normanml
asked on
Help trouble-shooting Event 1530
At shutdown I've been getting a registry leak.:
5 user registry handles leaked from \Registry\User\S-1-5-21-29 87587682-1 074968332- 1067063631 -1001:
Process 980 (\Device\HarddiskVolume3\W indows\Sys tem32\lsas s.exe) has opened key \REGISTRY\USER\S-1-5-21-29 87587682-1 074968332- 1067063631 -1001
Process 980 (\Device\HarddiskVolume3\W indows\Sys tem32\lsas s.exe) has opened key \REGISTRY\USER\S-1-5-21-29 87587682-1 074968332- 1067063631 -1001
Process 980 (\Device\HarddiskVolume3\W indows\Sys tem32\lsas s.exe) has opened key \REGISTRY\USER\S-1-5-21-29 87587682-1 074968332- 1067063631 -1001\Soft ware\Micro soft\Syste mCertifica tes\Disall owed
Process 980 (\Device\HarddiskVolume3\W indows\Sys tem32\lsas s.exe) has opened key \REGISTRY\USER\S-1-5-21-29 87587682-1 074968332- 1067063631 -1001\Soft ware\Micro soft\Syste mCertifica tes\My
Process 980 (\Device\HarddiskVolume3\W indows\Sys tem32\lsas s.exe) has opened key \REGISTRY\USER\S-1-5-21-29 87587682-1 074968332- 1067063631 -1001\Soft ware\Micro soft\Syste mCertifica tes\CA
1. Volume3 harddisk is the micro disk (SD) built-in reader. Why is that device holding the registry open when there is no micro-disk in it at shutdown? Is there a way to shut the volume down prior to shut down?
2. Note please: In other user profile warnings for Volume 3, various processes are listed: process 988, process 568, process 560 and, as show above, process 980. Again all involved HardiskVolume3 -- the micro disk reader I use to look at camera disks.
Thanks.
5 user registry handles leaked from \Registry\User\S-1-5-21-29
Process 980 (\Device\HarddiskVolume3\W
Process 980 (\Device\HarddiskVolume3\W
Process 980 (\Device\HarddiskVolume3\W
Process 980 (\Device\HarddiskVolume3\W
Process 980 (\Device\HarddiskVolume3\W
1. Volume3 harddisk is the micro disk (SD) built-in reader. Why is that device holding the registry open when there is no micro-disk in it at shutdown? Is there a way to shut the volume down prior to shut down?
2. Note please: In other user profile warnings for Volume 3, various processes are listed: process 988, process 568, process 560 and, as show above, process 980. Again all involved HardiskVolume3 -- the micro disk reader I use to look at camera disks.
Thanks.
Run all the firmware updates for your computer. Not windows updates but firmware.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
By accident deleted volume that had memory card reader software on it. Installed latest version of software (2.1), fixed a registry key pointing to the wrong place, and the leaks seemed to have stopped. Thanks. BTW none of the flash drives in DM had a policies tab, only the HDs internal and external.
Deleting the card reader software explains what was going on since it is an internal device.
Good to see it fixed normanml , thank you!
Regards Merete
Good to see it fixed normanml , thank you!
Regards Merete