Archive for 'Events' Category

AppLocker Update 1

By SuperG - Last updated: Sunday, June 24, 2012

So I tried “Authenticated users” and I had the same issue as Domain Users. And really it would not have solved my problem anyway even if it did work. To test this I made a test machine and created a local AppLocker rule. TEST 1 I am using Word this time, the rule is set […]

AppLocker

By SuperG - Last updated: Monday, June 18, 2012

This was posted to¬†http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/d91363df-44fb-4c15-ad75-3779e3ed35ab AppLocker not behaving as expect when file has Alternate Data Streams and rule is not applied to everyone. I have a publisher rule setup for MS Office 2010 as in the picture When this is set to Allow for Everyone Office works as expected. However if I set the rule to […]

Windows Update service fails to start

By SuperG - Last updated: Tuesday, April 3, 2012

This is an easy one but I have see a lot of posts about it, and this last week I needed to fix a broken Windows Update agent myself as SCCM was no longer working due to the service hanging. Windows update does not start. (Fails to start or never gets past “starting”) You may […]

Remote Help not connecting

By SuperG - Last updated: Tuesday, April 3, 2012

Remote Help not connecting DCOM error When using Microsoft Remote Help to connect to a computer you get the following window almost immediately.

JAVA 1330 Error and Fix

By SuperG - Last updated: Tuesday, April 3, 2012

JAVA 1330 Error invalid Digital signature You try and install any version of JAVA on VISTA and your receive: Error 1330. A File that is required cannot be installed because the cabinet file <path to file> has an invalid digital signature. This may indicate that the cabinet file is corrupt.

@Axel Doux

By SuperG - Last updated: Tuesday, April 3, 2012

This is in response to Axel Doux’s comment. So I am assuming you created your EventLog something like this: New-EventLog -LogName “My new EventLog” -Source “My sources” And you can write events with: write-eventlog -logname “My new EventLog” -Source “My sources” -Message “Some Error happened” -id 999 Then to read the log you can use: […]

Event Forwarding of Security Logs

By SuperG - Last updated: Tuesday, April 3, 2012

This is a long one, sorry but there is a lot in information here. So recently, where I work, we decided to collect a lot of the security events from all of our domain controllers. We are going to use the built-in “Windows Event Collector” service to do this. I am assuming you already have […]