Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: Windows File Protection|
File replacement was attempted on the protected system file c:\winnt\system32\acsmib.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.0.2167.1.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is a DLL?
What is the Windows File Protection?
From a newsgroup post: "This problem appeared when I tried to install the Win2000 CL Banshee drivers and the setup attempted to replace banshee.dll and banshee.sys. Windows automatically replaced these files with older versions and this event was logged in my event log. In order to install the drivers I went to Control Panel/System/Hardware tab/Driver Signing Options and I checked "Ignore - Install all files, regardless of file signature". After this the drivers were installed without the appearance of this event".
A Windows 2000 feature: files considered vital to the system stability are automatically restored when they are deleted or overwritten with different versions.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated