Issue:
The following event appears in the System Event Log periodically
Event ID: 10016
Source: DistributedCOM
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}
and APPID
{B292921D-AF50-400C-9B75-0C57A7F29BA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
APPID {B292921D-AF50-400C-9B75-0C57A7F29BA1} corresponds to the DCOM NAP Agent Service, which in turn is part of the Network Access Protection Agent service.
Search the Registry for the CLSID to determine what product is calling the NAP Agent Service APPID. In this case the CLSID is the Quarantine Private SHA Binding class, which is a Kaspersky Anti-virus product.
By default the service Network Access Protection Agent is stopped and the Start Type is set to Manual.
Cause:
The DCOM error is being generated because the application’s SHA encryption module is trying to register with the NAP Agent even when NAP is not enabled. Several applications are known not to verify the NAP Agent is running before attempting to register themselves.
Solution:
Method 1
This DCOM error can be ignored if you don’t use NAP in your current environment.
Method 2
Enable the Network Access Protection Agent
Method 3
Contact the vendor of the software trying to register with the NAP Agent to see if they have released a fix for this issue.
Article ID: 351, Created On: 9/19/2011, Modified: 9/19/2011
Free Registration
Browse KB
View latest news items
Search KB
Recent Articles
Downloads
Script Library