Can't apply GPO's / Event ID 1058 + 1030

Discussion in 'ESET NOD32 Antivirus' started by MadMaxToronto, Jan 19, 2009.

Thread Status:
Not open for further replies.
  1. MadMaxToronto

    MadMaxToronto Registered Member

    Joined:
    Sep 17, 2008
    Posts:
    5
    Environment: 50+ WinXP Pro workstations, W2K3 Servers.

    After spending a considerable amount of time troubleshooting on our workstations why we are getting Event ID 1058 followed by Event ID 1030 (http://support.microsoft.com/kb/314494) along with "Applying computer settings" taking at least 10 minutes in some cases and in others not finishing and having to do a hard reboot, I've found that it's caused by NOD32 v3.0.650 Business Edition.
    Uninstalling NOD32 v3 fixes this issue.
    This issue appears at random after NOD32 v3 is installed. I can't figure out what triggers this problem... after installing NOD32 v3 the workstation works properly for a while until it gets buggered up somehow.

    From reading posts on this forum relating to this issue, the only fix seems to be to go back to v2.7.

    Has anybody come across a fix for this issue?
     
    Last edited: Jan 19, 2009
  2. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    600 PC's in a W2003 AD environment with a ton of GPOs. I don't have this problem. I have other problems with GPOs such as issues with Cisco port fast STP. Or timing out due to slow link negotiation at WAN locations even though I have that disabled by a GPO.

    But these all existed prior to NOD32, and we are better today than ever. GPRESULT has helped a lot.
     
  3. MadMaxToronto

    MadMaxToronto Registered Member

    Joined:
    Sep 17, 2008
    Posts:
    5
    Well, after installing NOD32 v3.0.650.0 Business Edition on my machine, the following errors appeared in the Event Log:

    Event ID: 1030, Type: Error, Source: Userenv
    Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

    Event ID: 40961, Type: Warning, Source: LSASRV, Category: SPNEGO (Negociator)
    Description: The Security System could not establish a secured connection with the server <server name>. No authentication protocol was available.

    These are the initial errors after installing NOD32 v3. From what I've noticed so far, the computer will work fine for a while and then the logon process will start to take longer and longer to complete the "Applying computer settings" and in some cases it will be stuck there. The Event Log records the following errors:

    Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1058
    Date: 2/8/2002
    Time: 7:25:40 AM
    User: NT AUTHORITY\SYSTEM
    Computer: MYCOMPUTER
    Description: Windows cannot access the file gpt.ini for GPO
    CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=lcds,DC=lab
    The file must be present at the location \\lcds.lab\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}
    (Access is denied) Group Policy processing aborted.


    Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1030
    Date: 2/8/2002
    Time: 7:30:46 AM
    User: N/A
    Computer: MYCOMPUTER
    Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

    If I remove NOD32 v3, the logon process is back to normal and the errors/warnings disappear from the Event Log.

    Any ideas what the issue might be?
     
  4. jschmidt77

    jschmidt77 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1


    Resolved this problem after months of troubleshooting :

    on the PC double click on the nod icon on the system tray, click f5 for advanced settings go to Antivirus and Spyware..Web Access Protection..Protocol Filtering.. Redirect Traffic for Protocol Filtering , change option to HTTP and POP3 ports,

    This will speed up login time and clear the error. If you are using the NOD Console, and would like to push out the change, download the latest console version and edit your install package or configuration file under the firewall section, create a task and push out the new settings
     
Thread Status:
Not open for further replies.