Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Windows cannot unload your registry file. The memory used by the registry has not been freed. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. If this problem persists, contact your administrator.
DETAIL - Insufficient system resources exist to complete the requested service.
|English: Request a translation of the event description in plain English.|
This issue occurs because the NTUser.dat file is not released successfully after the file is loaded under the HKEY_USERS\<SID> registry key. See ME941339 for information on solving this problem.
As per Microsoft: "This error might occur when an application or service does not release handles to the user profile hives (the ntuser.dat and usrclass.dat files that support the profiles registry hive) after it is has completed work on behalf of the user". See MSW2KDB for details on fixing the problem.
|Private comment: Subscribers only. See example of private comment|
|Links: ME941339, MSW2KDB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated