Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 0 Source: DWMRCS

The description for Event ID ( 0 ) in Source ( DWMRCS ) could not be found. It contains the following insertion string(s):
DameWare Mini Remote Control
, Failed Version Negotiations.
Date: 01/17/04 10:46:27
Computer Name:
User ID:
Logon As ID:
OS Product ID:
OS Registered Owner:
OS Registered Organization:
Host Name from Peer:
IP Addresse(s) from Peer:
IP Address: <ip address>
Protocol Version - DWRCC.EXE: 0.000000-0.000000
Protocol Version - DWRCS.EXE: 3.660000-0.000000
Product Version - DWRCS.EXE:
Authentication Type: NT Challenge/Response
Last Error Code: 203
Last Error Code (WSA): 203
Absolute timeout setting: 0 minutes
Connect/Logon timeout setting: 90000 miliseconds
From a newsgroup post: "Installing the Microsoft 329170 hotfix may cause this problem. You might try the following troubleshooting steps:
1. Boot to Safe Mode.
2. Disable the following services on startup.
Dameware Mini Remote Control (DWMRCS)
File is located in c:\winnt\system32\dwrcs.exe -service
HXD Service (HackerwareDefender051)
File is located in c:\winnt\system32\rkit.exe

See also ME303383.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.