J
Jesus De La Torre
Hello:
I am having some problems with our PDC, a Win 2K Adv Serv
SP4 with Exchange 2000 SP3. It has been working fine for
almost a year, but two days ago some services (SMTP, DHCP,
Terminal and FRS) stopped. When I tried to restart them,
the error "Logon failure: account currently disabled"
appeared. This same error occurs when I try to clear the
Application Log. Did something happened with the
LOCALSYSTEM account?
Since then, I have been receiving the following errors in
the Event Viewer:
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 30/01/2004
Time: 10:28:26 a.m.
User: N/A
Computer: ...
Description:
The File Replication Service service terminated with the
following error:
Insufficient system resources exist to complete the
requested service.
Event Type: Error
Event Source: smtpsvc
Event Category: None
Event ID: 429
Date: 30/01/2004
Time: 10:32:32 a.m.
User: N/A
Computer: ...
Description:
Virtual Server Invalid MailQueue Directory: The specified
mail queue directory is not valid. Cannot start the SMTP
Service.
Data:
0000: 33 05 00 00 3...
Event Type: Error
Event Source: IISLOG
Event Category: None
Event ID: 2
Date: 28/01/2004
Time: 05:03:54 p.m.
User: N/A
Computer: ...
Description:
IIS Logging was unable to create the directory
C:\WINNT\System32\LogFiles\W3SVC7. The data is the error.
For additional information specific to this message please
visit the Microsoft Online Support site located at:
http://www.microsoft.com/contentredirect.asp.
Data:
0000: 33 05 00 00 3...
Event Type: Warning
Event Source: W3SVC
Event Category: None
Event ID: 100
Date: 28/01/2004
Time: 05:06:44 p.m.
User: N/A
Computer: ...
Description:
The server was unable to logon the Windows NT
account 'IUSR_...' due to the following error: The
specified module could not be found. The data is the
error code.
For additional information specific to this message please
visit the Microsoft Online Support site located at:
http://www.microsoft.com/contentredirect.asp.
Data:
0000: 7e 00 00 00 ~...
Event Type: Error
Event Source: DhcpServer
Event Category: None
Event ID: 1017
Date: 28/01/2004
Time: 05:18:43 p.m.
User: N/A
Computer: ...
Description:
The description for Event ID ( 1017 ) in Source (
DhcpServer ) cannot be found. The local computer may not
have the necessary registry information or message DLL
files to display messages from a remote computer. The
following information is part of the event: Logon failure:
account currently disabled. .
Data:
0000: 33 05 00 00 3...
Event Type: Error
Event Source: NtFrs
Event Category: None
Event ID: 13539
Date: 30/01/2004
Time: 08:54:05 a.m.
User: N/A
Computer: MTYSANANGELW2K
Description:
The File Replication Service cannot replicate
c:\winnt\sysvol\domain because the pathname of the
replicated directory is not the fully qualified pathname
of an existing, accessible local directory.
I thought it could be a virus, but we have eTrust
Inoculate, and even thought it has detected some emails
with the Mydoom and Mimail, the attachments have been
deleted. I run a complete scan and it did not detect any
virus or worm.
Any idea what this could be? What should I do? Do you need
any more data? Any help will be appreciated!!
Thanks in advance for your help.
I am having some problems with our PDC, a Win 2K Adv Serv
SP4 with Exchange 2000 SP3. It has been working fine for
almost a year, but two days ago some services (SMTP, DHCP,
Terminal and FRS) stopped. When I tried to restart them,
the error "Logon failure: account currently disabled"
appeared. This same error occurs when I try to clear the
Application Log. Did something happened with the
LOCALSYSTEM account?
Since then, I have been receiving the following errors in
the Event Viewer:
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 30/01/2004
Time: 10:28:26 a.m.
User: N/A
Computer: ...
Description:
The File Replication Service service terminated with the
following error:
Insufficient system resources exist to complete the
requested service.
Event Type: Error
Event Source: smtpsvc
Event Category: None
Event ID: 429
Date: 30/01/2004
Time: 10:32:32 a.m.
User: N/A
Computer: ...
Description:
Virtual Server Invalid MailQueue Directory: The specified
mail queue directory is not valid. Cannot start the SMTP
Service.
Data:
0000: 33 05 00 00 3...
Event Type: Error
Event Source: IISLOG
Event Category: None
Event ID: 2
Date: 28/01/2004
Time: 05:03:54 p.m.
User: N/A
Computer: ...
Description:
IIS Logging was unable to create the directory
C:\WINNT\System32\LogFiles\W3SVC7. The data is the error.
For additional information specific to this message please
visit the Microsoft Online Support site located at:
http://www.microsoft.com/contentredirect.asp.
Data:
0000: 33 05 00 00 3...
Event Type: Warning
Event Source: W3SVC
Event Category: None
Event ID: 100
Date: 28/01/2004
Time: 05:06:44 p.m.
User: N/A
Computer: ...
Description:
The server was unable to logon the Windows NT
account 'IUSR_...' due to the following error: The
specified module could not be found. The data is the
error code.
For additional information specific to this message please
visit the Microsoft Online Support site located at:
http://www.microsoft.com/contentredirect.asp.
Data:
0000: 7e 00 00 00 ~...
Event Type: Error
Event Source: DhcpServer
Event Category: None
Event ID: 1017
Date: 28/01/2004
Time: 05:18:43 p.m.
User: N/A
Computer: ...
Description:
The description for Event ID ( 1017 ) in Source (
DhcpServer ) cannot be found. The local computer may not
have the necessary registry information or message DLL
files to display messages from a remote computer. The
following information is part of the event: Logon failure:
account currently disabled. .
Data:
0000: 33 05 00 00 3...
Event Type: Error
Event Source: NtFrs
Event Category: None
Event ID: 13539
Date: 30/01/2004
Time: 08:54:05 a.m.
User: N/A
Computer: MTYSANANGELW2K
Description:
The File Replication Service cannot replicate
c:\winnt\sysvol\domain because the pathname of the
replicated directory is not the fully qualified pathname
of an existing, accessible local directory.
I thought it could be a virus, but we have eTrust
Inoculate, and even thought it has detected some emails
with the Mydoom and Mimail, the attachments have been
deleted. I run a complete scan and it did not detect any
virus or worm.
Any idea what this could be? What should I do? Do you need
any more data? Any help will be appreciated!!
Thanks in advance for your help.