![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
![]() |
| |
| | #1 (permalink) |
| Vista Ultimate x64 | Vista64 crashing - security issue? Hope I have posted this in the correct section... I have Vista Ultimate 64bit. I have all the updates including SP1 downloaded from Microsoft site. Up until yesterday everything has been working fine for the past month since I built a new system. Now all of a sudden my computer is crashing on me. No BSOD. Just shuts down and reboots. Last night this occured 5 times in the space of 4 hours.. Looking in my events log all I can see occuring at the times of the crashes is this information: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error. File Name: \Device\HarddiskVolume1\Windows\System\drivers\tcpip.sys I don't use windows firewall as I use the firewall built into Trend Micro Internet Security 2008. Checking though that programs logs shows nothing happening at the time of the crashes. After googling this and looking on Microsoft's site I am stumped at what I can do to resolve this. I do have windows updates on automatic and I recall an update occuring 2 days ago. Is there any workaround for this? Would appreciate any help that could be offered. Cheers Dave |
My System Specs![]() |
| | #2 (permalink) |
| Vista Ultimate x64 | Re: Vista64 crashing - security issue? It has just happened again less than an hour after turning on the computer. Random crash whilst I was on the internet. No BSOD. Just shutdown and rebooted. Event viewer recorded these errors below: System Log Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number. - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" /> <EventID Qualifiers="49152">15016</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T17:00:53.010Z" /> <EventRecordID>20891</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="64" /> <Channel>System</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data> <Data Name="SecurityPackage">Kerberos</Data> <Binary>000004000200300000000000A83A00C00000000000000000000000000000000000000000000000000E030980</Binary> </EventData> </Event> EventLog - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="EventLog" /> <EventID Qualifiers="32768">6008</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T16:59:04.000Z" /> <EventRecordID>20791</EventRecordID> <Channel>System</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data>17:56:53</Data> <Data>15/05/2008</Data> <Data /> <Data /> <Data>3551</Data> <Data /> <Data /> <Binary>D807050004000F001100380035000802D807050004000F001000380035000802600900003C000000010000006009000000000000B00400000100000000000000</Binary> </EventData> </Event> - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-Eventlog" Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" /> <EventID>1101</EventID> <Version>0</Version> <Level>2</Level> <Task>101</Task> <Opcode>0</Opcode> <Keywords>0x4020000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T16:59:06.494Z" /> <EventRecordID>52</EventRecordID> <Correlation /> <Execution ProcessID="972" ThreadID="456" /> <Channel>Security</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <UserData> - <AuditEventsDropped xmlns:auto-ns3="http://schemas.microsoft.com/win/2004/08/events" xmlns="http://manifests.microsoft.com/win/2...ndows/eventlog"> <Reason>34</Reason> </AuditEventsDropped> </UserData> </Event> Http Event Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number. - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" /> <EventID Qualifiers="49152">15016</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T17:00:53.010Z" /> <EventRecordID>20891</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="64" /> <Channel>System</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data> <Data Name="SecurityPackage">Kerberos</Data> <Binary>000004000200300000000000A83A00C00000000000000000000000000000000000000000000000000E030980</Binary> </EventData> </Event> Security Event 5038 Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error. File Name: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>5038</EventID> <Version>0</Version> <Level>0</Level> <Task>12290</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T16:59:29.286Z" /> <EventRecordID>84</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="56" /> <Channel>Security</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data Name="param1">\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys</Data> </EventData> </Event> Can anyone offer any advice? |
My System Specs![]() |
| | #3 (permalink) |
| | Re: Vista64 crashing - security issue? You did check the power cable already I hope? "Koishii" <guest@xxxxxx-email.com> schreef in bericht news:c425acb391f6bb59a94a0f13e0de89f6@xxxxxx-gateway.com... Quote: > > Hope I have posted this in the correct section... > > I have Vista Ultimate 64bit. I have all the updates including SP1 > downloaded from Microsoft site. Up until yesterday everything has been > working fine for the past month since I built a new system. > > Now all of a sudden my computer is crashing on me. No BSOD. Just shuts > down and reboots. Last night this occured 5 times in the space of 4 > hours.. > > Looking in my events log all I can see occuring at the times of the > crashes is this information: > > Code integrity determined that the image hash of a file is not valid. > The > file could be corrupt due to unauthorized modification or the invalid > hash > could indicate a potential disk device error. > > File Name: \Device\HarddiskVolume1\Windows\System\drivers\tcpip.sys > > I don't use windows firewall as I use the firewall built into Trend > Micro Internet Security 2008. Checking though that programs logs shows > nothing happening at the time of the crashes. > > After googling this and looking on Microsoft's site I am stumped at > what I can do to resolve this. I do have windows updates on automatic > and I recall an update occuring 2 days ago. > > Is there any workaround for this? Would appreciate any help that could > be offered. > > Cheers > Dave > > > -- > Koishii |
My System Specs![]() |
| | #4 (permalink) |
| | Re: Vista64 crashing - security issue? "Koishii" <guest@xxxxxx-email.com> wrote in message news:c425acb391f6bb59a94a0f13e0de89f6@xxxxxx-gateway.com... Quote: > > Hope I have posted this in the correct section... > > I have Vista Ultimate 64bit. I have all the updates including SP1 > downloaded from Microsoft site. Up until yesterday everything has been > working fine for the past month since I built a new system. > > Now all of a sudden my computer is crashing on me. No BSOD. Just shuts > down and reboots. Last night this occured 5 times in the space of 4 > hours.. > > Looking in my events log all I can see occuring at the times of the > crashes is this information: > > Code integrity determined that the image hash of a file is not valid. > The > file could be corrupt due to unauthorized modification or the invalid > hash > could indicate a potential disk device error. > > File Name: \Device\HarddiskVolume1\Windows\System\drivers\tcpip.sys > > I don't use windows firewall as I use the firewall built into Trend > Micro Internet Security 2008. Checking though that programs logs shows > nothing happening at the time of the crashes. > > After googling this and looking on Microsoft's site I am stumped at > what I can do to resolve this. I do have windows updates on automatic > and I recall an update occuring 2 days ago. > > Is there any workaround for this? Would appreciate any help that could > be offered. reason. You should cross-post in microsoft.public.windows.64bit.general. -- Allan |
My System Specs![]() |
| | #5 (permalink) |
| Vista Ultimate x64 | Re: Vista64 crashing - security issue? Thanks. Power cable is secure but it now appears that it may actually be my graphics card that is causing the problem, so I am presently following that line of elimination... Someone has told me that it could possibly be due to heat damage to the card, which will mean - RMA the card. cheers |
My System Specs![]() |
| | #6 (permalink) |
| | Re: Vista64 crashing - security issue? Well, good luck troubleshooting! I had my share of (hardware) problems as well with Vista 64bit but it runs smooth now ![]() "Koishii" <guest@xxxxxx-email.com> schreef in bericht news:12b16d67786c4bfe75223630b07c1e61@xxxxxx-gateway.com... Quote: > > Thanks. Power cable is secure but it now appears that it may actually be > my graphics card that is causing the problem, so I am presently > following that line of elimination... > > Someone has told me that it could possibly be due to heat damage to the > card, which will mean - RMA the card. > > cheers > > > -- > Koishii |
My System Specs![]() |
| | #7 (permalink) |
| vista ultimate 32 | Re: Vista64 crashing - security issue? It has just happened again less than an hour after turning on the computer. Random crash whilst I was on the internet. No BSOD. Just shutdown and rebooted. Event viewer recorded these errors below: System Log Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number. - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" /> <EventID Qualifiers="49152">15016</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T17:00:53.010Z" /> <EventRecordID>20891</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="64" /> <Channel>System</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data> <Data Name="SecurityPackage">Kerberos</Data> <Binary>000004000200300000000000A83A00C00000000000000000000000000000000000000000000000000E030980</Binary> </EventData> </Event> EventLog - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="EventLog" /> <EventID Qualifiers="32768">6008</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T16:59:04.000Z" /> <EventRecordID>20791</EventRecordID> <Channel>System</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data>17:56:53</Data> <Data>15/05/2008</Data> <Data /> <Data /> <Data>3551</Data> <Data /> <Data /> <Binary>D807050004000F001100380035000802D807050004000F001000380035000802600900003C000000010000006009000000000000B00400000100000000000000</Binary> </EventData> </Event> - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-Eventlog" Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" /> <EventID>1101</EventID> <Version>0</Version> <Level>2</Level> <Task>101</Task> <Opcode>0</Opcode> <Keywords>0x4020000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T16:59:06.494Z" /> <EventRecordID>52</EventRecordID> <Correlation /> <Execution ProcessID="972" ThreadID="456" /> <Channel>Security</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <UserData> - <AuditEventsDropped xmlns:auto-ns3="http://schemas.microsoft.com/win/2004/08/events" xmlns="http://manifests.microsoft.com/win/2...ndows/eventlog"> <Reason>34</Reason> </AuditEventsDropped> </UserData> </Event> Http Event Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number. - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" /> <EventID Qualifiers="49152">15016</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T17:00:53.010Z" /> <EventRecordID>20891</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="64" /> <Channel>System</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data> <Data Name="SecurityPackage">Kerberos</Data> <Binary>000004000200300000000000A83A00C00000000000000000000000000000000000000000000000000E030980</Binary> </EventData> </Event> Security Event 5038 Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error. File Name: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>5038</EventID> <Version>0</Version> <Level>0</Level> <Task>12290</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2008-05-15T16:59:29.286Z" /> <EventRecordID>84</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="56" /> <Channel>Security</Channel> <Computer>Synchronicity</Computer> <Security /> </System> - <EventData> <Data Name="param1">\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys</Data> </EventData> </Event> Can anyone offer any advice? |
My System Specs![]() |
| | #8 (permalink) |
| Vista Ultimate 64bit | Re: Vista64 crashing - security issue? The "Kerberos" event is a Non-issue and was accidentally caused by a previous update. Everyone who has that Update installed is getting these kerebros security pack entries in their logs and they mean nothing, so don't put time into that one. The tcp/ip.sys image hash, do you have that hacked 64bit patch for tcp/ip concurrent half open connections installed? Those patches are unstable on 64bit and often causes BSOD's and are not needed for P2P (which is why most people install it). |
My System Specs![]() |
![]() |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Chameleon Clock Issue with Vista64 | General Discussion | |||
| 6800GT/Vista64/6gb RAM issue | Gaming | |||
| Freezing/Crashing Issue | Gaming | |||
| ISSUE WITH CRASHING | Vista performance & maintenance | |||
| Vista64 crashing with 4GB | Vista General | |||