VPN Driver

AMLab
AMLab Posts: 4  Freshman Member
First Comment
edited April 2021 in Security
Hello.
After upgrading to version 1803, I started having problems with a VPN driver. After about 5 minutes of activity of the machine, it goes in bluescreen. These are some of the errors highlighted by the event viewer:

- The computer has been restarted by an error check. Error checking: 0x000000d1 (0xffff9802e1f39000, 0x0000000000000002, 0x0000000000000000, 0xfffff8024e84b5a0). Details have been saved in: C:\WINDOWS\MEMORY.DMP. ID
reporting: 5b7eef70-bca9-45f3-85fb-3f38b7dbffcc.

- The permissions settings specific to the application do not grant Local Start permission for the COM server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID
Not available to the NT AUTHORITY \ SID SYSTEM user (S-1-5-18) from the LocalHost address (via LRPC) running in the Application Container SID Unavailable (Not Available). To change this security authorization, you can use the Component Services administrative tool.

This is the result of the minidump:
==================================================
Dump File         : 050618-11046-01.dmp
Crash Time        : 06/05/2018 11:34:14
Bug Check String  : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x000000d1
Parameter 1       : ffff8283`ed3fe000
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000000
Parameter 4       : fffff808`7c33b5a0
Caused By Driver  : TGBVPNVirtM.sys
Caused By Address : TGBVPNVirtM.sys+1b5a0
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+197650
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\050618-11046-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 17134
Dump File Size    : 1.232.816
Dump File Time    : 06/05/2018 11:34:45
==================================================

The problem is related to the Zywall VPN Clinet software, regularly fired or to its driver. I tried to remove it and install it again, but the behavior does not change.

For completeness of information, I have installed and tested "TheGreenBow IPsec VPN Client v.5.5" and this works perfectly. These are the driver versions related to TheGreenBow:

vpnconf.exe 5.55.001
tgbike.exe 4.6.1
comlib.dll 3.1.0.1
tgbstarter.exe 3.2.0.1
vpncfg.dll 2.3.0.1
tgblibeay32.dll 0.9.8j
tgb_configmode.dll 4.2.0.1
tgblogonui.exe 5.55
TgbCredProv.dll 5.55
TGBMPEnum.sys 1.00.02.0004 built by: WinDDK
TGBVPNVirtM.sys 1.02.04.0001 built by: WinDDK

Thank you

Comments

Security Highlight