Jump to content

Windows Defender


NATO

Recommended Posts

After installing Windows Defender (2006 is the - latest - version!) I find these reports in the Event Log.

*************************************************************************************************************

Event Type: Warning

Event Source: WinMgmt

Event Category: None

Event ID: 5603

Date: 20-May-12

Time: 7:04:45 PM

User: NT AUTHORITY\SYSTEM

Computer: XXX-XXXXXXXXXXX

Description:

A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Event Type: Warning

Event Source: WinMgmt

Event Category: None

Event ID: 63

Date: 20-May-12

Time: 7:02:15 PM

User: NT AUTHORITY\SYSTEM

Computer: XXX-XXXXXXXXXXX

Description:

A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Event Type: Warning

Event Source: WinMgmt

Event Category: None

Event ID: 63

Date: 20-May-12

Time: 7:02:11 PM

User: NT AUTHORITY\SYSTEM

Computer: XXX-XXXXXXXXXXX

Description:

A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

********************************************************************************************************************************

Does anyone know what these are about and how to remove them?

Could they have occured after installing a game? (Paintball.)

Thanks for any useful info

Link to comment
Share on other sites


I just found out that you can download new definitions and install them manually, so I will try that this evening.

Windows Defender Offline is a complete stupidity as it wants to format an already formatted USB stick and won't allow you to burn your own image insisting that the MS IMAPI v2.0 is installed.

Problem is that - this - particular computer doesn't have a burner.

Link to comment
Share on other sites

  • 3 weeks later...

Google each of the various names Rsop Planning Mode Provider, CmdTriggerConsumer, and HiPerfCooker_v1 to try and find the cause. I didn't find the root cause, but these same items have been showing up for YEARS. See here for an example - http://forum.piriform.com/index.php?showtopic=18226. You are not alone.

Cheers and Regards

I just happened to do a new install disconnected from the internet and checked the Event Logs.

The same three entries were present so I am guessing a super Alexa.

Evidently they are installed when Windows is installed.

Hmmm.

Link to comment
Share on other sites

Microsoft Security Essentials Prerelease v4.0.1542.0 comes in 32 and 64-bit versions - will install in XP Pro, XP Pro x64, Vista 32/64, and Win7-32/64 with no problems. Readily available on the Microsoft Download site. (Probably Win8 too.)

Link to comment
Share on other sites

  • 2 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...