Vista64 crashing - security issue?

It has just happened again less than an hour after turning on th
computer. Random crash whilst I was on the internet. No BSOD. Jus
shutdown and rebooted.

Event viewer recorded these errors below:

System Log

Unable to initialize the security package Kerberos for server sid
authentication. The data field contains the error number.

- <Even
xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-HttpEvent
Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" /

<EventID Qualifiers="49152">15016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2008-05-15T17:00:53.010Z" />
<EventRecordID>20891</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="64" />
<Channel>System</Channel>
<Computer>Synchronicity</Computer>
<Security />
</System>
- <EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SecurityPackage">Kerberos</Data>
<Binary>000004000200300000000000A83A00C00000000000 000000000000000000000000000000000000000E030980</Binary

</EventData>
</Event>


EventLog

- <Even
xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="EventLog" />
<EventID Qualifiers="32768">6008</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2008-05-15T16:59:04.000Z" />
<EventRecordID>20791</EventRecordID>
<Channel>System</Channel>
<Computer>Synchronicity</Computer>
<Security />
</System>
- <EventData>
<Data>17:56:53</Data>
<Data>15/05/2008</Data>
<Data />
<Data />
<Data>3551</Data>
<Data />
<Data />
<Binary>D807050004000F001100380035000802D807050004 000F001000380035000802600900003C000000010000006009 000000000000B00400000100000000000000</Binary

</EventData>
</Event>



- <Even
xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-Eventlog
Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" />
<EventID>1101</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>101</Task>
<Opcode>0</Opcode>
<Keywords>0x4020000000000000</Keywords>
<TimeCreated SystemTime="2008-05-15T16:59:06.494Z" />
<EventRecordID>52</EventRecordID>
<Correlation />
<Execution ProcessID="972" ThreadID="456" />
<Channel>Security</Channel>
<Computer>Synchronicity</Computer>
<Security />
</System>
- <UserData>
- <AuditEventsDroppe
xmlns:auto-ns3="http://schemas.microsoft.com/win/2004/08/events
xmlns="http://manifests.microsoft.com/win/2004/08/windows/eventlog">
<Reason>34</Reason>
</AuditEventsDropped>
</UserData>
</Event>


Http Event

Unable to initialize the security package Kerberos for server sid
authentication. The data field contains the error number.

- <Even
xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-HttpEvent
Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" /

<EventID Qualifiers="49152">15016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2008-05-15T17:00:53.010Z" />
<EventRecordID>20891</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="64" />
<Channel>System</Channel>
<Computer>Synchronicity</Computer>
<Security />
</System>
- <EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SecurityPackage">Kerberos</Data>
<Binary>000004000200300000000000A83A00C00000000000 000000000000000000000000000000000000000E030980</Binary

</EventData>
</Event>


Security Event 5038

Code integrity determined that the image hash of a file is not valid
The file could be corrupt due to unauthorized modification or th
invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume1\Windows\System32\drivers\t cpip.sys


- <Event
xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-Security-Auditing"
Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />
<EventID>5038</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>12290</Task>
<Opcode>0</Opcode>
<Keywords>0x8010000000000000</Keywords>
<TimeCreated SystemTime="2008-05-15T16:59:29.286Z" />
<EventRecordID>84</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="56" />
<Channel>Security</Channel>
<Computer>Synchronicity</Computer>
<Security />
</System>
- <EventData>
<Data
Name="param1">\Device\HarddiskVolume1\Windows\Syst em32\drivers\tcpip.sys</Data>

</EventData>
</Event>



Can anyone offer any advice?


--
Koishii

Koishii;712863 Wrote:

> It has just happened again less than an hour after turning on the
> computer. Random crash whilst I was on the internet. No BSOD. Just
> shutdown and rebooted.
>
> Event viewer recorded these errors below:
>
> System Log
>
> Unable to initialize the security package Kerberos for server side
> authentication. The data field contains the error number.
>
> - <Event
> xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
> - <System>
> <Provider Name="Microsoft-Windows-HttpEvent"
> Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
>
> <EventID Qualifiers="49152">15016</EventID>
> <Version>0</Version>
> <Level>2</Level>
> <Task>0</Task>
> <Opcode>0</Opcode>
> <Keywords>0x80000000000000</Keywords>
> <TimeCreated SystemTime="2008-05-15T17:00:53.010Z" />
> <EventRecordID>20891</EventRecordID>
> <Correlation />
> <Execution ProcessID="4" ThreadID="64" />
> <Channel>System</Channel>
> <Computer>Synchronicity</Computer>
> <Security />
> </System>
> - <EventData>
> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
> <Data Name="SecurityPackage">Kerberos</Data>
> <Binary>000004000200300000000000A83A00C00000000000 000000000000000000000000000000000000000E030980</Binary>
>
> </EventData>
> </Event>
>
>
> EventLog
>
> - <Event
> xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
> - <System>
> <Provider Name="EventLog" />
> <EventID Qualifiers="32768">6008</EventID>
> <Level>2</Level>
> <Task>0</Task>
> <Keywords>0x80000000000000</Keywords>
> <TimeCreated SystemTime="2008-05-15T16:59:04.000Z" />
> <EventRecordID>20791</EventRecordID>
> <Channel>System</Channel>
> <Computer>Synchronicity</Computer>
> <Security />
> </System>
> - <EventData>
> <Data>17:56:53</Data>
> <Data>15/05/2008</Data>
> <Data />
> <Data />
> <Data>3551</Data>
> <Data />
> <Data />
> <Binary>D807050004000F001100380035000802D807050004 000F001000380035000802600900003C000000010000006009 000000000000B00400000100000000000000</Binary>
>
> </EventData>
> </Event>
>
>
>
> - <Event
> xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
> - <System>
> <Provider Name="Microsoft-Windows-Eventlog"
> Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" />
> <EventID>1101</EventID>
> <Version>0</Version>
> <Level>2</Level>
> <Task>101</Task>
> <Opcode>0</Opcode>
> <Keywords>0x4020000000000000</Keywords>
> <TimeCreated SystemTime="2008-05-15T16:59:06.494Z" />
> <EventRecordID>52</EventRecordID>
> <Correlation />
> <Execution ProcessID="972" ThreadID="456" />
> <Channel>Security</Channel>
> <Computer>Synchronicity</Computer>
> <Security />
> </System>
> - <UserData>
> - <AuditEventsDropped
> xmlns:auto-ns3="http://schemas.microsoft.com/win/2004/08/events"
> xmlns="http://manifests.microsoft.com/win/2004/08/windows/eventlog">
> <Reason>34</Reason>
> </AuditEventsDropped>
> </UserData>
> </Event>
>
>
> Http Event
>
> Unable to initialize the security package Kerberos for server side
> authentication. The data field contains the error number.
>
> - <Event
> xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
> - <System>
> <Provider Name="Microsoft-Windows-HttpEvent"
> Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
>
> <EventID Qualifiers="49152">15016</EventID>
> <Version>0</Version>
> <Level>2</Level>
> <Task>0</Task>
> <Opcode>0</Opcode>
> <Keywords>0x80000000000000</Keywords>
> <TimeCreated SystemTime="2008-05-15T17:00:53.010Z" />
> <EventRecordID>20891</EventRecordID>
> <Correlation />
> <Execution ProcessID="4" ThreadID="64" />
> <Channel>System</Channel>
> <Computer>Synchronicity</Computer>
> <Security />
> </System>
> - <EventData>
> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
> <Data Name="SecurityPackage">Kerberos</Data>
> <Binary>000004000200300000000000A83A00C00000000000 000000000000000000000000000000000000000E030980</Binary>
>
> </EventData>
> </Event>
>
>
> Security Event 5038
>
> Code integrity determined that the image hash of a file is not valid.
> The file could be corrupt due to unauthorized modification or the
> invalid hash could indicate a potential disk device error.
>
> File Name: \Device\HarddiskVolume1\Windows\System32\drivers\t cpip.sys
>
>
> - <Event
> xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
> - <System>
> <Provider Name="Microsoft-Windows-Security-Auditing"
> Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />
> <EventID>5038</EventID>
> <Version>0</Version>
> <Level>0</Level>
> <Task>12290</Task>
> <Opcode>0</Opcode>
> <Keywords>0x8010000000000000</Keywords>
> <TimeCreated SystemTime="2008-05-15T16:59:29.286Z" />
> <EventRecordID>84</EventRecordID>
> <Correlation />
> <Execution ProcessID="4" ThreadID="56" />
> <Channel>Security</Channel>
> <Computer>Synchronicity</Computer>
> <Security />
> </System>
> - <EventData>
> <Data
> Name="param1">\Device\HarddiskVolume1\Windows\Syst em32\drivers\tcpip.sys</Data>
>
> </EventData>
> </Event>
>
>
>
> Can anyone offer any advice?

Believe it or not, we are having the same problems and it is not the
video card as the video card is brand new!


--
lambroger

You did check the power cable already I hope?

"Koishii" <guest@unknown-email.com> schreef in bericht
news:c425acb391f6bb59a94a0f13e0de89f6@nntp-gateway.com...

>
> Hope I have posted this in the correct section...
>
> I have Vista Ultimate 64bit. I have all the updates including SP1
> downloaded from Microsoft site. Up until yesterday everything has been
> working fine for the past month since I built a new system.
>
> Now all of a sudden my computer is crashing on me. No BSOD. Just shuts
> down and reboots. Last night this occured 5 times in the space of 4
> hours..
>
> Looking in my events log all I can see occuring at the times of the
> crashes is this information:
>
> Code integrity determined that the image hash of a file is not valid.
> The
> file could be corrupt due to unauthorized modification or the invalid
> hash
> could indicate a potential disk device error.
>
> File Name: \Device\HarddiskVolume1\Windows\System\drivers\tcp ip.sys
>
> I don't use windows firewall as I use the firewall built into Trend
> Micro Internet Security 2008. Checking though that programs logs shows
> nothing happening at the time of the crashes.
>
> After googling this and looking on Microsoft's site I am stumped at
> what I can do to resolve this. I do have windows updates on automatic
> and I recall an update occuring 2 days ago.
>
> Is there any workaround for this? Would appreciate any help that could
> be offered.
>
> Cheers
> Dave
>
>
> --
> Koishii

"Koishii" <guest@unknown-email.com> wrote in message
news:c425acb391f6bb59a94a0f13e0de89f6@nntp-gateway.com...

>
> Hope I have posted this in the correct section...
>
> I have Vista Ultimate 64bit. I have all the updates including SP1
> downloaded from Microsoft site. Up until yesterday everything has been
> working fine for the past month since I built a new system.
>
> Now all of a sudden my computer is crashing on me. No BSOD. Just shuts
> down and reboots. Last night this occured 5 times in the space of 4
> hours..
>
> Looking in my events log all I can see occuring at the times of the
> crashes is this information:
>
> Code integrity determined that the image hash of a file is not valid.
> The
> file could be corrupt due to unauthorized modification or the invalid
> hash
> could indicate a potential disk device error.
>
> File Name: \Device\HarddiskVolume1\Windows\System\drivers\tcp ip.sys
>
> I don't use windows firewall as I use the firewall built into Trend
> Micro Internet Security 2008. Checking though that programs logs shows
> nothing happening at the time of the crashes.
>
> After googling this and looking on Microsoft's site I am stumped at
> what I can do to resolve this. I do have windows updates on automatic
> and I recall an update occuring 2 days ago.
>
> Is there any workaround for this? Would appreciate any help that could
> be offered.

It looks as if your system is somewhat unstable probably for a non-security
reason. You should cross-post in microsoft.public.windows.64bit.general.

--
Allan

Thanks. Power cable is secure but it now appears that it may actually b
my graphics card that is causing the problem, so I am presentl
following that line of elimination..

Someone has told me that it could possibly be due to heat damage to th
card, which will mean - RMA the card

cheer

--
Koishii

Well, good luck troubleshooting!

I had my share of (hardware) problems as well with Vista 64bit but it runs
smooth now

"Koishii" <guest@unknown-email.com> schreef in bericht
news:12b16d67786c4bfe75223630b07c1e61@nntp-gateway.com...

>
> Thanks. Power cable is secure but it now appears that it may actually be
> my graphics card that is causing the problem, so I am presently
> following that line of elimination...
>
> Someone has told me that it could possibly be due to heat damage to the
> card, which will mean - RMA the card.
>
> cheers
>
>
> --
> Koishii

The "Kerberos" event is a Non-issue and was accidentally caused by a
previous update. Everyone who has that Update installed is getting these
kerebros security pack entries in their logs and they mean nothing, so
don't put time into that one.


--
Chappy

::*_DAVE_* ::- vista ultimate 64bit - nzxt lexa classic case - asus
commando mobo (p965/ich8r) - intel e6750 core 2 - zalman 9700 cpu cooler
- 4g's crucial ballistix tracer ddr2 pc26400 ram - bfg 8800gts oc2 320mb
- 2 x 22\" w2207 lcd monitors - 2 x 250g, 2 x 500g sata ii hdd's, 2 dvd
burners c/w lightscribe (sony, tsst) - enermax noisetaker ii 600w psu
with custom chrome cable sleeving - hauppauge hdtv tv tuner card - 5.1
logitech z5500 speakers - 15 in 1 multi-card reader

::*We will _NEVER_ Forget!*::