• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1276
  • Last Modified:

Pandainterface Error on Domain Controllers

While checking logs on my two domain controllers today I found the following errror on both servers.  I have not installed anything new on the servers in months, and no users have access to the servers so browsing to an infected site is unlikely.  Does anyone have any information on this 'pandainterface' error?
Thanks,
Joe

Log Name:      Application
Source:        PandaInterface
Date:          8/6/2012 4:31:02 PM
Event ID:      0
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      BDC.domain.com
Description:
GetInstalledMSExchangeVersion : Not able to find installed Exchange version
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="PandaInterface" />
    <EventID Qualifiers="0">0</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-08-06T21:31:02.000000000Z" />
    <EventRecordID>12177</EventRecordID>
    <Channel>Application</Channel>
    <Computer>BDC.domain.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>GetInstalledMSExchangeVersion : Not able to find installed Exchange version</Data>
  </EventData>
</Event>
0
jduehmig1
Asked:
jduehmig1
  • 3
  • 2
1 Solution
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Do you have any Security software in your environment ? Not sure if a trial version is installed or what but seems it tried to connect to Exchange :(

Panda Security SL , formerly Panda Software , is a computer security company
http://www.system-tray-cleaner.com/systray/programs.php?appid=A3F0E1E41B27EFAEE2658CA1CE30C24D0001A700

- Rancy
0
 
jduehmig1Author Commented:
I haven't intentially installed anything like this on the network.  I have since found this same error on six other servers (out of 30.)
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Maybe its on some other App or Windows server trying to access the data ...

- Rancy
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
jduehmig1Author Commented:
Anyone else?
0
 
Blake SoiuIT DirectorCommented:
Hi Everyone,

We experienced this same problem on about 4 servers. I worked with my AV vendor and we came up with the PandaInterface is coming from a monitoring tool we use in our environment. The tool being from N-Able Technologies.

Here is the log report from the command FindStr used.

In an open cmd prompt from c:\ after placing strings.exe from http://live.sysinternals.com/strings.exe right in c:\

strings -s | findstr /i pandainterface > c:\Results\log.txt



C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\agent.exe: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\EndpointSecurity.dll: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\EndpointSecurity.dll: PandaInterfaceException
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\EndpointSecurity.dll: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\ESCleaner.exe: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\ESCleaner.exe: PandaInterfaceException
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\ESCleaner.exe: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\PIU.exe: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\PIU.exe: PandaInterfaceException
C:\\Program Files (x86)\N-able Technologies\Windows Agent\bin\PIU.exe: PandaInterface
C:\\Program Files (x86)\N-able Technologies\Windows Agent\modules\EndpointSecurityModule.dll: PandaInterface
C:\\tammy-gfi\1.reg: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\PandaInterface]
C:\\tammy-gfi\2.reg: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\PandaInterface]
C:\\Windows\Downloaded Installations\{D14EE1C6-4F85-407A-B260-07C41B007814}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{D14EE1C6-4F85-407A-B260-07C41B007814}\Windows Agent.msi: PandaInterfaceException
C:\\Windows\Downloaded Installations\{D14EE1C6-4F85-407A-B260-07C41B007814}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{D14EE1C6-4F85-407A-B260-07C41B007814}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{D14EE1C6-4F85-407A-B260-07C41B007814}\Windows Agent.msi: PandaInterfaceException
C:\\Windows\Downloaded Installations\{D14EE1C6-4F85-407A-B260-07C41B007814}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{EDDD506C-52D4-4479-807C-D5B23667151B}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{EDDD506C-52D4-4479-807C-D5B23667151B}\Windows Agent.msi: PandaInterfaceException
C:\\Windows\Downloaded Installations\{EDDD506C-52D4-4479-807C-D5B23667151B}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{EDDD506C-52D4-4479-807C-D5B23667151B}\Windows Agent.msi: PandaInterface
C:\\Windows\Downloaded Installations\{EDDD506C-52D4-4479-807C-D5B23667151B}\Windows Agent.msi: PandaInterfaceException
C:\\Windows\Downloaded Installations\{EDDD506C-52D4-4479-807C-D5B23667151B}\Windows Agent.msi: PandaInterface
C:\\Windows\Installer\42e69cde.msi: PandaInterface
C:\\Windows\Installer\42e69cde.msi: PandaInterfaceException
C:\\Windows\Installer\42e69cde.msi: PandaInterface
C:\\Windows\Installer\42e69cde.msi: PandaInterface
C:\\Windows\Installer\42e69cde.msi: PandaInterfaceException
C:\\Windows\Installer\42e69cde.msi: PandaInterface

We believe this to be a hiccup of the monitoring software.
0
 
jduehmig1Author Commented:
Great!  We're using N-able's Ncentral monitoring software as well.  This certainly explains it.  Thanks for the answer.  I will be contacting N-Able on this.
Joe
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now