privledges on the server, and with the negative implications of following the recommendations to rename Administrator, I have hesitated to do so, however after 300 failed login attempts, the Administrator account was locked out. Now I've recovered my access to my system, but I have some "obscurity" goals I'd like to try. I have found the following and implemented it: http://support.microsoft.com/default.aspx?scid=kb;en-us;826270 Now I would like my FTP SVC to at the least broadcast external.domain.com rather than server.domain.local on the "Connected to:" line. Any other recommendation on securing my "Read Only" FTP server would be greatly appreciated. Thanks, Tag: What creates these files? Tag: 75906
  - 22
    - accounts in two groups - Administrators and Power Users - who wins Does one group take precedence over the other. I had a situation where the user's accoutn was in both groups but when trying to install software, it appeared as if he did not have enough privileges. One of my technicians signed in as administrator and was able to install the software without a problem. When he signed in as the user who was in both Power Users and Admins, he said the install did not work. So the general question is how does Windows decide how to apply group membership roles. Tag: What creates these files? Tag: 75905
  - 23
    - Forest/Domain in the "DMZ" to accomodate web, front-end servers Imagine I have an IT guru in my organization and (political forces behind him) that don't let me put ANY front-end server in the internal network. I mean, I have Exchange 2003 OWA and Sharepoint servers that, to this date, have been published via ISA 2004 and in my view that was provided adequate security. Now imagine that I must put all servers that reside in the "internal" network in the "DMZ". Do you think it makes sense if I setup a "Domain-DMZ" and put all such front-end servers there and allow a one-way trust relantioship where my existing "domain-dmz" trusts the "corporate domain" ? Then I would put the Sharepoint Servers (front-end) and Exchange (front-end) and such DMZ-DOMAIN ? Do you really believe this would be a good security implementation for a mid size organization ? (5,000 AD accounts). Tag: What creates these files? Tag: 75902
  - 24
    - What Server Roles are OK to Share with a VPN? Hello-- We are going to be implementing a VPN for one of our remote offices. We have to be aware of costs, so we would like to share some of our network server roles on the same box. What server roles are safe to share on a VPN server? Security is our main concern, just ahead of cost. Many thanks, Stephen Tag: What creates these files? Tag: 75897
  - 25
    - MSN HOTMAIL SIGN IN PROBLEMS Whenever I try to sign in to my MSN e-mail account I get the following messages: "We cannot sign you in because we cannot verify the status of your subscription. Please verify that you are connected to the Internet before trying to sign in again." "MSN cannot verify that the MS.NET passport that you signed in with has an MSN billing account. You can still work offline...." Tag: What creates these files? Tag: 75896
- Next
  - 1
    - Vendor support security Hi all, Can anyone tell me or point me to a document to back me up on dos and don'ts when allowing vendor support connections. Does anyone have a policy that I can go by on this? We have setup a vpn (pptp) connection using pcanywhere, allow webex, and have a dialup modem using pcanywhere connections. The vendor still has a problem with me using group policy security and windows xp security. All my users do NOT have administrators rights to their workstation. The vendor insists that that is needed in order for him to connection with webex and fix a problem. The software is installed on an SQL server where he has a vpn connection and can connect with webex to have full control of the software. The only thing installed on the workstation is the SQL client which I installed and can maintain. Just would like to see other network/security administrators' policies on this. Thanks in advance for any help on this. Sher Tag: What creates these files? Tag: 75895
  - 2
    - Service Log On Account Problem Hello. My problem concerns Windows Services. I want some of my services work with permissions of domain user or domain admin (not Local System account). Everything works OK till reboot server. After this services don't start automatically due to incorect password reason. I have to type password manualy and start service manualy. This domain account are local admins of server and are added in Local Security Settings\User Rights Assignment\Logon as a service. What is the reason of my problem? Thanks in advance. Pawel Tag: What creates these files? Tag: 75894
  - 3
    - Bypass Traverse Checking not working I am having trouble getting Bypass Traverse checking working on my Windows 2003 EE server in a Windows 2003 domain. I have set Bypass Traverse Checking to Authenticated Users via Group Policy. However I have a service account that can not delete a file in the C:\Temp folder. The service account has Modify permissions to the C:\Temp folder and no permissions to C:\ Theoretically it should traverse C:\ and be able to find C:\Temp If I give the Service account the NTFS permission of "Travers Folder \ Execute File" the service account can then delete the file in the C:\Temp folder. I do not understand this as Bypass Travers Checking should give the same results. The following TechNet article states "Traverse folder takes effect only when the group or user is not granted the Bypass traverse checking user right in the Group Policy snap-in". http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/e4be109f-5547-4df8-90f0-4d885dc302e7.mspx Any idea on why Bypass Travers Checking does to appear to be applied? Tag: What creates these files? Tag: 75890
  - 4
    - should administrator lock pages in memory? Dear, all. Windows 2003 default setting, nobody could lock pages in memory. But in microsoft recommend in high security organization, should define administrator have this right. Could you tell me the reason? Thanks. Frank Tag: What creates these files? Tag: 75887
  - 5
    - I can't get into my other account...... My friend tried to many times to get into my other msn account. Corrupt_by_silence@hotmail.com, so now I can't get into it eather. And he tried to many times to answer my secret question, so I can't do that eather. So now I can't get in at all. Tag: What creates these files? Tag: 75883
  - 6
    - unable to login into WinXP HE Hi, I don't relly know if I'm posting in the right area but anyway...I was getting rid of viruses/sayware off my computer and MS GIANT found 3 viruses, a trojan, a mediaticket and a 180 solutions. I was akedto reboot my PC due because one of the viruses was running so I did. When I had rebooted I tryed to log into my useer but it immediately logged me out...I have tried safe mode and other users but all unsuccessful. Is there a way to open msconfig, command prompt (safe mode with prompt doesn't work) without logging into a user. Yours, Duggles Tag: What creates these files? Tag: 75878
  - 7
    - questionable emails received when I open an email that is full of hidden statements, is this something that should be turned over to MSN or high authorities? Did not want to just delete should something be questionable and might lead to something serious. THanks Tag: What creates these files? Tag: 75876
  - 8
    - Security Flaw: Any website can read your clipboard text Web sites you visit can retrieve data from your clipboard depending on your security settings. Go to this page (www.clipboard.googlemyway.com) and see if anything shows up in the box. If you are using Firefox or Opera you probably won't see anything. However, if you are using Internet Explorer then chances are that whatever you last copied into your clipboard will be displayed. Tag: What creates these files? Tag: 75871
  - 9
    - Diamond CS And Possible Name Change ??? Heck, I asked for a refund from Diamond over two months ago for their now defunct TDS program and thus far have heard nothing. I checked in on this board and their site about a month and a half ago and heard proclamations that an exciting new site with great new programs was "just around the corner" (where did I hear THAT expression before?!?!?), but alas, here we are 6 weeks later and it looks like all is status-quo. I could not find any new site, nor could I find any new products, nor did I ever find any information from Diamond CS regarding my (numerous) requests for a refund. Maybe they should change the name from Diamond CS to Diamond "BS"--- that seems to be what they specialize in! Tag: What creates these files? Tag: 75868
  - 10
    - Limit domain user logon to a unique workstation Hi there, I would like to know the procedure to restrict a domain user account(AD user) to logon to a single workstation (and no other PC, only that particular one) without creating a local user account on the machine. Is this feasible? Can someone help? Thanks in advance, Tag: What creates these files? Tag: 75867
  - 11
    - IE Flaw Puts Windows XP SP2 At Risk "CNET is reporting that a new flaw has been discovered in Internet Explorer that could enable a remote attack on systems running Windows XP with Service Pack 2, eEye Digital Security has warned. The discovery of this IE flaw comes just over a month after Microsoft issued a cumulative patch addressing three vulnerabilities for IE. The new IE flaw also adds to another vulnerability, discovered last month, that affects systems using Windows XP SP2." http://news.com.com/IE+flaw+puts+Windows+XP+SP2+at+risk/2100-1002_3-5868867.html?tag=nefd.top Imhotep Tag: What creates these files? Tag: 75863
  - 12
    - VPN and/or remote access Plug-Ins A number of companies are now using plug-ins to allow client desktop control for support/troubleshooting. QUESTIONS: 1) After the remote session is terminated, is there anyway to identify and locate the plugin installed by the support organization? 2) Is it possible to force the plugin to be installed into a specific directory/folder where the file system has permissions (NTFS assumed here since I don't believe FAT32 has folder permissions)? 3) If #2 is possible, will this contain the viewer from going outside (accessing or viewing) beyond the folder? 4) If not, is it possible for the client to contain the area where browsing can take place -- if so how? Thanks David Tag: What creates these files? Tag: 75860
  - 13
    - who could lock pages in memory Dear, all. Windows 2003 local security settings\user rights assignment\lock pages in memory, the default setting is: none is defined here. Could this mean nobody have right to lock pages in memory, or all body have this right? Thanks. Frank Tag: What creates these files? Tag: 75858
  - 14
    - CreateEvent fails with ERROR_INVALID_OWNER We're calling the Win32, CreateEvent, and it's failing with ERROR_INVALID_OWNER = "this security ID may not be assigned as the owner of this object". Here's the setup. We have a .NET class library (called .CAL) that calls into an unmanaged C-callable DLL (OMDAPI.DLL). The class library is hosted in a Web page. The Web page is running in IIS with anonymous access turned off. The web.config contains these entries: <authentication mode="Windows" /> <identity impersonate="true" userName="" password="" /> Therefore, we're trying to have the Web page impersonate the client browser's user. When OMDAPI.DLL connects to the ASPNET_WP process, during the DLL_PROCESS_ATTACH, it creates a static CSecurityDescriptor (from ATL). It calls InitializeFromThreadToken() on that CSecurityDescriptor. The DACL is null for this CSecurityDescriptor. The first user connects to the page, which calls into the class library which calls into the DLL. The DLL calls CreateEvent with a unique name and a SECURITY_ATTRIBUTES structure. The event name is generated from the username and some other data. Therefore, for each user, we're generating a different event name. The SECURITY_ATTRIBUTES structure is filled in with the CSecurityDesriptor (m_pSD) that was created during DLL_PROCESS_ATTACH. The first user's call to CreateEvent succeeds. I'm not 100% sure, but I believe this is the first time this security descriptor is actually used. The second user that logs in fails with ERROR_INVALID_OWNER. The second user is coming in from a different machine since we're using impersonation, it must be from a different user. It's been seen, sometimes on Windows Server 2003, that the second user gets in OK, but the third user fails. So basically, it fails after at most 3 users. The primary test platform has been Windows 2000. Now, OMDAPI.DLL has been around for a long time (6-7 years) and works fine in stand-alone, multi-threaded Windows applications. It has only started failing now that we're hosting this in a Web page. I've tried giving the ASPNET user account these privileges but they don't work: - administrator privileges - "act as part of the operating system" I haven't verified this, but it seems likely that each user is coming in on a different thread. The first user gets in and grabs ownership of that security descriptor. Then when the second user comes in on the second thread, it fails because it's already owned by the first thread/user. Does that sound reasonable? Some other things: - it's not in our class library because someone else wrote their own class library and called into OMDAPI.DLL and they get the same problem. - We're not trying to recreate the event name because it's different for each user. Any help as to why we're getting this ERROR_INVALID_OWNER would be greatly appreciated. Thanks in advance. Tag: What creates these files? Tag: 75852
  - 15
    - Error loading Roaming Profile - System detected a security comprom Getting this error when attempting to log in to a domain. Domain Controller is running Windows 2000 Server. ============ Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator. DETAIL - The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. ============ I am able to authenticate after logging in for functions such as internet browsing. Tried removing the computer from the domain and deleting the computer from AD, and reconnecting everything with no success. Tag: What creates these files? Tag: 75851
  - 16
    - Accoona Blockage of IE6 I have Windows 98 and IE6. Accoona has taken over my search engines and displays itself on all ads. I've tried removing it from the Add / Remove Software screen but it's not listed. I've searched Explorer to no avail. How do I get rid of this thing and how do I block it in the future? Help! Greg Tag: What creates these files? Tag: 75847
  - 17
    - child's account I have set up my childs account and want to do my other child, but you require a credit card to verify that I as the adult I ok the account. I do not have a credit card, becasue I do not want one. So how do I ok my childs account without one? Tag: What creates these files? Tag: 75846
  - 18
    - S/MIME signatures for internal email only? Hello all. I'm a newbie at setting up S/MIME on Exchange 2000. I am using an internal corporate Certification Authority that distribute= s = certificates for encryption and signing email. Is there a way to sign and/or encrypt only email that is internal only, = traveling within the organisation? Thank you for any suggestion on how this can be done. Dmitry. -- = Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ Tag: What creates these files? Tag: 75840
  - 19
    - Passwords Hi. I have been given an Excel document from a friend, it works ok but it is protected. I want to change it because the text does not centre; it is all over the place, some it centres others it aligns left or right. Very messy and unprofessional. He cannot remember the protection. Does anyone know if I can bypass the protection so I would be able to change the way text is written in the document? Many thanks. Tag: What creates these files? Tag: 75835
  - 20
    - Training Hey folks, fist post. I have taken on the job duties at my company as the network security administrator. My company wants to send me to some training to help me get off on the right track. Can anyone suggest a good training session? Or in your opinion what is the best out there? I am not worried about certifications at this point just needing to get a week training session under my belt. I am moderately knowledgable on Network Security and thats about it.. Something entry level to mod. would be cool. Thank you for your time in advance! Tag: What creates these files? Tag: 75831
  - 21
    - Open File - Security Warning I have several Windows 2003 Server SP1 and Windows XP SP2 systems attempting to run the various programs from a network share. I have been able to modify the Internet Explorer security settings to allow the local Intranet sites but a Security Center error appears each time a user attempts to open the program: Open File - Security Warning The publisher could not be verified. Are you sure you want to run this software? This file does not have a digital signature that verifies its publisher. You should only run software from publishers your trust. How can I disable this error? I have already tried allowing full access to the Intranet via Intranet and Trusted Sites Security Zones and disabling CheckExeSignatures in the registry. This is occurring with almost every network-run application we have installed. Tag: What creates these files? Tag: 75830
  - 22
    - Changing Cert template in Win2k3 Enterprise PKI CA Greetings, I wasn't sure where to post this as there wasn't a PKI/MS-CA forum. But here goes: We deployed Enterprise CA on Windows 2000 and recently upgraded the domain to Windows 2003 Enterprise (schema, native mode, etc.) The User Certificates issued are still based on the v1 template "user". we want to change the certificate lifespan from 1 to 4 years. The same with computer certificates. Can I replace the v1 user template with a v2 template so that is editable? Can I edit the v1 template somehow? The v1 templates are mostly greyed out in CertTempl.msc Help. Mike -- --- Mike Ruiz Network and Enterprise Systems Engineer Hobart and William Smith Colleges Tag: What creates these files? Tag: 75827
  - 23
    - RPC Server Unavailable When Requesting Computer Certificate Hi, I'm trying to set up a machine for use with our VPN. We will be using L2TP & smartcards, so I need to request a computer certificate. Up till now I've been able to configure most computer when people are in the office, connected to the domain, using automatic certificate deployment via group policy. However we have 1 user who is not going to be in the office, but needs VPN access. So I've changed the VPN access to allow PPTP temporarily, and asked him to connect, then I've used remote assistance to terminal service into his machine. From there I've managed to use the web based enrollment to download the CA certificate, and tried to use the certificates MMC snap in to request a computer certificate. However I get the initial screen up, asking which certificate I'd like, common name etc, but when I press finish, the system hangs for about 10 seconds, then errors with "RPC Server is unavailable". At first I thought this might be a firewall issue, as he was running windows firewall, as well as Symantec firewall. So I disabled both, and also the firewall on his 3com router. However after trying again, with a number of reboots, it still errors. I can ping the CA, the domain, and other computers. Does anyone have any ideas as to how I can successfully request a computer certificate? Is there another way of doing it? I notice there is no computer certificate option in the web enrollment form, even though the template has been added to the CA. We're using ISA 2004 as the VPN server, and it's allowing all protocols through from VPN > internal, and Internal > VPN. The DC is windows 2003 server, and the client machine is Windows XP pro SP2. Many thanks Ben Tag: What creates these files? Tag: 75819
  - 24
    - Initial post on windowsxp.help_and_support This is a multi-part message in MIME format. --------------040301030109070307020802 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Didn't saw any answer yet. --------------040301030109070307020802 Content-Type: message/rfc822; name="win98se vs. winXPsp2 file sharing problems.eml" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="win98se vs. winXPsp2 file sharing problems.eml" Date: Fri, 16 Sep 2005 00:30:14 +0300 From: Paul Grecu <paul.grecu@dacris.net> Organization: DACRIS User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 Subject: win98se vs. winXPsp2 file sharing problems Content-Type: multipart/mixed; boundary="------------050707030809020704070601" Message-ID: <ubmblyjuFHA.3752@TK2MSFTNGP09.phx.gbl> Newsgroups: microsoft.public.windowsxp.help_and_support NNTP-Posting-Host: 82.77.83.97 Path: TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl Xref: TK2MSFTNGP08.phx.gbl microsoft.public.windowsxp.help_and_support:594846 This is a multi-part message in MIME format. --------------050707030809020704070601 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, everyone! I just don't understand why is not working as it supposed to. I want my XP box to behave like a 9x one. I mean no matter which user or password I use to logon into network (let's say a simple workgroup) onto the win9x box, it should be able to browse the shares on the XP box anonymousely aka using guest account. Now I'm gonna tell you what I've already tryed out: 9x Box XP Box ~~~~~~ ~~~~~~ user: test simple file sharing = on pass: test guest account = on (but deny logon locally) \\xpbox\fullshare result: \\xpbox is not accessible user: test simple file sharing = off pass: test guest unchanged (see above) NTFS: everyone = full control SHARE: everyone = full control GPO: Limit local account use of blank password to console logon only = Disabled Do not allow anonymous enumeration of SAM accounts and shares = Disabled Sharing and security model for local accounts = Classic result: \\xpbox is not accessible user: guest nothing changed pass: result: everything is ok --------------050707030809020704070601 Content-Type: text/x-vcard; charset=utf-8; name="paul.grecu.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="paul.grecu.vcf" begin:vcard fn:Paul Grecu n:Grecu;Paul org:Dacris Impex Srl;IT Department adr:;;;Constanta;;8700;Romania email;internet:paul.grecu@dacris.net title:Network Administrator x-mozilla-html:FALSE url:http://www.dacris.net version:2.1 end:vcard --------------050707030809020704070601-- --------------040301030109070307020802 Content-Type: text/x-vcard; charset=utf-8; name="paul.grecu.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="paul.grecu.vcf" begin:vcard fn:Paul Grecu n:Grecu;Paul org:Dacris Impex Srl;IT Department adr:;;;Constanta;;8700;Romania email;internet:paul.grecu@dacris.net title:Network Administrator x-mozilla-html:FALSE url:http://www.dacris.net version:2.1 end:vcard --------------040301030109070307020802-- Tag: What creates these files? Tag: 75817
  - 25
    - Windows 2003 server SP1 Hello, I have installed windows 2003 enterprise edition on standalone system, i installed SP1 also, but found that system became a bit slower and also MY CD burning application stopped working after SP1 installation. I had to unistall SP1 to make nero work. What applications get affected after installing SP1 on windows 2003 server. how to rectify it. Pls Advise Tag: What creates these files? Tag: 75804

I originally posted this on an Outlook discussion group, but have since
realised Security might have been more appropriate, so am copying it here
with minor additions.

For less than one full day, both NAV and AVG indicated that files that are
constantly created in "C:/Documents and settings/<user>/Local
settings/Temp" with names "CC*.tmp" (they appear to be named using
hexadecimal notation of a byte) have the Netsky.P or .Q worms. Is this
NAV/NIS creating these files as a result of using MS Outlook, and why would
the files have an old worm?

Investigating how these worms work shows that the system does not appear
to be infected with these worms. But the "CC*.tmp" files are always being
recreated.

Any suggestions how to eliminate the problem?

For further information, warning messages from AVG and NAV only now appear
when I access that folder/files to try to solve the problem. Maybe there's no
real problem after all. But if NAV/NIS is creating those files, then why
would it be creating them with an apparent security flaw?

Kevin

Top

RE: What creates these files? by MarcoSpoel

MarcoSpoel
Thu Sep 22 07:12:01 CDT 2005

I use Filemon to detect processes that write files.

http://www.sysinternals.com/Utilities/Filemon.html

"Kevin" wrote:

> I originally posted this on an Outlook discussion group, but have since
> realised Security might have been more appropriate, so am copying it here
> with minor additions.
>
> For less than one full day, both NAV and AVG indicated that files that are
> constantly created in "C:/Documents and settings/<user>/Local
> settings/Temp" with names "CC*.tmp" (they appear to be named using
> hexadecimal notation of a byte) have the Netsky.P or .Q worms. Is this
> NAV/NIS creating these files as a result of using MS Outlook, and why would
> the files have an old worm?
>
> Investigating how these worms work shows that the system does not appear
> to be infected with these worms. But the "CC*.tmp" files are always being
> recreated.
>
> Any suggestions how to eliminate the problem?
>
> For further information, warning messages from AVG and NAV only now appear
> when I access that folder/files to try to solve the problem. Maybe there's no
> real problem after all. But if NAV/NIS is creating those files, then why
> would it be creating them with an apparent security flaw?
>
> Kevin

Top