Print

Welcome to Smokey's Security Forums.

Guests have only limited access to the board and it's features, please consider registering to gain full access!

Registration is free and it only takes a few moments to complete.

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Blue -J]

Hi,

Have you constructed any advanced rules for services.exe? Do you have any automatic updates set to trigger every 2/3 weeks?

Can you turn the service back on and have a full debug from the log file...

[Habob]

I woke up today to the error message again.

It happened at 2:52:nn (AM) according to Event Log. According to the firewall log it continued blocking non processed packets though.
I don't run any automated stuff that might have initiated around that time.

[mets]

So it is more an interesting question to me today than a problem that needs to be fixed to maintain a stable system. Perhaps there was indeed some 3rd party interference. I can't think of anything I changed though, as I hardly install/remove programs.

Hello,
Yes, I agree. I have looked at the possible problems with disable of DCOM (via the method you mention). I also disable many windows services which I see as un-needed. I will need to look at/ possibley debug to see if JPF is making such comms, or possibly a bug.
I am looking at this, as I am interested(as mentioned), but it may be related to a specific application you have installed that runs (at times)

[Habob]

Hello Habob,
I have not found (as yet) any problem related to Jetico and windows services. My eye does go to you disabling DCOM (please show how you have done this) as memory access/problems can be related via 3rd party access by this sevice.

I have no direct answer to your question, but, if you give info on what/how you have disabled windows services (mainly at this time "DCOM") I can at least look at this (I am interested), and can possibly help.

I disabled DCOM using dcomcnfg.

The other services were simply disabled or set to manual in the regular service menu.

The strange thing is that these crashes kept occuring frequently when I posted the message. Several days later the frequency grew less. Then it stopped happening only to pop up again just once when I thought it was gone. Now it has been running problemfree for over two weeks.

So it is more an interesting question to me today than a problem that needs to be fixed to maintain a stable system. Perhaps there was indeed some 3rd party interference. I can't think of anything I changed though, as I hardly install/remove programs.

[Tommy]

Hello Habob,
I have not found (as yet) any problem related to Jetico and windows services. My eye does go to you disabling DCOM (please show how you have done this) as memory access/problems can be related via 3rd party access by this sevice.

I have no direct answer to your question, but, if you give info on what/how you have disabled windows services (mainly at this time "DCOM") I can at least look at this (I am interested), and can possibly help.

As to my knowledge Jetico v1 does not depend on any Windows service (Nail correct me when i am wrong)
I agree with that. DCOM is very sensitive regarding disabling and memory . Please enable it again and let us know if Jetico v1 still brings up this memory error.

[mets]

Hello Habob,
I have not found (as yet) any problem related to Jetico and windows services. My eye does go to you disabling DCOM (please show how you have done this) as memory access/problems can be related via 3rd party access by this sevice.

I have no direct answer to your question, but, if you give info on what/how you have disabled windows services (mainly at this time "DCOM") I can at least look at this (I am interested), and can possibly help.

[Habob]

Some weeks ago I reinstalled win2k and installed Jetico v1 almost immediately.

Everything worked great. Now about a week ago I closed the various open win2k ports as I forgot to do so immediately after the installation.

Now Jetico, at random, crashes with this error message.

"Application popup: fwsrv.exe - Application Error : The instruction at "0x77fcb0c8" referenced memory at "0x00000000". The memory could not be "written".

Click on OK to terminate the program"

The "instruction at" address is different everytime.

So I was wondering if any of the services normally running in win2k are needed for Jetico. I only disabled standard things (IPsec, DCOM, Task scheduler, &c).

I could re-enable services one by one to test, but the crashes are random; sometimes it is running fine for hours, so this would take a lot of time.


-Logged on as Admin
-No other security programs actively running (AVG started when needed)
-Other applications running exactly the same before and after the problem started.