Good evening,
While searching through the Event Viewer for an answer to another problem, I came across several warnings regarding the following:
Log Name: Application
Source: Microsoft-Windows-User Profiles Service
Date: 6/1/2009 7:52:46 AM
Event ID: 1530
Task Category: None
Level: Warning
Keywords: Classic
User: SYSTEM
Computer:
Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3728476250-1701664626-1355148271-1001_Classes:
Process 920 (\Device\HarddiskVolume3\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3728476250-1701664626-1355148271-1001_CLASSES
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-User Profiles Service" Guid="{89B1E9F0-5AFF-44A6-9B44-0A07A7CE5845}" EventSourceName="profsvc" />
<EventID Qualifiers="32768">1530</EventID>
EventData Name="EVENT_HIVE_LEAK">
and
Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-3728476250-1701664626-1355148271-1001:
Process 920 (\Device\HarddiskVolume3\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe) has opened key \REGISTRY\USER\S-1-5-21-3728476250-1701664626-1355148271-1001
Process 2468 (\Device\HarddiskVolume3\Program Files\Microsoft Windows OneCare Live\winss.exe) has opened key \REGISTRY\USER\S-1-5-21-3728476250-1701664626-1355148271-1001\Software\Microsoft\Internet Explorer\PhishingFilter
All the instances of these warnings are in pairs as the one above. Although I noticed, in my novice eye, the Phishing Filter is mentioned. I have checked and the Phishing Filter is enabled.
Thank you,
Camiele