Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please help me figure out what part to upgrade


Best Answer Krockz1993 , 16 February 2017 - 10:13 AM

Computer is running about the same. Not to slow not to fast. I'm going to be ordering a SSD and 8gb of faster ram. That should help quite a bit.  Plan on dual booting with arch on the SSD... Go to the full post »


  • Please log in to reply

#1
Krockz1993

Krockz1993

    Member

  • Member
  • PipPip
  • 14 posts

Hello everyone. I received a computer for xmas and would like to upgrade it. Currently I use it for web browsing, email, and dota 2

 

The problem I'm having is that i only get 50ish fps in dota 2 when lots of action is happening it drops to 30-35 

 

Here are the spec:

 

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM) 4094 MB (don't know the speed)

CPU Info: AMD FX™-4300 Quad-Core Processor CPU Speed: 3823.4 MHz

NVIDIA GeForce GTX 670

Motherboard :Gigabyte GA-78LMT-S2

 

What part do i need to upgrade in order to get the stable 60fps and increase speed overall. Thank you!


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP

What does Windows say is the bottleneck in Windows Experience Index?

 

Capture.JPG

 

Control Panel, (Large Icons),  System, Windows Experience Index

 

 

 

 

 

 


  • 0

#3
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Since i have windows 10 there is no gui version of this. I found a tool online that apparently does the same thing and here are the results it displayed.

 

Processor 7.5

Ram 7.5

Desktop Graphics 8.4

Graphics 9.9

Hard Drive 5.9

 

 

Could a slow hard drive really effect framerate that much?

I know the ram that is currently installed it pretty generic and not that fast. 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP

Just another reason not to like win 10 but apparently it is still there

 

http://winaero.com/b...wei-windows-10/

 

You would think once the game loads that it would run from RAM and not need the hard drive that much so the drive shouldn't be that important but I'm not a gamer.

 

Your RAM is a bit on the small size if this is a 64 bit system.

 

Let's look at your system:

 

Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER if it tries to get you to install it too.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute (this allows the inital bump in process explorer caused by starting up to go away)  then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#5
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 89.93 0 K 4 K 0
chrome.exe 3.12 189,172 K 212,936 K 176 Google Chrome Google Inc. (Verified) Google Inc
procexp64.exe 2.83 20,708 K 48,704 K 1124 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 1.27 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.60 2,116 K 7,816 K 5652
dwm.exe 0.47 38,684 K 39,200 K 5616
Steam.exe 0.40 69,992 K 117,844 K 6740 Steam Client Bootstrapper Valve Corporation (Verified) Valve
steamwebhelper.exe 0.38 64,120 K 272,488 K 2420 Steam Client WebHelper Valve Corporation (Verified) Valve
System 0.25 156 K 9,520 K 4
audiodg.exe 0.23 12,904 K 17,252 K 6388
chrome.exe 0.14 97,928 K 158,336 K 5020 Google Chrome Google Inc. (Verified) Google Inc
steamwebhelper.exe 0.12 37,444 K 85,568 K 6016 Steam Client WebHelper Valve Corporation (Verified) Valve
MsMpEng.exe 0.07 135,180 K 134,752 K 2220 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
nvcontainer.exe 0.05 8,892 K 12,264 K 2060 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
explorer.exe 0.04 32,792 K 76,512 K 5668 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
NVIDIA Web Helper.exe 0.04 41,952 K 1,624 K 3048 NVIDIA Web Helper Service Node.js (Verified) NVIDIA Corporation
WmiApSrv.exe 0.01 1,352 K 7,124 K 4024 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
nvcontainer.exe 0.01 16,348 K 33,012 K 4408 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
RzSynapse.exe 0.01 69,084 K 96,340 K 4360 Razer Synapse Razer Inc. (Verified) Razer USA Ltd.
WmiPrvSE.exe 0.01 2,288 K 8,792 K 6992
NvTelemetryContainer.exe 0.01 5,244 K 8,264 K 2232 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
SteamService.exe < 0.01 8,140 K 15,664 K 5372 Steam Client Service Valve Corporation (Verified) Valve
svchost.exe < 0.01 9,496 K 14,804 K 1336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
nvxdsync.exe < 0.01 8,380 K 23,840 K 2872
svchost.exe < 0.01 33,648 K 46,672 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 1,568 K 2,000 K 536
svchost.exe < 0.01 9,060 K 14,636 K 1196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 22,584 K 32,868 K 3840
winlogon.exe 2,028 K 8,028 K 2440
wininit.exe 1,232 K 3,048 K 644
taskhostw.exe 5,484 K 18,316 K 5536 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 17,260 K 19,992 K 1156 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,292 K 13,700 K 860 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,088 K 8,796 K 4868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,376 K 6,880 K 928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,492 K 14,512 K 1048 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,680 K 6,456 K 1512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,088 K 16,496 K 2176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,008 K 12,392 K 1536 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 11,700 K 14,184 K 396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,896 K 3,196 K 1592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,552 K 4,368 K 1364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,052 K 15,404 K 6812 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,648 K 7,144 K 4704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
steamwebhelper.exe 10,944 K 15,804 K 4964 Steam Client WebHelper Valve Corporation (Verified) Valve
spoolsv.exe 5,688 K 7,428 K 1756 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 512 K 364
sihost.exe 4,684 K 19,248 K 7052 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 30,988 K 46,284 K 780 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
services.exe 3,040 K 5,728 K 756
SearchUI.exe Suspended 57,016 K 59,256 K 776 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 22,392 K 20,552 K 3808 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
RzSDKService.exe 2,036 K 3,788 K 2076 Razer Chroma SDK Service Razer Inc. (Verified) Razer USA Ltd.
RuntimeBroker.exe 13,484 K 29,608 K 6956 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe 3,824 K 13,008 K 1400 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,756 K 10,512 K 6584 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
nvtray.exe 3,156 K 12,808 K 3176 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
NVDisplay.Container.exe 2,708 K 5,436 K 1108 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
NisSrv.exe 13,992 K 9,940 K 3728 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
MSASCuiL.exe 2,944 K 12,960 K 1328 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 5,212 K 9,972 K 764 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
GoogleCrashHandler64.exe 1,476 K 280 K 2352
GoogleCrashHandler.exe 1,524 K 960 K 2732
fontdrvhost.exe 960 K 3,548 K 336
dllhost.exe 3,828 K 10,260 K 6544 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 4,880 K 708 K 2560 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 141,112 K 169,872 K 6460 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 63,332 K 59,932 K 5204 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 130,516 K 136,956 K 344 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 54,932 K 62,660 K 2752 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 24,844 K 34,020 K 2068 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 31,632 K 39,628 K 2308 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,720 K 8,032 K 4812 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,740 K 9,256 K 6464 Google Chrome Google Inc. (Verified) Google Inc
backgroundTaskHost.exe Suspended 17,664 K 36,356 K 340 Background Task Host Microsoft Corporation (Verified) Microsoft Windows
 
 
 
 
 
 
 
 
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 18/01/2017 9:59:16 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/01/2017 5:55:36 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 31/12/2016 6:21:53 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/01/2017 2:12:07 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 17/01/2017 6:51:18 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 17/01/2017 5:02:03 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 15/01/2017 1:54:39 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 15/01/2017 5:58:38 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Connected Devices Platform Service service terminated with the following error:  Unspecified error
 
Log: 'System' Date/Time: 15/01/2017 5:56:54 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 15/01/2017 5:56:38 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Razer Game Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 15/01/2017 5:56:38 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Razer Game Scanner Service service to connect.
 
Log: 'System' Date/Time: 15/01/2017 5:55:51 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 9:54:44 PM on ?1/?14/?2017 was unexpected.
 
Log: 'System' Date/Time: 15/01/2017 5:50:32 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 15/01/2017 4:44:26 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The AODService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Log: 'System' Date/Time: 15/01/2017 4:23:45 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 13/01/2017 7:05:03 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Connected Devices Platform Service service terminated with the following error:  Unspecified error
 
Log: 'System' Date/Time: 13/01/2017 2:33:58 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 09/01/2017 4:14:54 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 09/01/2017 6:35:15 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 08/01/2017 8:36:54 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 06/01/2017 1:54:52 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/01/2017 2:00:41 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 04/01/2017 4:30:42 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/01/2017 2:00:17 PM
Type: Warning Category: 0
Event: 36 Source: Microsoft-Windows-Time-Service
The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
 
Log: 'System' Date/Time: 18/01/2017 2:00:16 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 13/01/2017 2:33:07 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 13/01/2017 2:33:04 AM
Type: Warning Category: 0
Event: 36 Source: Microsoft-Windows-Time-Service
The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
 
Log: 'System' Date/Time: 13/01/2017 2:33:04 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 09/01/2017 4:14:27 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/01/2017 8:25:25 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 08/01/2017 8:25:22 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 08/01/2017 8:25:20 AM
Type: Warning Category: 0
Event: 36 Source: Microsoft-Windows-Time-Service
The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
 
Log: 'System' Date/Time: 08/01/2017 8:25:19 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 04/01/2017 1:58:42 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.blackviper.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 31/12/2016 10:32:41 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 31/12/2016 9:39:16 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 28/12/2016 5:57:33 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 28/12/2016 5:57:28 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 24/12/2016 3:54:30 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 24/12/2016 3:54:25 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 23/12/2016 3:50:11 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 23/12/2016 3:50:08 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 19/12/2016 2:42:49 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
 
 
 
 
 
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 18/01/2017 10:00:08 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 18/01/2017 5:54:08 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service ".NETFramework" in DLL "C:\Windows\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Log: 'Application' Date/Time: 18/01/2017 5:52:45 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Log: 'Application' Date/Time: 17/01/2017 5:09:46 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000604 Fault offset: 0x0000000000000000 Faulting process id: 0x17d8 Faulting application start time: 0x01d2707fde3253d1 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: unknown Report Id: e02f89e5-2183-4140-a0f7-622206d26353 Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge
 
Log: 'Application' Date/Time: 17/01/2017 5:09:43 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000604 Fault offset: 0x0000000000000000 Faulting process id: 0x17d8 Faulting application start time: 0x01d2707fde3253d1 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: unknown Report Id: 8abd9816-5494-4a5e-a959-3231c8a2faa6 Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge
 
Log: 'Application' Date/Time: 15/01/2017 5:05:01 AM
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/01/2017 5:04:54 AM
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/01/2017 4:43:37 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 13/01/2017 3:49:58 AM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Log: 'Application' Date/Time: 13/01/2017 3:47:29 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 13/01/2017 3:46:24 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 09/01/2017 8:49:45 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: chrome.exe, version: 55.0.2883.87, time stamp: 0x5848db5a Faulting module name: chrome_child.dll, version: 55.0.2883.87, time stamp: 0x584910c6 Exception code: 0xc0000005 Fault offset: 0x0000000000c6091c Faulting process id: 0x1560 Faulting application start time: 0x01d26a554754ceca Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module path: C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\chrome_child.dll Report Id: bac5ad08-5c85-425a-8d59-84e91e5f61b3 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2017 5:36:42 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 05/01/2017 6:12:13 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid. . 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Log: 'Application' Date/Time: 05/01/2017 6:11:41 PM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 01/01/2017 10:44:53 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid. . 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Log: 'Application' Date/Time: 01/01/2017 10:44:06 PM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 01/01/2017 10:43:40 PM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
Log: 'Application' Date/Time: 31/12/2016 11:16:53 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85 Faulting module name: MtcUvc.dll, version: 0.0.0.0, time stamp: 0x584a7c27 Exception code: 0xc0000005 Fault offset: 0x0000000000011dc0 Faulting process id: 0x220 Faulting application start time: 0x01d263b9a0c4f5a5 Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\Windows\ShellExperiences\MtcUvc.dll Report Id: def51906-b8e9-4103-b0c9-540d85d85ba5 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App
 
Log: 'Application' Date/Time: 31/12/2016 3:27:29 PM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel was terminated because it took too long to suspend.
 
Log: 'Application' Date/Time: 28/12/2016 6:01:38 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied. .
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 13/01/2017 7:03:10 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/01/2017 7:03:10 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/01/2017 7:03:10 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/01/2017 7:03:10 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/01/2017 7:03:10 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/01/2017 7:03:10 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/01/2017 6:57:20 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
 
Log: 'Application' Date/Time: 13/01/2017 3:50:54 AM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.
 
Log: 'Application' Date/Time: 05/01/2017 2:13:59 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 with error 0x80070057.
 
Log: 'Application' Date/Time: 02/01/2017 12:53:45 AM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 with error 0x80070057.
 
Log: 'Application' Date/Time: 01/01/2017 10:45:28 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 with error 0x80070057.
 
Log: 'Application' Date/Time: 28/12/2016 8:21:39 AM
Type: Warning Category: 0
Event: 6006 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <TrustedInstaller> took 323 second(s) to handle the notification event (CreateSession).
 
Log: 'Application' Date/Time: 28/12/2016 8:17:15 AM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).
 
Log: 'Application' Date/Time: 28/12/2016 8:10:56 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
 
Log: 'Application' Date/Time: 17/12/2016 3:02:02 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1264) SUS20ClientDataStore: A request to write to the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (48 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 17/12/2016 3:01:41 AM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1264) SUS20ClientDataStore: A request to write to the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 04/12/2016 6:23:31 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3048) WebCacheLocal: The shadow header page of file C:\Users\Kyle\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
 
Log: 'Application' Date/Time: 03/12/2016 5:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 03/12/2016 5:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 03/12/2016 5:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 

 

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP

I see a lot of time errors.

 

See if you can get it to sync with a time server:

 

https://www.tenforum...ndows-10-a.html

 

Often the default server will not work for some reason but one of the others should work.

 

Also

in Control Panel, Internet Options, Connections, LAN Settings,   Uncheck All boxes, OK.

 

Then clear the alarms:

 

Copy the next line

 

 
for  /F  "tokens=*"  %1  in  ('wevtutil.exe  el')  DO  wevtutil.exe  cl  "%1"
Open an elevated command prompt:
 
 
 
If you open an elevated command prompt it will by default open in c:\Windows\system32
 
Once you have an elevated command prompt:

Right click and Paste or Edit then Paste and the copied line will appear.  Hit Enter.
 
This will give a few errors but will clear all of the alarms we care about.
 
Now:
 
Type(with an Enter after the line):
 
 DISM  /Online  /Cleanup-Image  /RestoreHealth
 
 (I use two spaces so you can be sure to see where one space goes.  You can also copy and paste it as you did the previous line)
This will take a while to complete (10-15 minutes).  If you get an error let me know what it says.
 
Once the prompt returns:
 
Reboot.
 
 Open an elevated Command Prompt again and type (with an Enter after the line):
 
sfc  /scannow

 

 

 
 
 
This will also take a few minutes.  
 
When it finishes it will say one of the following:
 
Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
 
 
If you get the first one.  Go directly to the VEW download below.
If you get the second one, Reboot then go to the VEW download below.
If you get the last result then type (or copy and paste):
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
 
Hit Enter.  Then type::
 
notepad  \junk.txt 
 
Hit Enter. 
 
 Copy the text from notepad and paste it into a reply.
 
 
After you finish SFC, regardless of the result:
 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#7
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 19/01/2017 11:41:16 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/01/2017 7:24:15 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Connected Devices Platform Service service terminated with the following error:  Unspecified error
 
Log: 'System' Date/Time: 20/01/2017 7:22:21 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 7:22:14 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Razer Game Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 20/01/2017 7:22:14 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Razer Game Scanner Service service to connect.
 
Log: 'System' Date/Time: 20/01/2017 7:20:12 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP

Search for:

 

services.msc

hit Enter

 

Find the 

 

Connected Devices Platform Service 

 

and right click and select properties.

 

Change the Startup Type: to Disabled.

 

OK

 

Do the same for 

 

Razer Game Scanner Service

 

I would look for an updated version of the Razer software if that's something you need.

 

Set up DPC monitoring per the instructions in this link:

 

 

(Sorry it's a video but I can't find written instructions and DPC latency checker hasn't been updated yet to work on Win 10)

 

Once you have it monitoring, go in to device manager and right click on any driver you don't absolutely need.  (Network Adapters and Audio are often at fault.  Don't touch the drivers for your hard drive or video or keyboard/mouse)  Watch the DPC level as you do this.  If you disable one and DPC level drops significantly then try to update the driver.  


  • 0

#9
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Ok so went ahead and took two screenshots of the performance window. one when I was alt tabbing between this froum and my pc. Just doing basic computer stuff.

 

second screenshot is of the computer idling with the sound driver and the network driver off. Even while watching the DCP screen messing with witch one is disabled there was not a difference that I could see.

 

Razer is updated, its the software for my mouse. 

 

After that, I went ahead and updated both drivers as a new version was released on 01/01/17. Rebooted computer. Everything seems to be the same. What would you have me do next?

Attached Thumbnails

  • screen 2.png
  • shot one.png

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP

I can't tell which graph is which.  Can you uncheck the %processor time?

 

Since you have updated some driver's let's see a new Process Explorer log.


  • 0

Advertisements


#11
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Sorry for the delayed response. Working on it now. 


  • 0

#12
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

here is the screenshot of the dpc. I let it sit for a full cycle. The spikes on the left are caused when I move my mouse left and right if that matters at all.  The dns errors in my log are from using hamachi the other day. I would icnor them. 

 

I apologize if i have done anything to create more work for you. This is the only computer in the house and my wife and I use it often for our business and work. 

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 23/01/2017 9:46:17 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/01/2017 4:50:24 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 21/01/2017 8:15:42 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 21/01/2017 4:56:35 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 21/01/2017 4:56:35 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.
 
Log: 'System' Date/Time: 21/01/2017 4:56:33 PM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Log: 'System' Date/Time: 21/01/2017 12:37:48 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 21/01/2017 12:34:44 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 21/01/2017 12:31:41 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server CortanaUI did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 21/01/2017 12:31:36 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 3:55:39 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 3:53:32 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x8024001E: Definition Update for Windows Defender - KB2267602 (Definition 1.235.860.0).
 
Log: 'System' Date/Time: 20/01/2017 3:53:25 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 3:49:41 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 3:47:34 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 3:12:28 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 20/01/2017 3:12:28 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Log: 'System' Date/Time: 20/01/2017 3:11:28 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 7:42:46 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 20/01/2017 7:24:15 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Connected Devices Platform Service service terminated with the following error:  Unspecified error
 
Log: 'System' Date/Time: 20/01/2017 7:22:21 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/01/2017 4:49:04 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name win10.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 21/01/2017 12:29:24 PM
Type: Warning Category: 3
Event: 2004 Source: Microsoft-Windows-Resource-Exhaustion-Detector
Windows successfully diagnosed a low virtual memory condition. The following programs consumed the most virtual memory: H1Z1.exe (1808) consumed 4683452416 bytes, chrome.exe (5984) consumed 331010048 bytes, and MsMpEng.exe (1868) consumed 132423680 bytes.
 
Log: 'System' Date/Time: 20/01/2017 6:15:05 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name hqvtgrqbezkezfh timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/01/2017 3:37:21 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name newmops.tse.com.tw timed out after none of the configured DNS servers responded.
 

Attached Thumbnails

  • dpc.png

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP
Log: 'System' Date/Time: 21/01/2017 12:29:24 PM
Type: Warning Category: 3
Event: 2004 Source: Microsoft-Windows-Resource-Exhaustion-Detector
Windows successfully diagnosed a low virtual memory condition. The following programs consumed the most virtual memory: H1Z1.exe (1808) consumed 4,683,452,416 bytes, chrome.exe (5984) consumed 331,010,048 bytes, and MsMpEng.exe (1868) consumed 132,423,680 bytes.

 

 

 
Apparently H1Z1.exe is not ready for prine time and still has a bad memory leak:
 
 H1Z1: King of the Kill is a game currently in development under Steam Early Access by Daybreak Game Company.

 

 

The other two mentioned are about normal.

However:

 MsMpEng.exe = Windows Defender didn't get its last update:

 

Log: 'System' Date/Time: 20/01/2017 3:53:32 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x8024001E: Definition Update for Windows Defender - KB2267602 (Definition 1.235.860.0).

 

 

I think Defender updates come through Windows Update so do a search for:
 
windows update
and hit Enter.  That should open the Windows Update in Control Panel.  You can check Update History there and also see if there are any updates that need to be installed.

 
Log: 'System' Date/Time: 20/01/2017 6:15:05 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name hqvtgrqbezkezfh timed out after none of the configured DNS servers responded.
 

 

 

This one looks a bit odd.  Did you just randomly type in something in the URL box on a browser?  If not it may be a sign of malware.
 
I use DPC Latency checker on my Windows 7 which has a bug in Windows 10 that sets the base line at about 1000 but when I move the mouse it does not react.  See if it reacts to your mouse movement.

  • 0

#14
Krockz1993

Krockz1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

I have been away from home for the last few days. Will be responding in the next 24 hours. sorry for the delay and I apreciate your help 


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,887 posts
  • MVP

delays are no problem


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP