Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: Windows File Protection|
The protected system file <file name> was not restored to its original, valid version because the Windows File Protection restoration process was cancelled by user interaction, user name is <username>. The file version of the bad file is <file version>.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the Windows File Protection?
See ME292810 and ME315718 for information about this event.
Richard Anthony McCoy
When you start Windows XP and log on, your may receive the following error: “A problem is preventing Windows from accurately checking the license for this computer - Error code: 0x80070002”. When you press OK, you are returned to the Log On to Windows dialog. If you perform a System Restore, the problem may still persist.
This behavior will occur if you are missing the “%SystemRoot%\System32\secupd.dat” file and/or the “%SystemRoot%\System32\oembios.dat” file.
To resolve this problem:
1. Restart your computer and press F8 to start in Safe Mode.
2. Log on.
3. Right-click My Computer and press Manage.
4. Open the Event Viewer.
5. Check the System event log by using the View menu to Filter for an Event source of Windows File Protection since the last time you successfully logged on. You should be able to locate the files that could not be found during logon, probably as Event ID 64005.
6. Using another Windows XP computer, preferably as the same service pack and hotfix level, copy the missing files. If you do not have another Windows XP computer, you may be able to get the missing files from the Windows XP CD-ROM.
7. Restart your computer normally.
8. You may have to reapply the latest service pack and hotfixes. Perform a “sfc /scannow”, and check for viruses and other malware.
|Private comment: Subscribers only. See example of private comment|
|Links: ME292810, ME315718|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated