| Event Id | 5472 |
| Source | Microsoft-Windows-Security-Auditing |
| Description | PAStore Engine failed to load local storage IPsec policy on the computer. Policy:%t%t%1 Error Code:%t%t%2 |
| Event Information | According to Microsoft : Cause : This event is logged when PAStore Engine failed to load local storage IPsec policy on the computer. Resolution : Fix local policy issues Windows logs an error if the local policy storage cannot be read. The error message indicates the cause of the failure by including an error code in the text of the message. To determine the meaning of the code, open a command prompt, and then type net helpmsg errnum, where errnum is the error code displayed in the event message. Possible causes are listed here: 1.Low memory resources. If excessive demands are placed on the memory resources of your computer, such as when running more programs than the computer can adequately support, then common operating system functions required to do such tasks as retrieving or processing firewall policy can fail. To solve this situation perform one or more of the following steps: 1.Stop unneeded programs to free up memory. See the procedure at the end of this list. 2.Restart the computer, and then start fewer programs so that resources are not under an excessive load. 3.If the problem persists, you might need to add more RAM to the computer to support the number of programs that you want to run. To free up memory on the computer: 1.Log on to the computer. 2.Right-click the taskbar, and then clickTask Manager. 3.Click theApplications tab and make sureStatus of all tasks isRunning. If any tasks have aStatus ofNot responding, you should consider ending the task by clickingEnd Task. 4.Click the Processes tab. 5.ClickMemory and investigate processes that are using a lot of memory. 2.Registry corruption If the computer registry is corrupted then the local policy cannot be retrieved. The only supported solution to this condition is to reinstall the operating system. Registry corruption cannot be reliably repaired. |
| Reference Links | a href="http://technet.microsoft.com/en-us/library/cc733425.aspx"target="_blank">Event ID 5472 from Source Security |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.