One of our VMware guest servers started to behave strangely. After the restart machine could be pinged successfully but during the "Apply Computer settings" phase, machine looses ping with the message that one of the services failed to start.
I have checked event log and there was a huge number of error events with the following information:
IPSec, Event ID 4292
The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network trafic that is not permitted by boot-time IPSec Policy exemptions. User Action: To resotre ull unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer.
When you try to start IPSec service manually, you will receive the following error message:
Could not start the IPSEC Services service on Local Computer. Error 2: The system cannot find the file specified."
I have received the following error on my Citrix Receiver when I tried to run the published application:
Error number 2320, Citrix Receiver Configuration Manager: No value could be found for (AllowHotkey) that satisfies all lockdown requirements. The lockdown requirements in force may be conflicting.
Citrix Receiver was normally working, so I can't tell what has caused this behaviour.
I have tried to shutdown Citrix Receiver on my client machine and shutdown all other active Receiver processes, but without luck.
To solve this error a small registry change needs to be done.
During configuration of Windows 8 machine I have noticed that I wasn't asked (or maybe I was) to choose the network type for my current network. By the type of network I mean options like Home(Private), Work or a Public network.
With this selection you are automatically choosing the proper Windows firewall profile.
Unfortunately my network was automatically configured as a Public network.
As you can see from the picture below, Public network is not clickable so I can't change it.
It seems that a new virus/malware is on the loose. Today I have received a mail containing the same virus in the past couple of days.
Here's the mail info:
From: Ludimilla - Financeiro
Nota Fiscal - digitalset
Body: Demostrativo em anexo
Attachment: Nota Fiscal 00385380011.zip
File: Nota Fiscal 00385380011.exe
Unfortunately, I'm not sure what harm can this virus do to your machine, especially with the fact that it still has not been detected by most of the Antivirus applications.
Here is the result from VIRUS TOTAL
So far it has been successfully recognized by Avast, BitDefender, Nod32, Symantec etc.. It appears to be just another variant of Win32:Malware-Gen and it should be removed as posted on im-infected.com.