EtwRTDefenderApiLogger.etl


  1. Posts : 402
    Windows 10 64-bit home
       #1

    EtwRTDefenderApiLogger.etl


    What is this process:

    Windows\System32\LogFiles\WMI\Rtbackup\EtwRTDefenderApiLogger.etl

    I see in resource manager this comes up sometimes and chews away at my HDD for a good 10 minutes. Very annoying as it loves to run while I'm trying to use my PC for other things.

    Can this be disabled?

    I don't even have defender enabled so I have no idea why this runs.
      My ComputerSystem Spec


  2. Posts : 402
    Windows 10 64-bit home
    Thread Starter
       #2

    Nobody has any idea what this process is?
      My ComputerSystem Spec

  3.    #3

    rivre said: View Post
    Nobody has any idea what this process is?
    Uhmmm.. no, but WMI is a resource hog

    Windows Defender (like Internet Explorer before), if that is what it represents, is an embedded resource...so it writes to EventLog like all OS API's. Disable it.
      My ComputerSystem Spec

  4.    #4

    Start - Run - perfmon - Data Collector Sets - Startup Event Trace Sessions - Check if it is present there.

    If it is, open it (double click) - Trace Sessions - un-check Enabled - OK - restart
    Attached Thumbnails Attached Thumbnails capture_05172019_215207.jpg  
      My ComputerSystem Spec


  5. Posts : 402
    Windows 10 64-bit home
    Thread Starter
       #5

    Superfly said: View Post
    Uhmmm.. no, but WMI is a resource hog

    Windows Defender (like Internet Explorer before), if that is what it represents, is an embedded resource...so it writes to EventLog like all OS API's. Disable it.

    How can I disable it from writing to event logs? I should have defender disabled as I use Kaspersky, but maybe there'a still a part of defender that's still running?
      My ComputerSystem Spec


  6. Posts : 402
    Windows 10 64-bit home
    Thread Starter
       #6

    TairikuOkami said: View Post
    Start - Run - perfmon - Data Collector Sets - Startup Event Trace Sessions - Check if it is present there.

    If it is, open it (double click) - Trace Sessions - un-check Enabled - OK - restart
    I checked. I have these two items listed there, and listed as enabled:

    - DefenderAPILogger
    - DefenderAuditLogger

    Are those the two things that are causing EtwRTDefenderApiLogger to go nuts? Is it safe to mark both of those as disabled?
      My ComputerSystem Spec



  7. Posts : 402
    Windows 10 64-bit home
    Thread Starter
       #7

    I tried disabling those two listed above.

    DefenderAuditLogger allowed me to uncheck the "enabled' checkbox.

    DefenderAPILogger pops up a window saying "When attempting to commit the changes the following system error occurred: Access is Denied".
      My ComputerSystem Spec


 

Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 03:29.
Find Us