Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Painfully slow laptop


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,388 posts
  • MVP
.
Error: (07/10/2017 11:32:18 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

 

 

We can turn it off.
 
Search for
services.msc
hit Enter
 
find Netlogon and Right click and select Properties
 
Change Startup Type: from Automatic to Manual.  OK.
 
Now find
 
HV Host Service
 
and do the same 
 
Reboot and see if it boots quickly enough now.

  • 0

Advertisements


#32
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts

Hi,

 

When I searched for services.msc, I got 8 different files. Anyway, I edited to first one and assume it will apply to all.

 

When I searched for HV Host Service, nothing came up. Is this a hidden file?

 

It boots up quite fast now. It's a lot less frustrating to use as well.

 

RSP


  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,388 posts
  • MVP

Normally when you do a search for services.msc the top result is the one we want so hitting Enter selects it.  This should bring up the services window.  Netlogon and hv host should be on the services window.  HV Host might be called  HyperV Host.  I'm just seeing it in the Event logs as something that doesn't start and sometimes the name is slightly different from the even log.


  • 0

#34
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts

Hi,

 

Sorry, I think I misunderstood your instructions before. I've now followed them properly.

 

I did a restart with HV Host Service on automatic and then again on manual.

 

From clicking 'restart' to getting the password screen takes just under 2 minutes on automatic and 2 minutes 30 on manual.

 

Computer's definitely livelier now though.

 

Regards

 

RSP


  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,388 posts
  • MVP

I guess it likes automatic better.  Did we search for

 

power options

 

and hit Enter.  Then change the power plan to High Performance?  OK.

 

Run VEW again so I can see what else we need to fix.


  • 0

#36
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts

Hi,

 

Sorry for the delay.

 

I found power options and it was set on high performance already.

 

Regards

 

RSP


  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,388 posts
  • MVP

Run VEW again so I can see what else we need to fix.


  • 0

#38
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts

Hi,

 

Done that, here's the reports:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 16/07/2017 08:43:22

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/07/2017 08:30:29
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/07/2017 07:39:47
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 07:39:47
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 15/07/2017 17:24:54
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 15/07/2017 17:24:54
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 15/07/2017 16:36:31
Type: Error Category: 0
Event: 3 Source: MEIx64
Intel® Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004181, FWSTS1: 0x16462100).

Log: 'System' Date/Time: 15/07/2017 16:36:16
Type: Error Category: 0
Event: 3 Source: MEIx64
Intel® Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004181, FWSTS1: 0x16462100).

Log: 'System' Date/Time: 15/07/2017 16:36:00
Type: Error Category: 0
Event: 3 Source: MEIx64
Intel® Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004181, FWSTS1: 0x16462100).

Log: 'System' Date/Time: 15/07/2017 16:35:44
Type: Error Category: 0
Event: 3 Source: MEIx64
Intel® Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004181, FWSTS1: 0x16462100).

Log: 'System' Date/Time: 15/07/2017 16:35:28
Type: Error Category: 0
Event: 3 Source: MEIx64
Intel® Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004181, FWSTS1: 0x16462100).

Log: 'System' Date/Time: 15/07/2017 16:34:34
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Log: 'System' Date/Time: 15/07/2017 16:34:34
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Log: 'System' Date/Time: 15/07/2017 16:34:34
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Log: 'System' Date/Time: 15/07/2017 16:34:34
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Log: 'System' Date/Time: 15/07/2017 16:34:34
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Log: 'System' Date/Time: 15/07/2017 16:34:34
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Log: 'System' Date/Time: 15/07/2017 16:32:04
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Update Orchestrator Service service did not shut down properly after receiving a pre-shutdown control.

Log: 'System' Date/Time: 15/07/2017 11:15:08
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 15/07/2017 11:15:08
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 15/07/2017 08:33:46
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 15/07/2017 08:33:46
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/07/2017 07:41:02
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\TOWER on the network \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}.    Browser master: \\TOWER  Network: \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 16/07/2017 07:40:12
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 51244 seconds since the last report.

Log: 'System' Date/Time: 16/07/2017 07:40:12
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 51244 seconds since the last report.

Log: 'System' Date/Time: 16/07/2017 07:39:19
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

Log: 'System' Date/Time: 16/07/2017 07:39:18
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 15/07/2017 16:38:00
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\TOWER on the network \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}.    Browser master: \\TOWER  Network: \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 15/07/2017 16:36:31
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Log: 'System' Date/Time: 15/07/2017 16:36:16
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Log: 'System' Date/Time: 15/07/2017 16:36:00
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Log: 'System' Date/Time: 15/07/2017 16:35:45
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

Log: 'System' Date/Time: 15/07/2017 16:35:44
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Log: 'System' Date/Time: 15/07/2017 16:35:28
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Log: 'System' Date/Time: 15/07/2017 12:21:47
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name google.be timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/07/2017 11:16:32
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\TOWER on the network \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}.    Browser master: \\TOWER  Network: \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 15/07/2017 11:14:44
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

Log: 'System' Date/Time: 15/07/2017 08:32:19
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 15/07/2017 08:32:18
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 15/07/2017 08:32:18
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 15/07/2017 08:31:49
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Log: 'System' Date/Time: 15/07/2017 08:31:34
Type: Warning Category: 0
Event: 4 Source: MEIx64
The Intel® Management Engine Interface is being disabled.

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 16/07/2017 08:44:21

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 15/07/2017 16:36:52
Type: Error Category: 1
Event: 10021 Source: Microsoft-Windows-Search
Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Log: 'Application' Date/Time: 15/07/2017 16:36:50
Type: Error Category: 3
Event: 3007 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue


Log: 'Application' Date/Time: 15/07/2017 16:36:46
Type: Error Category: 3
Event: 3006 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.


Log: 'Application' Date/Time: 15/07/2017 08:32:49
Type: Error Category: 1
Event: 10021 Source: Microsoft-Windows-Search
Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Log: 'Application' Date/Time: 15/07/2017 08:32:47
Type: Error Category: 3
Event: 3007 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue


Log: 'Application' Date/Time: 15/07/2017 08:32:24
Type: Error Category: 3
Event: 3006 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.


Log: 'Application' Date/Time: 12/07/2017 20:22:53
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 12/07/2017 20:17:22
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: OUTLOOK.EXE, version: 15.0.4937.1000, time stamp: 0x591aa454 Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f7ce6 Exception code: 0xc0000409 Fault offset: 0x000a7666 Faulting process ID: 0x3b0 Faulting application start time: 0x01d2fb4bd7bb2810 Faulting application path: C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE Faulting module path: C:\WINDOWS\SYSTEM32\MSVCR120.dll Report ID: f8b3baf4-0004-4557-9a0b-580bae368393 Faulting package full name:  Faulting package-relative application ID:

Log: 'Application' Date/Time: 11/07/2017 19:18:18
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "rdyboost" in DLL "C:\WINDOWS\system32\sysmain.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 11/07/2017 19:18:18
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service ".NETFramework" in DLL "C:\WINDOWS\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 11/07/2017 18:55:44
Type: Error Category: 1
Event: 10021 Source: Microsoft-Windows-Search
Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Log: 'Application' Date/Time: 11/07/2017 18:55:44
Type: Error Category: 3
Event: 3007 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue


Log: 'Application' Date/Time: 11/07/2017 18:55:44
Type: Error Category: 3
Event: 3006 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.


Log: 'Application' Date/Time: 11/07/2017 18:47:21
Type: Error Category: 1
Event: 10021 Source: Microsoft-Windows-Search
Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Log: 'Application' Date/Time: 11/07/2017 18:47:21
Type: Error Category: 3
Event: 3007 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue


Log: 'Application' Date/Time: 11/07/2017 18:47:19
Type: Error Category: 3
Event: 3006 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.


Log: 'Application' Date/Time: 11/07/2017 18:45:02
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/07/2017 18:44:58
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/07/2017 18:44:58
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/07/2017 18:23:15
Type: Error Category: 0
Event: 16 Source: SecurityCenter
Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 15/07/2017 11:42:45
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 with error 0x80070057.

Log: 'Application' Date/Time: 15/07/2017 11:29:39
Type: Warning Category: 0
Event: 36 Source: Outlook
Search cannot complete the indexing of your Outlook data. Indexing cannot continue for C:\Users\Owner\AppData\Local\Microsoft\Outlook\Elizabeth@eyork.uk.ost (error=0x81404005). If this error continues, contact Microsoft Support.

Log: 'Application' Date/Time: 15/07/2017 08:03:35
Type: Warning Category: 0
Event: 36 Source: Outlook
Search cannot complete the indexing of your Outlook data. Indexing cannot continue for C:\Users\Owner\AppData\Local\Microsoft\Outlook\Elizabeth@eyork.uk.ost (error=0x81404005). If this error continues, contact Microsoft Support.

Log: 'Application' Date/Time: 12/07/2017 20:17:40
Type: Warning Category: 0
Event: 59 Source: Outlook


ProgID: MailScanAddin.Connect
GUID: {BC660FAD-C7C4-45F6-B536-90CB7F3865E0}
Name: BullGuard Spamfilter
Description: Blocks unsolicited e-mails, keeping your inbox clean
Load Behavior: 3
HKLM: 0
Location: c:\program files\bullguard ltd\bullguard\files32\spamfilter\mailscanaddin.dll
Threshold Time (Milliseconds): 0
Time Taken (Milliseconds): 0
Disable Reason: The add-in caused Outlook to crash, but wasn't disabled because it is in the do not disable list. It wasn't disabled because it's in the always enable list.
Policy Exception (Allow List): 0

Log: 'Application' Date/Time: 11/07/2017 19:29:32
Type: Warning Category: 0
Event: 36 Source: Outlook
Search cannot complete the indexing of your Outlook data. Indexing cannot continue for C:\Users\Owner\AppData\Local\Microsoft\Outlook\Elizabeth@eyork.uk.ost (error=0x81404005). If this error continues, contact Microsoft Support.

Log: 'Application' Date/Time: 11/07/2017 18:39:29
Type: Warning Category: 7
Event: 508 Source: ESENT
SettingSyncHost (11740) {4EA5089F-DECD-4816-923C-AE9EDB805077}: A request to write to the file "C:\Users\Owner\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.jfm" at offset 0 (0x0000000000000000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (19 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 11/07/2017 18:39:10
Type: Warning Category: 7
Event: 508 Source: ESENT
SettingSyncHost (11740) {4EA5089F-DECD-4816-923C-AE9EDB805077}: A request to write to the file "C:\Users\Owner\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb.log" at offset 376832 (0x000000000005c000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (260 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 11/07/2017 18:35:28
Type: Warning Category: 1
Event: 533 Source: ESENT
SettingSyncHost (11740) {4EA5089F-DECD-4816-923C-AE9EDB805077}: A request to write to the file "C:\Users\Owner\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb.log" at offset 376832 (0x000000000005c000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 11/07/2017 18:03:12
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1092) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 499712 (0x000000000007a000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 11/07/2017 18:00:22
Type: Warning Category: 0
Event: 36 Source: Outlook
Search cannot complete the indexing of your Outlook data. Indexing cannot continue for C:\Users\Owner\AppData\Local\Microsoft\Outlook\Elizabeth@eyork.uk.ost (error=0x81404005). If this error continues, contact Microsoft Support.

Log: 'Application' Date/Time: 11/07/2017 17:59:06
Type: Warning Category: 7
Event: 509 Source: ESENT
svchost (15552) Unistore: A request to read from the file "C:\Users\Owner\AppData\Local\Comms\UnistoreDB\store.vol" at offset 1622016 (0x000000000018c000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (16 seconds) to be serviced by the OS. In addition, 0 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 0 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 11/07/2017 17:59:06
Type: Warning Category: 7
Event: 507 Source: ESENT
svchost (15552) Unistore: A request to read from the file "C:\Users\Owner\AppData\Local\Comms\UnistoreDB\store.vol" at offset 9457664 (0x0000000000905000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 10/07/2017 18:49:37
Type: Warning Category: 0
Event: 36 Source: Outlook
Search cannot complete the indexing of your Outlook data. Indexing cannot continue for C:\Users\Owner\AppData\Local\Microsoft\Outlook\Elizabeth@eyork.uk.ost (error=0x81404005). If this error continues, contact Microsoft Support.

 


  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,388 posts
  • MVP
Let's turn off the last remnant of Intel® Management Engine Components so that we will stop getting its errors:
 
Copy the next 2 lines:
 
sc config MEIx64 start= disabled
for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
Open an Elevated Command Prompt:
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter.
 
Run Windows Repair All In One again and this time let it fix 
 
Repair Windows Updates
 
Reboot and run VEW again.
 
 

  • 0

#40
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts

Hi,

 

I've done the Windows repair. The software doesn't appear to mention anything about repairing Windows updates, I assume this is all done together, or do I need other software to do that?

 

Anyway, here'sa the VEW files:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 16/07/2017 17:28:37

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/07/2017 14:35:02
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/07/2017 16:22:57
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 16:22:57
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 16:22:43
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Defender Antivirus Service service failed to start due to the following error:  Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Log: 'System' Date/Time: 16/07/2017 16:22:18
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The PowerBiosServer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 16/07/2017 16:22:18
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the PowerBiosServer service to connect.

Log: 'System' Date/Time: 16/07/2017 16:21:47
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The HomeGroupListener service terminated with the following service-specific error:  There are no more endpoints available from the endpoint mapper.

Log: 'System' Date/Time: 16/07/2017 16:21:46
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The HvHost service terminated with the following error:  A device attached to the system is not functioning.

Log: 'System' Date/Time: 16/07/2017 16:21:44
Type: Error Category: 0
Event: 3095 Source: NETLOGON
This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

Log: 'System' Date/Time: 16/07/2017 15:12:12
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 15:12:12
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 15:12:12
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 15:12:12
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 15:04:01
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Log: 'System' Date/Time: 16/07/2017 14:37:35
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 14:37:35
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Sage AutoUpdate Manager Service service to connect.

Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Sage SData Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Sage SData Service service to connect.

Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The PowerBiosServer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the PowerBiosServer service to connect.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/07/2017 16:23:23
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\TOWER on the network \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}.    Browser master: \\TOWER  Network: \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 16/07/2017 16:21:50
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device SWD\POS\{E485AF9B-A863-4A88-9368-99EC17C38724}_?usb_vid_04f2&pid_b43b&mi_00_6&8618e4c&0&0000_{e5323777-f976-4f5b-9b55-b94699c46e44}global.

Log: 'System' Date/Time: 16/07/2017 16:21:28
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

Log: 'System' Date/Time: 16/07/2017 14:37:56
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\TOWER on the network \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}.    Browser master: \\TOWER  Network: \Device\NetBT_Tcpip_{CAB2D349-7034-4DA7-9DA5-105CC6262F19}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 16/07/2017 14:35:39
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 16/07/2017 14:35:38
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 16/07/2017 14:35:17
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 16/07/2017 17:29:40

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/07/2017 16:28:46
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: This app does not support the contract specified or is not installed. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 16/07/2017 16:25:16
Type: Error Category: 0
Event: 16 Source: SecurityCenter
Error while updating  status to SECURITY_PRODUCT_STATE_ON.

Log: 'Application' Date/Time: 16/07/2017 16:25:16
Type: Error Category: 0
Event: 16 Source: SecurityCenter
Error while updating  status to SECURITY_PRODUCT_STATE_ON.

Log: 'Application' Date/Time: 16/07/2017 16:25:16
Type: Error Category: 0
Event: 16 Source: SecurityCenter
Error while updating  status to SECURITY_PRODUCT_STATE_ON.

Log: 'Application' Date/Time: 16/07/2017 16:23:41
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: This app does not support the contract specified or is not installed. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 16/07/2017 16:22:00
Type: Error Category: 1
Event: 10021 Source: Microsoft-Windows-Search
Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Log: 'Application' Date/Time: 16/07/2017 16:21:56
Type: Error Category: 3
Event: 3007 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue


Log: 'Application' Date/Time: 16/07/2017 16:21:53
Type: Error Category: 3
Event: 3006 Source: Microsoft-Windows-Search
Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.


Log: 'Application' Date/Time: 16/07/2017 15:11:13
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: This app does not support the contract specified or is not installed. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 16/07/2017 15:02:19
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected

Log: 'Application' Date/Time: 16/07/2017 15:02:19
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected

Log: 'Application' Date/Time: 16/07/2017 15:01:33
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:33
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:33
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:33
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:33
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:33
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:32
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_health attempted to register query "select * from WSP_StorageHealthStatusChangeEvent" whose target class "WSP_StorageHealthStatusChangeEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:32
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_health attempted to register query "select * from WSP_StorageFaultEvent" whose target class "WSP_StorageFaultEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Log: 'Application' Date/Time: 16/07/2017 15:01:32
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_health attempted to register query "select * from WSP_HealthActionEvent" whose target class "WSP_HealthActionEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/07/2017 15:01:31
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:31
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:28
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:28
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:19
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_FolderRedirectionConfiguration, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:19
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_FolderRedirectionConfiguration, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:18
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:18
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:01:18
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:38
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:38
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:34
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, HiPerfCooker_v1, has been registered in the Windows Management Instrumentation namespace Root\WMI to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:34
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, HiPerfCooker_v1, has been registered in the Windows Management Instrumentation namespace Root\WMI to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:29
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, CommandLineEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:29
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, CommandLineEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:29
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, LogFileEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:29
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, LogFileEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:27
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:27
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 16/07/2017 15:00:27
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, UserProfileConfigurationProvider, has been registered in the Windows Management Instrumentation namespace ROOT\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Regards

 

RSP


  • 0

Advertisements


#41
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,388 posts
  • MVP
Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The PowerBiosServer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the PowerBiosServer service to connect.

 

 

This is part of Hotkey 8.0153  Not sure what it does or if you really need it but perhaps an uninstall and fresh download would make it happy.  You can also search for

 

services.msc

 

hit Enter and then Find the  PowerBiosServer service.  See if it has started by now.

 

Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Sage AutoUpdate Manager Service service to connect.
 
Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Sage SData Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 16/07/2017 14:36:06
Type: Error Category: 0
Event: 7009 Source: Service Control Manager

 

A timeout was reached (30000 milliseconds) while waiting for the Sage SData Service service to connect.
 

 

 

I assume this is part of Sage 50 Accounts 2013.  Is this somehting you use?  If not uninstall.  If you do need it then get a new copy.
 
 
Log: 'System' Date/Time: 16/07/2017 14:35:39
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 16/07/2017 14:35:38
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

 

 

 
This one needs to be fixed.  If the clock get too far off you won't be able to go to HTTPS sites.
 
 
Are you having trouble shutting it down?
 
Reboot and run vew again
 
I like to use one of the .gov sites.  They seem to work better than the one from microsoft.
 
 
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP