Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow unresponsive computer, 100% cpu all the time


  • Please log in to reply

#16
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/07/2016 2:16:22 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 06/07/2016 9:15:56 PM
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 4708 did not respond and is being forcibly terminated {filter host process 5336}.
  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

We are making progress on the errors.  Let's see if we can get windows updates to work:

 

Let's first:

 

System Update Readiness Tool for Windows 7
 
This link is for 64 bit:
 
This one for 32 bit:
 
 
Once that runs then get
 
 KB3083710 and KB3102810 (If you do not already have them)
 
 
 
These three speed up the windows update process considerably.
 
Then go in to Control Panel,  Windows Update, and see if you have any updates.

  • 0

#18
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

how long is an appropriate amount of time to let the first update run? (Windows Update Standalone Installer: Searching for updates on this computer) 


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

It can take 3 or 4 hours but if you haven't run it the Windows Update can take over 24.  I don't think Microsoft likes Windows 7 much.


  • 0

#20
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
ok, so if it goes overnight, i should just let it run without stopping it before 24 hours. thank you, will keep you posted with progress
  • 0

#21
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

(problem kernel mode dri... ) window popped up with option to delete yesterday. now its been running for 26 hours and its still searching for updates on this computer. 


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Shouldn't take that long.  Reboot.  Then try Windows Repair All In One:

 

 
 
Download it and save it then run it (right click and Run As Admin).
 
You can skip to step 4 or 5 where it gives you the same picture as in the above link.
 
Make sure all of these are checked before hitting Start:
 
 
Repair WMI
 
Repair MDAC & MS Jet
 
Remove Temp Files
 
Unhide Non System Files
Repair Windows Updates
 
 
Reboot when done

  • 0

#23
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

i let it run for another day and when i got home it actually did the update, System Update Readiness Tool for Windows 7. Also, the KB3083710 and KB3102810. It's failed 3 other updates. Should i still run the Windows Repair All In One? I greatly appreciate all the help. 


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Never seen it take that long before.  IF you go in to Control Panel and Windows Update and ask it to check for updates - how long does it take to tell you how many there are?

 

You can run Windows Repair All In One.  It won't hurt anything and it might fix things a bit.


  • 0

#25
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

I started the Windows Repair All in One 3hrs ago, its been running for 3 1/2 hrs is in the 2nd repair of 46 repairs. So it'll be a day or so before it is done. There were a lot of (reparse?) errors. not sure of the correct terminology of spelling, cant check it while running repair. 


  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I expect there is something slowing it down again.  It normally doesn't take so long to finish.


  • 0

#27
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I have run Wind All in One Repair twice. the 3 updates i did before are gone from the history and of the last forty updates all but one failed to install.
  • 0

#28
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 11/07/2016 5:28:59 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/07/2016 11:51:14 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB3080149).

Log: 'System' Date/Time: 11/07/2016 11:31:32 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.

Log: 'System' Date/Time: 11/07/2016 11:26:54 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 11/07/2016 10:56:31 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3071756).

Log: 'System' Date/Time: 11/07/2016 10:52:41 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB3068708).

Log: 'System' Date/Time: 11/07/2016 10:49:19 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3033929).

Log: 'System' Date/Time: 11/07/2016 10:45:43 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3003743).

Log: 'System' Date/Time: 11/07/2016 10:42:47 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3060716).

Log: 'System' Date/Time: 11/07/2016 10:39:24 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3042058).

Log: 'System' Date/Time: 11/07/2016 10:36:22 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3011780).

Log: 'System' Date/Time: 11/07/2016 10:36:03 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3126587).

Log: 'System' Date/Time: 11/07/2016 10:32:20 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2992611).

Log: 'System' Date/Time: 11/07/2016 10:30:33 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2984972).

Log: 'System' Date/Time: 11/07/2016 10:11:51 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB3080149).

Log: 'System' Date/Time: 11/07/2016 9:24:02 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3071756).

Log: 'System' Date/Time: 11/07/2016 9:22:22 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB3068708).

Log: 'System' Date/Time: 11/07/2016 9:21:07 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3033929).

Log: 'System' Date/Time: 11/07/2016 9:19:30 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3003743).

Log: 'System' Date/Time: 11/07/2016 9:18:26 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3060716).

Log: 'System' Date/Time: 11/07/2016 9:17:24 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB3042058).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/07/2016 10:58:46 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 11/07/2016 6:29:13 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 11/07/2016 5:04:26 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 11/07/2016 2:28:39 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 10:01:25 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 8:54:17 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the CinemaNow Service service. The Service Control Manager launched process 2564 and process 2220 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.

Log: 'System' Date/Time: 10/07/2016 8:47:35 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 8:21:37 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 3:56:30 PM
Type: Warning Category: 0
Event: 20169 Source: RemoteAccess
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.44.7 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

Log: 'System' Date/Time: 10/07/2016 3:48:38 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 3:29:07 PM
Type: Warning Category: 0
Event: 20169 Source: RemoteAccess
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.180.37 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

Log: 'System' Date/Time: 10/07/2016 3:03:31 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 2:12:01 PM
Type: Warning Category: 0
Event: 20169 Source: RemoteAccess
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.84.152 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

Log: 'System' Date/Time: 10/07/2016 8:21:22 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 6:13:37 AM
Type: Warning Category: 0
Event: 20169 Source: RemoteAccess
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.132.226 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

Log: 'System' Date/Time: 10/07/2016 6:03:33 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/07/2016 5:04:19 AM
Type: Warning Category: 0
Event: 20169 Source: RemoteAccess
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.185.217 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

Log: 'System' Date/Time: 10/07/2016 4:57:38 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\mouhid failed to load for the device HID\VID_0F62&PID_1001\6&372f6fa&0&0000.

Log: 'System' Date/Time: 09/07/2016 7:32:36 PM
Type: Warning Category: 0
Event: 20169 Source: RemoteAccess
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.109.205 will be assigned to dial-in clients. Clients may be unable to access resources on the network.

Log: 'System' Date/Time: 09/07/2016 6:46:20 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 11/07/2016 5:31:34 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/07/2016 2:49:09 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Explorer.EXE, version: 6.1.7601.23418, time stamp: 0x570898dc Faulting module name: wucltux.dll, version: 7.6.7601.19161, time stamp: 0x56be29ef Exception code: 0xc0000005 Fault offset: 0x000000000006ed8c Faulting process id: 0x530 Faulting application start time: 0x01d1db1c5e3ea7b8 Faulting application path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\wucltux.dll Report Id: 0a47d183-4712-11e6-ab31-d0792223677b

Log: 'Application' Date/Time: 11/07/2016 2:36:28 AM
Type: Error Category: 0
Event: 1103 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


Log: 'Application' Date/Time: 11/07/2016 2:36:28 AM
Type: Error Category: 0
Event: 1103 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


Log: 'Application' Date/Time: 11/07/2016 2:32:15 AM
Type: Error Category: 0
Event: 257 Source: Microsoft-Windows-CAPI2
The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -528.

Log: 'Application' Date/Time: 11/07/2016 2:32:14 AM
Type: Error Category: 3
Event: 455 Source: ESENT
Catalog Database (1364) Catalog Database: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.

Log: 'Application' Date/Time: 11/07/2016 1:48:01 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 11/07/2016 1:47:32 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 10/07/2016 8:43:11 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program Explorer.EXE version 6.1.7601.23418 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 638 Start Time: 01d1dae9263ca644 Termination Time: 0 Application Path: C:\Windows\Explorer.EXE Report Id:

Log: 'Application' Date/Time: 10/07/2016 8:31:15 PM
Type: Error Category: 0
Event: 1103 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


Log: 'Application' Date/Time: 10/07/2016 8:31:15 PM
Type: Error Category: 0
Event: 1103 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


Log: 'Application' Date/Time: 10/07/2016 8:19:39 PM
Type: Error Category: 0
Event: 3009 Source: Microsoft-Windows-LoadPerf
Installing the performance counter strings for service .NET CLR Networking 4.0.0.0 () failed. The first DWORD in the Data section contains the error code.

Log: 'Application' Date/Time: 10/07/2016 8:19:39 PM
Type: Error Category: 0
Event: 3009 Source: Microsoft-Windows-LoadPerf
Installing the performance counter strings for service .NET Data Provider for Oracle () failed. The first DWORD in the Data section contains the error code.

Log: 'Application' Date/Time: 10/07/2016 8:19:25 PM
Type: Error Category: 0
Event: 3009 Source: Microsoft-Windows-LoadPerf
The event description cannot be found.

Log: 'Application' Date/Time: 10/07/2016 7:59:20 PM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 10/07/2016 7:58:13 PM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 09/07/2016 8:51:21 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered .

Operation:
Instantiating VSS server

Log: 'Application' Date/Time: 09/07/2016 8:51:21 PM
Type: Error Category: 0
Event: 22 Source: VSS
Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered. This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider. The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered ].

Operation:
Instantiating VSS server

Log: 'Application' Date/Time: 09/07/2016 1:44:43 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 1779

Log: 'Application' Date/Time: 09/07/2016 1:44:43 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 1779

Log: 'Application' Date/Time: 09/07/2016 1:44:43 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/07/2016 11:36:05 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 11:35:48 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 11/07/2016 11:35:47 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 11/07/2016 11:35:46 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 11/07/2016 11:27:07 PM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint d6 41 c8 dc 82 87 14 9d e2 09 1c 87 4a 2c c6 32 d2 09 30 69 is about to expire or already expired.

Log: 'Application' Date/Time: 11/07/2016 11:25:16 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=B78}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: PATTY-HP Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 11/07/2016 11:24:52 PM
Type: Warning Category: 0
Event: 6006 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Profiles> took 93 second(s) to handle the notification event (Logon).

Log: 'Application' Date/Time: 11/07/2016 11:24:19 PM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Profiles> is taking long time to handle the notification event (Logon).

Log: 'Application' Date/Time: 11/07/2016 11:24:00 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=B78}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 11/07/2016 10:56:30 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:52:35 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:49:13 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:42:42 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:35:55 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:30:25 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:15:41 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 10:06:15 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 9:06:14 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{9d2aeb55-361a-11e0-95d8-60eb6925f839}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider

Log: 'Application' Date/Time: 11/07/2016 7:15:13 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 11/07/2016 7:15:13 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
  • 0

#29
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I am not sure if this has any bearing, but i just ran the VEW reports and posted them both. Well, the date is wrong if its when i ran the program. the date is the 11th and my taskbar shows that but this report different.
  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

The event log uses UTC so it will differ by your offset from Greenwich Mean Time.  

 

Run a process Explorer log and let's see what it looks like.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP