New
#1
DefenderApiLogger
I noticed in event viewer under kernel tracing I'm getting a warning for DefenderApiLogger has reached it maximum size. Is there anything to worry about this and can I ignore this?
DefenderApiLogger
-
-
New #2
It is a normal stop condition. You can increase its size, if you want to.
Start - run - perfmon - Data Collector Sets - Event Trace Sessions
DefenderApiLogger - Stop Condition - set the size or un-check for Unlimited
-
New #3
So if I don't increase the size is that alright and will it hurt my computer to stay this way?
-
New #4
It merely alerts you, that it stopped logging, because of the insufficient size.
I doubt you will ever review DefenderApiLogger, so I would not worry about it.
-
New #5
Sorry to resurrect an old thread, but I have exactly the same issue.
Rather than just changing the size setting and presumably letting the log get absolutely huge, especially as I have Windows Defender disabled, I would rather disable this logging.
However whatever I try to do, including trying to take ownership of it, I just get Windows 10's favourite message "Access Denied" all the time.
Is there any way of actually doing this?
Thanks, Dave.
-
New #6
Run CMD as admin and copy/paste:
Code:reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
-
New #7
Wow, thank you so much!
I wasn't expecting a response that quickly, and it worked perfectly!
How strange that you can just do that from an elevated command prompt, not even needing Powershell, and yet you don't seem to be able to access the actual UI to do that at all.
Thanks again, you rock!
Quote
Related Discussions
