Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow loading and frequent Low Memory message


  • Please log in to reply

#16
dmcbass

dmcbass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

It did load somewhat faster I think.

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 24/01/2016 11:27:37 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/01/2016 4:02:36 PM
Type: Information Category: 0
Event: 903 Source: Microsoft-Windows-Security-SPP
The Software Protection service has stopped.

Log: 'Application' Date/Time: 24/01/2016 4:02:36 PM
Type: Information Category: 0
Event: 16384 Source: Microsoft-Windows-Security-SPP
Successfully scheduled Software Protection service for re-start at 2115-12-31T16:02:36Z. Reason: RulesEngine.

Log: 'Application' Date/Time: 24/01/2016 4:02:06 PM
Type: Information Category: 0
Event: 902 Source: Microsoft-Windows-Security-SPP
The Software Protection service has started. 10.0.10586.0

Log: 'Application' Date/Time: 24/01/2016 4:02:05 PM
Type: Information Category: 0
Event: 1003 Source: Microsoft-Windows-Security-SPP
The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status=
1: 0567073a-7d74-403b-b2d5-6b35da372d8d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
2: 0cdc4d08-6df6-4eb4-b5b4-a373c3e351e7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
3: 1b750385-9fe2-49a8-ab55-149d0546395b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
4: 1d873132-f09f-4eb2-bf5a-2e4fb48935e8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
5: 2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8, 1, 1 [(0 )(1 )(2 [0x00000000, 1, 0], [(?)( 1 0x00000000)(?)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)(?)])(3 )]
6: 30d469c6-a78f-4476-b5c8-af78d5b6a5fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
7: 411b3d4f-be6d-4a06-baaa-9cabfc256cae, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
8: 58e97c99-f377-4ef1-81d5-4ad5522b5fd8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
9: 74436dbb-cc17-46de-867f-14906ba4a938, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
10: 8db63db6-4f8f-46d6-a448-66444faaaa72, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
11: 9e4b231b-3e45-41f4-967f-c914f178b6ac, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
12: bbc56067-37f8-49dd-87b2-a418a9ba130a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
13: c082c31b-2c4f-4e07-94d7-9181fa802c4b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
14: e371d89a-73e8-4b24-a7ff-23a3641dd18e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]



Log: 'Application' Date/Time: 24/01/2016 4:02:04 PM
Type: Information Category: 0
Event: 1066 Source: Microsoft-Windows-Security-SPP
Initialization status for service objects. C:\WINDOWS\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/inherited/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000


Log: 'Application' Date/Time: 24/01/2016 4:02:02 PM
Type: Information Category: 3
Event: 2000 Source: UNS
User Notification Service started.


Log: 'Application' Date/Time: 24/01/2016 4:02:01 PM
Type: Information Category: 0
Event: 900 Source: Microsoft-Windows-Security-SPP
The Software Protection service is starting. Parameters:<none>

Log: 'Application' Date/Time: 24/01/2016 4:01:58 PM
Type: Information Category: 0
Event: 0 Source: LMS
LMS started

Log: 'Application' Date/Time: 24/01/2016 4:01:58 PM
Type: Information Category: 0
Event: 0 Source: gupdate
The event description cannot be found.

Log: 'Application' Date/Time: 24/01/2016 4:00:29 PM
Type: Information Category: 0
Event: 0 Source: iPod Service
The event description cannot be found.

Log: 'Application' Date/Time: 24/01/2016 4:00:09 PM
Type: Information Category: 1
Event: 1003 Source: Microsoft-Windows-Search
The Windows Search Service started.


Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 326 Source: ESENT
SearchIndexer (3976) Windows: The database engine attached a database (1, C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb). (Time=0 seconds)    Internal Timing Sequence: [1] 0.000, [2] 0.047, [3] 0.016, [4] 0.000, [5] 0.359, [6] 0.047, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.  Saved Cache: 1 0

Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 105 Source: ESENT
SearchIndexer (3976) Windows: The database engine started a new instance (0). (Time=0 seconds)    Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.

Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 102 Source: ESENT
SearchIndexer (3976) Windows: The database engine (10.00.10586.0000) is starting a new instance (0).

Log: 'Application' Date/Time: 24/01/2016 3:59:50 PM
Type: Information Category: 0
Event: 1 Source: SecurityCenter
The Windows Security Center Service has started.

Log: 'Application' Date/Time: 24/01/2016 3:59:43 PM
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 24/01/2016 3:59:38 PM
Type: Information Category: 0
Event: 6003 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a critical notification event.

Log: 'Application' Date/Time: 24/01/2016 3:59:29 PM
Type: Information Category: 0
Event: 5617 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service subsystems initialized successfully

Log: 'Application' Date/Time: 24/01/2016 3:59:28 PM
Type: Information Category: 0
Event: 5615 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service started sucessfully

Log: 'Application' Date/Time: 24/01/2016 3:59:32 PM
Type: Information Category: 0
Event: 0 Source: EpsonCustomerParticipation
The event description cannot be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Can you run VEW for System?  The one you just did is for Application.  

 

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply 

  • 0

#18
dmcbass

dmcbass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 24/01/2016 11:27:37 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/01/2016 4:02:36 PM
Type: Information Category: 0
Event: 903 Source: Microsoft-Windows-Security-SPP
The Software Protection service has stopped.

Log: 'Application' Date/Time: 24/01/2016 4:02:36 PM
Type: Information Category: 0
Event: 16384 Source: Microsoft-Windows-Security-SPP
Successfully scheduled Software Protection service for re-start at 2115-12-31T16:02:36Z. Reason: RulesEngine.

Log: 'Application' Date/Time: 24/01/2016 4:02:06 PM
Type: Information Category: 0
Event: 902 Source: Microsoft-Windows-Security-SPP
The Software Protection service has started. 10.0.10586.0

Log: 'Application' Date/Time: 24/01/2016 4:02:05 PM
Type: Information Category: 0
Event: 1003 Source: Microsoft-Windows-Security-SPP
The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status=
1: 0567073a-7d74-403b-b2d5-6b35da372d8d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
2: 0cdc4d08-6df6-4eb4-b5b4-a373c3e351e7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
3: 1b750385-9fe2-49a8-ab55-149d0546395b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
4: 1d873132-f09f-4eb2-bf5a-2e4fb48935e8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
5: 2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8, 1, 1 [(0 )(1 )(2 [0x00000000, 1, 0], [(?)( 1 0x00000000)(?)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)(?)])(3 )]
6: 30d469c6-a78f-4476-b5c8-af78d5b6a5fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
7: 411b3d4f-be6d-4a06-baaa-9cabfc256cae, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
8: 58e97c99-f377-4ef1-81d5-4ad5522b5fd8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
9: 74436dbb-cc17-46de-867f-14906ba4a938, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
10: 8db63db6-4f8f-46d6-a448-66444faaaa72, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
11: 9e4b231b-3e45-41f4-967f-c914f178b6ac, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
12: bbc56067-37f8-49dd-87b2-a418a9ba130a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
13: c082c31b-2c4f-4e07-94d7-9181fa802c4b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
14: e371d89a-73e8-4b24-a7ff-23a3641dd18e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]



Log: 'Application' Date/Time: 24/01/2016 4:02:04 PM
Type: Information Category: 0
Event: 1066 Source: Microsoft-Windows-Security-SPP
Initialization status for service objects. C:\WINDOWS\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/inherited/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000


Log: 'Application' Date/Time: 24/01/2016 4:02:02 PM
Type: Information Category: 3
Event: 2000 Source: UNS
User Notification Service started.


Log: 'Application' Date/Time: 24/01/2016 4:02:01 PM
Type: Information Category: 0
Event: 900 Source: Microsoft-Windows-Security-SPP
The Software Protection service is starting. Parameters:<none>

Log: 'Application' Date/Time: 24/01/2016 4:01:58 PM
Type: Information Category: 0
Event: 0 Source: LMS
LMS started

Log: 'Application' Date/Time: 24/01/2016 4:01:58 PM
Type: Information Category: 0
Event: 0 Source: gupdate
The event description cannot be found.

Log: 'Application' Date/Time: 24/01/2016 4:00:29 PM
Type: Information Category: 0
Event: 0 Source: iPod Service
The event description cannot be found.

Log: 'Application' Date/Time: 24/01/2016 4:00:09 PM
Type: Information Category: 1
Event: 1003 Source: Microsoft-Windows-Search
The Windows Search Service started.


Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 326 Source: ESENT
SearchIndexer (3976) Windows: The database engine attached a database (1, C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb). (Time=0 seconds)    Internal Timing Sequence: [1] 0.000, [2] 0.047, [3] 0.016, [4] 0.000, [5] 0.359, [6] 0.047, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.  Saved Cache: 1 0

Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 105 Source: ESENT
SearchIndexer (3976) Windows: The database engine started a new instance (0). (Time=0 seconds)    Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.

Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 102 Source: ESENT
SearchIndexer (3976) Windows: The database engine (10.00.10586.0000) is starting a new instance (0).

Log: 'Application' Date/Time: 24/01/2016 3:59:50 PM
Type: Information Category: 0
Event: 1 Source: SecurityCenter
The Windows Security Center Service has started.

Log: 'Application' Date/Time: 24/01/2016 3:59:43 PM
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 24/01/2016 3:59:38 PM
Type: Information Category: 0
Event: 6003 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a critical notification event.

Log: 'Application' Date/Time: 24/01/2016 3:59:29 PM
Type: Information Category: 0
Event: 5617 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service subsystems initialized successfully

Log: 'Application' Date/Time: 24/01/2016 3:59:28 PM
Type: Information Category: 0
Event: 5615 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service started sucessfully

Log: 'Application' Date/Time: 24/01/2016 3:59:32 PM
Type: Information Category: 0
Event: 0 Source: EpsonCustomerParticipation
The event description cannot be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sorry for the delay and thank you for all your help


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

That's still the one for Application.  Just do the one for System and stop and Reply as the second time you run VEW it overwrites the first log.


  • 0

#20
dmcbass

dmcbass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

This is the one where I checked SYstem:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 24/01/2016 11:27:37 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/01/2016 4:02:36 PM
Type: Information Category: 0
Event: 903 Source: Microsoft-Windows-Security-SPP
The Software Protection service has stopped.

Log: 'Application' Date/Time: 24/01/2016 4:02:36 PM
Type: Information Category: 0
Event: 16384 Source: Microsoft-Windows-Security-SPP
Successfully scheduled Software Protection service for re-start at 2115-12-31T16:02:36Z. Reason: RulesEngine.

Log: 'Application' Date/Time: 24/01/2016 4:02:06 PM
Type: Information Category: 0
Event: 902 Source: Microsoft-Windows-Security-SPP
The Software Protection service has started. 10.0.10586.0

Log: 'Application' Date/Time: 24/01/2016 4:02:05 PM
Type: Information Category: 0
Event: 1003 Source: Microsoft-Windows-Security-SPP
The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status=
1: 0567073a-7d74-403b-b2d5-6b35da372d8d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
2: 0cdc4d08-6df6-4eb4-b5b4-a373c3e351e7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
3: 1b750385-9fe2-49a8-ab55-149d0546395b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
4: 1d873132-f09f-4eb2-bf5a-2e4fb48935e8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
5: 2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8, 1, 1 [(0 )(1 )(2 [0x00000000, 1, 0], [(?)( 1 0x00000000)(?)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)(?)])(3 )]
6: 30d469c6-a78f-4476-b5c8-af78d5b6a5fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
7: 411b3d4f-be6d-4a06-baaa-9cabfc256cae, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
8: 58e97c99-f377-4ef1-81d5-4ad5522b5fd8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
9: 74436dbb-cc17-46de-867f-14906ba4a938, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
10: 8db63db6-4f8f-46d6-a448-66444faaaa72, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
11: 9e4b231b-3e45-41f4-967f-c914f178b6ac, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
12: bbc56067-37f8-49dd-87b2-a418a9ba130a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
13: c082c31b-2c4f-4e07-94d7-9181fa802c4b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
14: e371d89a-73e8-4b24-a7ff-23a3641dd18e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]
15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )(3 )]



Log: 'Application' Date/Time: 24/01/2016 4:02:04 PM
Type: Information Category: 0
Event: 1066 Source: Microsoft-Windows-Security-SPP
Initialization status for service objects. C:\WINDOWS\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/inherited/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\WINDOWS\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000


Log: 'Application' Date/Time: 24/01/2016 4:02:02 PM
Type: Information Category: 3
Event: 2000 Source: UNS
User Notification Service started.


Log: 'Application' Date/Time: 24/01/2016 4:02:01 PM
Type: Information Category: 0
Event: 900 Source: Microsoft-Windows-Security-SPP
The Software Protection service is starting. Parameters:<none>

Log: 'Application' Date/Time: 24/01/2016 4:01:58 PM
Type: Information Category: 0
Event: 0 Source: LMS
LMS started

Log: 'Application' Date/Time: 24/01/2016 4:01:58 PM
Type: Information Category: 0
Event: 0 Source: gupdate
The event description cannot be found.

Log: 'Application' Date/Time: 24/01/2016 4:00:29 PM
Type: Information Category: 0
Event: 0 Source: iPod Service
The event description cannot be found.

Log: 'Application' Date/Time: 24/01/2016 4:00:09 PM
Type: Information Category: 1
Event: 1003 Source: Microsoft-Windows-Search
The Windows Search Service started.


Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 326 Source: ESENT
SearchIndexer (3976) Windows: The database engine attached a database (1, C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb). (Time=0 seconds)    Internal Timing Sequence: [1] 0.000, [2] 0.047, [3] 0.016, [4] 0.000, [5] 0.359, [6] 0.047, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.  Saved Cache: 1 0

Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 105 Source: ESENT
SearchIndexer (3976) Windows: The database engine started a new instance (0). (Time=0 seconds)    Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.

Log: 'Application' Date/Time: 24/01/2016 4:00:06 PM
Type: Information Category: 1
Event: 102 Source: ESENT
SearchIndexer (3976) Windows: The database engine (10.00.10586.0000) is starting a new instance (0).

Log: 'Application' Date/Time: 24/01/2016 3:59:50 PM
Type: Information Category: 0
Event: 1 Source: SecurityCenter
The Windows Security Center Service has started.

Log: 'Application' Date/Time: 24/01/2016 3:59:43 PM
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 24/01/2016 3:59:38 PM
Type: Information Category: 0
Event: 6003 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a critical notification event.

Log: 'Application' Date/Time: 24/01/2016 3:59:29 PM
Type: Information Category: 0
Event: 5617 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service subsystems initialized successfully

Log: 'Application' Date/Time: 24/01/2016 3:59:28 PM
Type: Information Category: 0
Event: 5615 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service started sucessfully

Log: 'Application' Date/Time: 24/01/2016 3:59:32 PM
Type: Information Category: 0
Event: 0 Source: EpsonCustomerParticipation
The event description cannot be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

But it says

 

'Application' Log - Critical Type

 

Let's try MyEventViewer instead:
 
 
Choose the download that applies to your system 
 
.Download MyEventViewer  <== 32 bit
Download MyEventViewer for x64  <== 64 bit
 
. Don't worry about the language options
It's a zip file so you need to save it then right click and Extract All.  Find the MyEventViewer.exe and right click and run as admin.
 
Hit Ctrl 3 then Ctrl 4 then Ctrl  5 (that's the Ctrl button then the number.  This eliminates events we don't care about.)
 
now click on the first event.  Hit Ctrl  A to select all events.  Then File, Save Selected Items.  Put it on your desktop and call it events.  Open the file if it's not too big and copy and paste it to a reply or attach it if too big.

  • 0

#22
dmcbass

dmcbass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

==================================================
Record Number     : 3697
Log Type          : System
Event Type        : Warning
Time              : 1/28/2016 12:25:08 PM
Source            : Microsoft-Windows-DNS-Client
Category          : 1014
Event ID          : 1014
User Name         : NETWORK SERVICE
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 712
Event Description : Name resolution for the name www.makale.web.tr timed out after none of the configured DNS servers responded.  
==================================================

==================================================
Record Number     : 3696
Log Type          : System
Event Type        : Warning
Time              : 1/28/2016 12:21:52 PM
Source            : Microsoft-Windows-DNS-Client
Category          : 1014
Event ID          : 1014
User Name         : NETWORK SERVICE
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 712
Event Description : Name resolution for the name www.makale.web.tr timed out after none of the configured DNS servers responded.  
==================================================

==================================================
Record Number     : 3687
Log Type          : System
Event Type        : Error
Time              : 1/28/2016 7:16:21 AM
Source            : Ntfs
Category          : 0
Event ID          : 55
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 972
Event Description : A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.    
==================================================

==================================================
Record Number     : 3682
Log Type          : System
Event Type        : Error
Time              : 1/28/2016 7:15:14 AM
Source            : Ntfs
Category          : 0
Event ID          : 55
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 972
Event Description : A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.    
==================================================

==================================================
Record Number     : 4389
Log Type          : Application
Event Type        : Warning
Time              : 1/28/2016 7:00:06 AM
Source            : Wlclntfy
Category          : 0
Event ID          : 6001
User Name         :
Computer          : Nancy-Asus
Event Data Length : 4
Record Length     : 116
Event Description : The winlogon notification subscriber <Sens> failed a notification event.  
==================================================

==================================================
Record Number     : 3633
Log Type          : System
Event Type        : Error
Time              : 1/28/2016 7:00:01 AM
Source            : Service Control Manager
Category          : 0
Event ID          : 7031
User Name         :
Computer          : Nancy-Asus
Event Data Length : 38
Record Length     : 268
Event Description : The Sync Host_966a37f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.  
==================================================

==================================================
Record Number     : 3628
Log Type          : System
Event Type        : Warning
Time              : 1/28/2016 6:15:52 AM
Source            : Tcpip
Category          : 0
Event ID          : 4230
User Name         :
Computer          : Nancy-Asus
Event Data Length : 40
Record Length     : 144
Event Description : TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.   
==================================================

==================================================
Record Number     : 4377
Log Type          : Application
Event Type        : Error
Time              : 1/28/2016 5:29:53 AM
Source            : Microsoft-Windows-Immersive-Shell
Category          : 5973
Event ID          : 5973
User Name         : Nancy
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 296
Event Description : Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.  
==================================================

==================================================
Record Number     : 4362
Log Type          : Application
Event Type        : Error
Time              : 1/27/2016 10:42:51 PM
Source            : Microsoft-Windows-CAPI2
Category          : 0
Event ID          : 513
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 420
Event Description : Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.  .  
==================================================

==================================================
Record Number     : 3583
Log Type          : System
Event Type        : Error
Time              : 1/27/2016 7:43:59 AM
Source            : Service Control Manager
Category          : 0
Event ID          : 7031
User Name         :
Computer          : Nancy-Asus
Event Data Length : 34
Record Length     : 260
Event Description : The Sync Host_2cdd7 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.  
==================================================

==================================================
Record Number     : 3569
Log Type          : System
Event Type        : Warning
Time              : 1/26/2016 9:59:19 PM
Source            : Microsoft-Windows-DNS-Client
Category          : 1014
Event ID          : 1014
User Name         : NETWORK SERVICE
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 688
Event Description : Name resolution for the name wpad timed out after none of the configured DNS servers responded.  
==================================================

==================================================
Record Number     : 3564
Log Type          : System
Event Type        : Warning
Time              : 1/26/2016 8:48:56 PM
Source            : Microsoft-Windows-DNS-Client
Category          : 1014
Event ID          : 1014
User Name         : NETWORK SERVICE
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 688
Event Description : Name resolution for the name wpad timed out after none of the configured DNS servers responded.  
==================================================

==================================================
Record Number     : 4326
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 6:23:43 PM
Source            : Application Error
Category          : 100
Event ID          : 1000
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 836
Event Description : Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35  Faulting module name: Windows.UI.dll, version: 10.0.10586.11, time stamp: 0x564579e4  Exception code: 0xc000041d  Fault offset: 0x000000000002326f  Faulting process id: 0x244c  Faulting application start time: 0x01d15890031261a2  Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe  Faulting module path: C:\Windows\System32\Windows.UI.dll  Report Id: d3f01370-2a58-4557-b8dc-68224dad217a  Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe  Faulting package-relative application ID: MicrosoftEdge  
==================================================

==================================================
Record Number     : 4324
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 6:23:40 PM
Source            : Application Error
Category          : 100
Event ID          : 1000
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 836
Event Description : Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35  Faulting module name: Windows.UI.dll, version: 10.0.10586.11, time stamp: 0x564579e4  Exception code: 0xc0000005  Fault offset: 0x000000000002326f  Faulting process id: 0x244c  Faulting application start time: 0x01d15890031261a2  Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe  Faulting module path: C:\Windows\System32\Windows.UI.dll  Report Id: ecaea71a-349a-49f5-ba03-0d9a7d67c968  Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe  Faulting package-relative application ID: MicrosoftEdge  
==================================================

==================================================
Record Number     : 3533
Log Type          : System
Event Type        : Warning
Time              : 1/26/2016 6:21:24 PM
Source            : Tcpip
Category          : 0
Event ID          : 4230
User Name         :
Computer          : Nancy-Asus
Event Data Length : 40
Record Length     : 144
Event Description : TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.   
==================================================

==================================================
Record Number     : 4317
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 4:06:45 AM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 224
Event Description : Task Scheduling Error: m->NextScheduledSPRetry 1094  
==================================================

==================================================
Record Number     : 4316
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 4:06:45 AM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 220
Event Description : Task Scheduling Error: m->NextScheduledEvent 1094  
==================================================

==================================================
Record Number     : 4315
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 4:06:45 AM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 248
Event Description : Task Scheduling Error: Continuously busy for more than a second  
==================================================

==================================================
Record Number     : 4314
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 4:04:16 AM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 228
Event Description : Task Scheduling Error: m->NextScheduledSPRetry 9445391  
==================================================

==================================================
Record Number     : 4313
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 4:04:16 AM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 224
Event Description : Task Scheduling Error: m->NextScheduledEvent 9445391  
==================================================

==================================================
Record Number     : 4312
Log Type          : Application
Event Type        : Error
Time              : 1/26/2016 4:04:16 AM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 248
Event Description : Task Scheduling Error: Continuously busy for more than a second  
==================================================

==================================================
Record Number     : 4311
Log Type          : Application
Event Type        : Error
Time              : 1/25/2016 11:26:52 PM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 224
Event Description : Task Scheduling Error: m->NextScheduledSPRetry 27485  
==================================================

==================================================
Record Number     : 4310
Log Type          : Application
Event Type        : Error
Time              : 1/25/2016 11:26:52 PM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 220
Event Description : Task Scheduling Error: m->NextScheduledEvent 27485  
==================================================

==================================================
Record Number     : 4309
Log Type          : Application
Event Type        : Error
Time              : 1/25/2016 11:26:52 PM
Source            : Bonjour Service
Category          : 0
Event ID          : 100
User Name         :
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 248
Event Description : Task Scheduling Error: Continuously busy for more than a second  
==================================================

==================================================
Record Number     : 3468
Log Type          : System
Event Type        : Error
Time              : 1/24/2016 5:56:59 PM
Source            : Ntfs
Category          : 0
Event ID          : 55
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 972
Event Description : A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.    
==================================================

==================================================
Record Number     : 3459
Log Type          : System
Event Type        : Error
Time              : 1/24/2016 5:54:23 PM
Source            : Ntfs
Category          : 0
Event ID          : 55
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 972
Event Description : A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.    
==================================================

==================================================
Record Number     : 4236
Log Type          : Application
Event Type        : Warning
Time              : 1/24/2016 5:32:12 PM
Source            : Microsoft-Windows-RestartManager
Category          : 0
Event ID          : 10010
User Name         : Nancy
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 404
Event Description : Application 'C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe' (pid 3608) cannot be restarted - 1.  
==================================================

==================================================
Record Number     : 4235
Log Type          : Application
Event Type        : Warning
Time              : 1/24/2016 5:32:12 PM
Source            : Microsoft-Windows-RestartManager
Category          : 0
Event ID          : 10010
User Name         : Nancy
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 412
Event Description : Application 'C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe' (pid 5996) cannot be restarted - 1.  
==================================================

==================================================
Record Number     : 4234
Log Type          : Application
Event Type        : Warning
Time              : 1/24/2016 5:32:12 PM
Source            : Microsoft-Windows-RestartManager
Category          : 0
Event ID          : 10010
User Name         : Nancy
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 416
Event Description : Application 'C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe' (pid 4032) cannot be restarted - 1.  
==================================================

==================================================
Record Number     : 4233
Log Type          : Application
Event Type        : Warning
Time              : 1/24/2016 5:32:12 PM
Source            : Microsoft-Windows-RestartManager
Category          : 0
Event ID          : 10010
User Name         : Nancy
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 424
Event Description : Application 'C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe' (pid 3044) cannot be restarted - 1.  
==================================================

==================================================
Record Number     : 3454
Log Type          : System
Event Type        : Warning
Time              : 1/24/2016 5:28:52 PM
Source            : Microsoft-Windows-DNS-Client
Category          : 1014
Event ID          : 1014
User Name         : NETWORK SERVICE
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 712
Event Description : Name resolution for the name urs.microsoft.com timed out after none of the configured DNS servers responded.  
==================================================

==================================================
Record Number     : 3453
Log Type          : System
Event Type        : Warning
Time              : 1/24/2016 4:58:58 PM
Source            : Tcpip
Category          : 0
Event ID          : 4230
User Name         :
Computer          : Nancy-Asus
Event Data Length : 40
Record Length     : 144
Event Description : TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.   
==================================================

==================================================
Record Number     : 3448
Log Type          : System
Event Type        : Warning
Time              : 1/24/2016 4:15:45 PM
Source            : Microsoft-Windows-Kernel-Processor-Power
Category          : 7
Event ID          : 37
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 204
Event Description : The speed of Hyper-V logical processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.  
==================================================

==================================================
Record Number     : 3447
Log Type          : System
Event Type        : Warning
Time              : 1/24/2016 4:15:45 PM
Source            : Microsoft-Windows-Kernel-Processor-Power
Category          : 7
Event ID          : 37
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 204
Event Description : The speed of Hyper-V logical processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.  
==================================================

==================================================
Record Number     : 3446
Log Type          : System
Event Type        : Warning
Time              : 1/24/2016 4:15:45 PM
Source            : Microsoft-Windows-Kernel-Processor-Power
Category          : 7
Event ID          : 37
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 204
Event Description : The speed of Hyper-V logical processor 2 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.  
==================================================

==================================================
Record Number     : 3445
Log Type          : System
Event Type        : Warning
Time              : 1/24/2016 4:15:45 PM
Source            : Microsoft-Windows-Kernel-Processor-Power
Category          : 7
Event ID          : 37
User Name         : SYSTEM
Computer          : Nancy-Asus
Event Data Length : 0
Record Length     : 204
Event Description : The speed of Hyper-V logical processor 3 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.  
==================================================

==================================================
Record Number     : 3393
Log Type          : System
Event Type        : Error
Time              : 1/24/2016 1:53:22 PM
Source            : Service Control Manager
Category          : 0
Event ID          : 7031
User Name         :
Computer          : Nancy-Asus
Event Data Length : 34
Record Length     : 260
Event Description : The Sync Host_30696 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.  
==================================================
 


  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Event Description : Name resolution for the name www.makale.web.tr timed out after none of the configured DNS servers responded.  

 

 

This guy is back.  Not sure why it wants to go to an inactive site but we can tell it's a no-no.

 

Copy the next line:

www.makale.web.tr

Open Control Panel, Internet Options, Security, Restricted Sites, Sites then  click in the Add the website to the zone box and Ctrl + v.  The copied line should appear.  Hit Add, Close, OK.

 

This next one is a bit uglier:

 

 Event Description : A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online. 

 

 

 

See if you can get it to run a disk check.  I know it is supposed to be automatic in win 10 but that's the only fix for this error.

 

http://www.thewindow...cking-windows-8

 

Event Description : TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.

 

  This can be caused by a bad WiFi connection or a traffic overload on the way to the ISP. Sometimes if you run a P2P program like torrent or vuze you can get this error. Make sure you have a good connection and are not using P2P then:

 

Go to http://www.speedtest.net/and click on Begin Test

 
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
 
Is this about what you are paying your ISP for?  
If not give them a call and complain.  They can do a check back to your modem or router and tell you if there is a problem.
 
Event Description : The speed of Hyper-V logical processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.  

 

 

these are caused by intel's Speedstep technology.  When the CPU gets bored it slows down to save power.  If you mostly run it plugged in you can go into the BIOS and turn off speedstep or you can just ignore the errors.

 

When done reboot and then run MyEventViewer as before.


  • 0

#24
dmcbass

dmcbass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

The Disk Check ran successfully and here is the log:

 

3714    System    Error    1/28/2016 6:11:15 PM    Service Control Manager    0    7031        Nancy-Asus    34    260    The Sync Host_411fc service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.      
4445    Application    Error    1/28/2016 6:10:43 PM    Application Error    100    1000        Nancy-Asus    0    628    Faulting application name: MyEventViewer.exe, version: 2.2.0.0, time stamp: 0x55cf6386  Faulting module name: ntoskrnl.exe, version: 10.0.10586.63, time stamp: 0x568b1c58  Exception code: 0xc0000005  Fault offset: 0x0000000000230a5e  Faulting process id: 0xb24  Faulting application start time: 0x01d15a20d77270c0  Faulting application path: C:\Users\Nancy\Downloads\myeventviewer-x64\MyEventViewer.exe  Faulting module path: C:\WINDOWS\SYSTEM32\ntoskrnl.exe  Report Id: 56c2efae-75dc-49b9-a4e7-1d1f878f9e6a  Faulting package full name:   Faulting package-relative application ID:       
4439    Application    Error    1/28/2016 12:26:07 PM    Application Error    100    1000        Nancy-Asus    0    628    Faulting application name: MyEventViewer.exe, version: 2.2.0.0, time stamp: 0x55cf6386  Faulting module name: ntoskrnl.exe, version: 10.0.10586.63, time stamp: 0x568b1c58  Exception code: 0xc0000005  Fault offset: 0x0000000000230a5e  Faulting process id: 0x398  Faulting application start time: 0x01d159f0f6ee22b8  Faulting application path: C:\Users\Nancy\Downloads\myeventviewer-x64\MyEventViewer.exe  Faulting module path: C:\WINDOWS\SYSTEM32\ntoskrnl.exe  Report Id: 1d7eaf37-fdf8-4843-9d16-750feee96f33  Faulting package full name:   Faulting package-relative application ID:       
3697    System    Warning    1/28/2016 12:25:08 PM    Microsoft-Windows-DNS-Client    1014    1014    NETWORK SERVICE    Nancy-Asus    0    712    Name resolution for the name www.makale.web.tr timed out after none of the configured DNS servers responded.      
3696    System    Warning    1/28/2016 12:21:52 PM    Microsoft-Windows-DNS-Client    1014    1014    NETWORK SERVICE    Nancy-Asus    0    712    Name resolution for the name www.makale.web.tr timed out after none of the configured DNS servers responded.      
3687    System    Error    1/28/2016 7:16:21 AM    Ntfs    0    55    SYSTEM    Nancy-Asus    0    972    A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.        
3682    System    Error    1/28/2016 7:15:14 AM    Ntfs    0    55    SYSTEM    Nancy-Asus    0    972    A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.        
4389    Application    Warning    1/28/2016 7:00:06 AM    Wlclntfy    0    6001        Nancy-Asus    4    116    The winlogon notification subscriber <Sens> failed a notification event.      
3633    System    Error    1/28/2016 7:00:01 AM    Service Control Manager    0    7031        Nancy-Asus    38    268    The Sync Host_966a37f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.      
3628    System    Warning    1/28/2016 6:15:52 AM    Tcpip    0    4230        Nancy-Asus    40    144    TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.       
4377    Application    Error    1/28/2016 5:29:53 AM    Microsoft-Windows-Immersive-Shell    5973    5973    Nancy    Nancy-Asus    0    296    Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.      
4362    Application    Error    1/27/2016 10:42:51 PM    Microsoft-Windows-CAPI2    0    513        Nancy-Asus    0    420    Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.  .      
3583    System    Error    1/27/2016 7:43:59 AM    Service Control Manager    0    7031        Nancy-Asus    34    260    The Sync Host_2cdd7 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.      
3569    System    Warning    1/26/2016 9:59:19 PM    Microsoft-Windows-DNS-Client    1014    1014    NETWORK SERVICE    Nancy-Asus    0    688    Name resolution for the name wpad timed out after none of the configured DNS servers responded.      
3564    System    Warning    1/26/2016 8:48:56 PM    Microsoft-Windows-DNS-Client    1014    1014    NETWORK SERVICE    Nancy-Asus    0    688    Name resolution for the name wpad timed out after none of the configured DNS servers responded.      
4326    Application    Error    1/26/2016 6:23:43 PM    Application Error    100    1000        Nancy-Asus    0    836    Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35  Faulting module name: Windows.UI.dll, version: 10.0.10586.11, time stamp: 0x564579e4  Exception code: 0xc000041d  Fault offset: 0x000000000002326f  Faulting process id: 0x244c  Faulting application start time: 0x01d15890031261a2  Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe  Faulting module path: C:\Windows\System32\Windows.UI.dll  Report Id: d3f01370-2a58-4557-b8dc-68224dad217a  Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe  Faulting package-relative application ID: MicrosoftEdge      
4324    Application    Error    1/26/2016 6:23:40 PM    Application Error    100    1000        Nancy-Asus    0    836    Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35  Faulting module name: Windows.UI.dll, version: 10.0.10586.11, time stamp: 0x564579e4  Exception code: 0xc0000005  Fault offset: 0x000000000002326f  Faulting process id: 0x244c  Faulting application start time: 0x01d15890031261a2  Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe  Faulting module path: C:\Windows\System32\Windows.UI.dll  Report Id: ecaea71a-349a-49f5-ba03-0d9a7d67c968  Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe  Faulting package-relative application ID: MicrosoftEdge      
3533    System    Warning    1/26/2016 6:21:24 PM    Tcpip    0    4230        Nancy-Asus    40    144    TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.       
4317    Application    Error    1/26/2016 4:06:45 AM    Bonjour Service    0    100        Nancy-Asus    0    224    Task Scheduling Error: m->NextScheduledSPRetry 1094      
4316    Application    Error    1/26/2016 4:06:45 AM    Bonjour Service    0    100        Nancy-Asus    0    220    Task Scheduling Error: m->NextScheduledEvent 1094      
4315    Application    Error    1/26/2016 4:06:45 AM    Bonjour Service    0    100        Nancy-Asus    0    248    Task Scheduling Error: Continuously busy for more than a second      
4314    Application    Error    1/26/2016 4:04:16 AM    Bonjour Service    0    100        Nancy-Asus    0    228    Task Scheduling Error: m->NextScheduledSPRetry 9445391      
4313    Application    Error    1/26/2016 4:04:16 AM    Bonjour Service    0    100        Nancy-Asus    0    224    Task Scheduling Error: m->NextScheduledEvent 9445391      
4312    Application    Error    1/26/2016 4:04:16 AM    Bonjour Service    0    100        Nancy-Asus    0    248    Task Scheduling Error: Continuously busy for more than a second      
4311    Application    Error    1/25/2016 11:26:52 PM    Bonjour Service    0    100        Nancy-Asus    0    224    Task Scheduling Error: m->NextScheduledSPRetry 27485      
4310    Application    Error    1/25/2016 11:26:52 PM    Bonjour Service    0    100        Nancy-Asus    0    220    Task Scheduling Error: m->NextScheduledEvent 27485      
4309    Application    Error    1/25/2016 11:26:52 PM    Bonjour Service    0    100        Nancy-Asus    0    248    Task Scheduling Error: Continuously busy for more than a second      
3468    System    Error    1/24/2016 5:56:59 PM    Ntfs    0    55    SYSTEM    Nancy-Asus    0    972    A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.        
3459    System    Error    1/24/2016 5:54:23 PM    Ntfs    0    55    SYSTEM    Nancy-Asus    0    972    A corruption was discovered in the file system structure on volume OS.    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.        
4236    Application    Warning    1/24/2016 5:32:12 PM    Microsoft-Windows-RestartManager    0    10010    Nancy    Nancy-Asus    0    404    Application 'C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe' (pid 3608) cannot be restarted - 1.      
4235    Application    Warning    1/24/2016 5:32:12 PM    Microsoft-Windows-RestartManager    0    10010    Nancy    Nancy-Asus    0    412    Application 'C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe' (pid 5996) cannot be restarted - 1.      
4234    Application    Warning    1/24/2016 5:32:12 PM    Microsoft-Windows-RestartManager    0    10010    Nancy    Nancy-Asus    0    416    Application 'C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe' (pid 4032) cannot be restarted - 1.      
4233    Application    Warning    1/24/2016 5:32:12 PM    Microsoft-Windows-RestartManager    0    10010    Nancy    Nancy-Asus    0    424    Application 'C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe' (pid 3044) cannot be restarted - 1.      
3454    System    Warning    1/24/2016 5:28:52 PM    Microsoft-Windows-DNS-Client    1014    1014    NETWORK SERVICE    Nancy-Asus    0    712    Name resolution for the name urs.microsoft.com timed out after none of the configured DNS servers responded.      
3453    System    Warning    1/24/2016 4:58:58 PM    Tcpip    0    4230        Nancy-Asus    40    144    TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.   This could be related to a problem in the TCP global or supplemental configuration and will cause   degraded throughput.       
3448    System    Warning    1/24/2016 4:15:45 PM    Microsoft-Windows-Kernel-Processor-Power    7    37    SYSTEM    Nancy-Asus    0    204    The speed of Hyper-V logical processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.      
3447    System    Warning    1/24/2016 4:15:45 PM    Microsoft-Windows-Kernel-Processor-Power    7    37    SYSTEM    Nancy-Asus    0    204    The speed of Hyper-V logical processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.      
3446    System    Warning    1/24/2016 4:15:45 PM    Microsoft-Windows-Kernel-Processor-Power    7    37    SYSTEM    Nancy-Asus    0    204    The speed of Hyper-V logical processor 2 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.      
3445    System    Warning    1/24/2016 4:15:45 PM    Microsoft-Windows-Kernel-Processor-Power    7    37    SYSTEM    Nancy-Asus    0    204    The speed of Hyper-V logical processor 3 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.      
3393    System    Error    1/24/2016 1:53:22 PM    Service Control Manager    0    7031        Nancy-Asus    34    260    The Sync Host_30696 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.      
 


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Looks like that fixed it.  How is it running now?


  • 0

Advertisements


#26
dmcbass

dmcbass

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

Better than it has in years. Thanks for the great advice and assistance.

I sing your praises!!


  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
 
We usually clean up with Delfix.  This removes our tools and their logs and quarantines and also removes all but the latest System Restore point so there is no chance of the malware coming back with a system restore.  Follow the instructions and ignore the picture since it doesn't show the correct options as checked.
 
 
Ensure Remove disinfection tools is ticked
Also tick:
Create registry backup
Purge system restore
 
Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
 
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
 
 
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on.  Go to adblockplus.org with each browser and get the add-on.  (It's actually a program for IE)
 
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combefore you open them.
 
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
 
CryptoPrevent
 
 
Last time I downloaded it you had to give them your IP address and they would send you the link to download it.  When it ran it asked if you were sure your PC was clean then it would try to allow everything on your PC to continue running.  The free version does not update on its own so you should check for updated versions once in a while.  If you have problems after installing CryptoPrevent you can just uninstall it.
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...-120637284.htmland http://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.
 
Make sure Windows Updates is turned and that it works.  Go to Control panel, Windows Updates and see if it works.  
 
My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)
 
 
Ron
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP