Translation … ignore it. Supposed to be fixed in the next OS.

On December 29, 2008, in Vista, by

Windows Event ID 5038 from Microsoft-Windows-Security-Auditing:
http://www.eventid.net/display.asp?eventid=5038&eventno=8922&source=Microsoft-Windows-Security-Auditing&phase=1

Translation … ignore it.  Supposed to be fixed in the next OS.

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          12/11/2008 10:51:18 PM
Event ID:      5038
Task Category: System Integrity
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      BITZIEVISTA.Kikibitzrtm.local
Description:
Code integrity determined that the image hash of a file is not valid.  The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys 
Event Xml:
<Event xmlns=”http://schemas.microsoft.com/win/2004/08/events/event“>
  <System>
    <Provider Name=”Microsoft-Windows-Security-Auditing” Guid=”{54849625-5478-4994-a5ba-3e3b0328c30d}” />
    <EventID>5038</EventID>
    <Version>0</Version>
    <Level>0</Level>
    <Task>12290</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8010000000000000</Keywords>
    <TimeCreated SystemTime=”2008-12-12T06:51:18.487Z” />
    <EventRecordID>9103</EventRecordID>
    <Correlation />
    <Execution ProcessID=”4″ ThreadID=”64″ />
    <Channel>Security</Channel>
    <Computer>BITZIEVISTA.Kikibitzrtm.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name=”param1″>\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys</Data>
  </EventData>
</Event>

If you enjoyed this article, please consider sharing it!
Facebook Twitter Delicious Digg

 

Comments are closed.