Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The COM+ Event System detected a bad return code during its internal processing. HRESULT was <error code> from line 309 of .\eventsystem2.cpp. Please contact Microsoft Product Support Services to report this error.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is COM?
Who are Microsoft Product Support Services and how to contact them?
What is an HRESULT?
What is the COM+ Event System?
Error code: 800705AA = "Insufficient system resources exist to complete the requested service" - This may occur if the system is infected by the MSBlaster or LoveSAN Internet worm. See ME823980 for details. See Symantec Security Response on how to detect it and remove it.
This event may also show up in other circumstances. See the links below for some conditions on which such event can occur.
See also the comments for Error code 0x800705AA.
Error code: 8000FFFF - Not a fix but for some additional information, see the comments for Error code 0x8000FFFF.
Error code: 80080005 - See the comments for Error code 0x80080005.
Error code: 0x80040111 - See the comments for Error code 0x80040111
- Error code: 800706BA (Error code 800706BA) - See "JSI Tip 7676".
- Error code: 80070057 - See ME268856.
To resolve this issue, download and install the Microsoft Windows 2000 security update that is described in ME823980.
From a newsgroup post: "Apparently, the following registry key got modified and did not have the right values. I exported this registry key from a functional server and imported it to the server with the issue after backing up the key.
See ME830074, ME839880, and the link to "EventID 4097 from source DrWatson" for additional information on this issue.
In one case, this problem was due to Windows 2000 having reached the maximum registry size of 255MB.
This happened to me when the system was infected with the W32/Nachi.worm. After removing the worm and applying the latest RPC Patch, all problems were gone.
Error code: 8000FFFF - I got this after (successfully) installing either ME823980 or ME824146. This accompanies severe problems at reboot: no more task bar, no more start menu, no more desktop icons, explorer.exe cannot be launched from task manager, etc. Machine is unusable until patch is rolled back. Thoroughly checked for virus, none found.
In my case, this problem was fixed after I installed the latest Windows service pack.
This may be caused by an RPC vulnerability recently discovered on Windows servers. See: Windows RPC Vulnerability Fix for more details as well as the Microsoft Security Bulletin MS03-026.
If you had problems lately with IIS (Unexpected Crash - EventID 28 Or/And 37 in system log) and you get this event (id 4097) in your application log then have a look at ME282073.
|Private comment: Subscribers only. See example of private comment|
|Links: ME268856, ME272958, ME282073, ME823980, ME824146, ME830074, ME839880, Error code 800706BA, Error code 0x800705AA, Error code 0x8000FFFF, Error code 0x80080005, Error code 0x80040111, Symantec Security Response, Windows RPC Vulnerability Fix, Microsoft Security Bulletin MS03-026, EventID 4097 from source DrWatson, JSI Tip 7676|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated