Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Checking file system on <drive>
The type of the file system is <filesystem type>
Volume label is <volume label>
One of your disks needs to be checked for consistency. You may cancel the disk check, but it is strongly recommended that you continue. Windows will now check the disk.
Windows has made corrections to the file system.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of the Winlogon service?
This event could occur if you check your hard disk drive with CHKDSK in Read Only mode and it has files currently open or in use by Windows NT. See ME109524 for details.
See MSW2KDB for additional information about this event.
As per Microsoft: "This problem occurs because if Chkdsk is run against an NTFS volume, Chkdsk.exe may report that security descriptors are in the database that are no longer referenced by any file or folder and that it is removing them. However, Chkdsk.exe just reclaims the unused security descriptors as a housekeeping activity, and it does not actually fix any kind of problem". See ME255008 and ME218461 to fix this problem.
Event logged by an automatic CHKDSK upon reboot.
|Private comment: Subscribers only. See example of private comment|
|Links: ME109524, ME218461, ME255008, MSW2KDB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated