cancel
Showing results for 
Search instead for 
Did you mean: 
kswags
Level 7

Custom Exception not working or causing an error?

I created two exceptions in a test environment for a product and I get these in the logs.  Im fairly new to intrpeting these log files so please ... no flaming. 

########### HipShield Build: May 10 2010, 15:51:57  7.0.0.1159 ###########

###########         Session: Thu May 12 11:57:45 2011         ###########

*** Os: WinVistaServer Server Service Pack 2  Version 6.0.6002

05-12 11:57:47 [05252] HRC WARNING: SiReg: Could not open [HKLM\Software\Network Associates\TVD\VirusScan\AVConsol\General], LastErr 0x00000002 The system cannot find the file specified.

05-12 11:57:47 [05252] HRC WARNING: SiReg: Could not open [HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion], LastErr 0x00000002 The system cannot find the file specified.

05-12 11:57:47 [05252] HRC WARNING: SiReg: Could not open [HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion], LastErr 0x00000002 The system cannot find the file specified.

05-12 11:57:47 [05252] HRC ERROR:

Exception {

    Id 1266

    application { Include {c:\windows\system32\inetsrv\w3wp.exe} }

    domain_user_name { Include {NT Authority\NT Authority} }

    wrkstn_name { Include HRVCMS-APP }

    keys { Include {\REGISTRY\MACHINE\SYSTEM\ControlSet\SERVICES\WINSOCK2\PARAMETERS\PROTOCOL_CATALOG9} }

}

ERROR: Signatures do not contain any Rules with the specified Classes.

REMOVED Due to errors

Exception {

    Id 1000

    application { Include {C:\Windows\system32\svchost.exe} }

    domain_user_name { Include {NT Authority\Local System} }

    sql_original_query { Include {SELECT id, CASE WHEN encrypted=0 THEN text ELSE NULL END AS text, colid, number, CONVERT(bit, encrypted) AS Encrypted,} }

}

WARNING: Section <sql_original_query> was not used in any Exception

0 Kudos
1 Reply
bgable
Level 11

Re: Custom Exception not working or causing an error?

Check to see that you created the exception off an event.  It looks like you have an invalid parameter specified for sig 1266, which is an ISAPI (HTTP) class signature.

"Keys" is a parameter for the "Registry" class signatures.

The second one, sig 1000 is trying to use a SQL class parameter "sql_original_query".

0 Kudos