Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer running slow


  • Please log in to reply

#1
rpschultz9

rpschultz9

    New Member

  • Member
  • Pip
  • 8 posts

I was told my computer may be running slow because I have three antivirus programs running. I have Windows 10 - which apparently has it's own antivirus software, McaFee, and Malwarebytes. Is that true? Is my computer probably running slower because I have too many antivirus programs running?  IF so which of the tree is better? I seem to get more notices about potential problems from the Malwarebytes software than McaFee and one from Windows 10


Edited by rpschultz9, 05 November 2017 - 11:23 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,913 posts
  • MVP

Win 10 comes with Windows Defender which is really a renamed version of Microsoft Security Essentials.  Normally when you install a 2nd anti-virus the new one will prevent Windows Defender from running.  MBAM (the free version isn't really an anti-virus and it doesn't normally conflict with your anti-virus.  That being said, McAfee is a piece of junk and may slow your PC down.  You can't just uninstall it.  You need to get their McAfee Consumer Product Removal tool (MCPR) to get rid of it.  https://service.mcafee.com/webcenter/portal/cp/home/articleview;jsessionid=HJuZpekW0wDjt1E1lNUXm86L041Lb7-WhFxLEq9K54VW4Yfo_jar!897861006!-562850338?articleId=TS101331&_afrLoop=645665182998016#!%40%40%3F_afrLoop%3D645665182998016%26articleId%3DTS101331%26centerWidth%3D100%2525%26leftWidth%3D0%2525%26rightWidth%3D0%2525%26showFooter%3Dfalse%26showHeader%3Dfalse%26_adf.ctrl-state%3D5w42iqqyv_4 

 

If you have signed up for automatic renewal make sure you cancel.

 

Let's see if your PC is slow:

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 


  • 0

#3
rpschultz9

rpschultz9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

ok, if I did this right here is the report:

 

Process CPU Private Bytes Working Set PID Verified Signer
System Idle Process 85.97 52 K 8 K 0 
procexp64.exe 1.98 29,144 K 64,268 K 13764 (Verified) Microsoft Corporation
OPBHOBrokerDsktop.exe 0.82 13,080 K 25,060 K 9972 (Verified) Softex Incorporated
svchost.exe < 0.01 92,292 K 83,124 K 3820 (Verified) Microsoft Windows Publisher
Interrupts 0.41 0 K 0 K n/a 
System 0.49 200 K 8,836 K 4 
dwm.exe 0.16 48,688 K 59,244 K 11020 
MBAMService.exe 0.61 338,504 K 315,484 K 3944 (Verified) Malwarebytes Corporation
csrss.exe 0.12 2,248 K 3,500 K 3000 
MusicManager.exe 0.08 35,348 K 36,080 K 13264 (No signature was present in the subject) Google Inc.
services.exe 0.06 6,376 K 7,324 K 900 
explorer.exe 0.06 66,116 K 105,016 K 2080 (Verified) Microsoft Windows
ptumlcmsvc64.exe  2,556 K 2,480 K 3796 (Verified) Pantech Inc.
svchost.exe 0.02 3,632 K 4,604 K 4984 (Verified) Microsoft Windows Publisher
vpnclient.exe 0.03 11,408 K 2,064 K 3828 (Verified) GZ Systems Limited
SecurityHealthService.exe 0.02 4,184 K 4,336 K 3848 (Verified) Microsoft Windows Publisher
svchost.exe 0.02 5,068 K 9,772 K 11280 (Verified) Microsoft Windows Publisher
mcapexe.exe 0.02 3,504 K 2,764 K 7708 (Verified) McAfee
iPodService.exe 0.02 2,316 K 1,936 K 8852 (Verified) Apple Inc.
WDDriveService.exe 0.01 12,456 K 14,364 K 3772 (Verified) WESTERN DIGITAL TECHNOLOGIES
svchost.exe 0.02 8,040 K 10,344 K 1032 (Verified) Microsoft Windows Publisher
mbamtray.exe 0.01 18,488 K 17,380 K 15188 (Verified) Malwarebytes Corporation
lsass.exe 0.03 10,552 K 14,472 K 908 (Verified) Microsoft Windows Publisher
SearchIndexer.exe 0.45 74,784 K 53,448 K 3804 (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 3,816 K 2,772 K 3664 (Verified) Apple Inc.
YouCamService.exe < 0.01 4,752 K 876 K 11572 (Verified) CyberLink Corp.
MfeAVSvc.exe < 0.01 20,356 K 25,024 K 12828 
NvBackend.exe < 0.01 1,944 K 3,056 K 5132 (Verified) NVIDIA Corporation
spoolsv.exe < 0.01 11,780 K 17,828 K 2880 (Verified) Microsoft Windows
officeclicktorun.exe < 0.01 26,080 K 25,440 K 3740 (Verified) Microsoft Corporation
ss_conn_service.exe < 0.01 1,988 K 1,264 K 3916 (Verified) Samsung Electronics CO.
WDBackupEngine.exe < 0.01 28,772 K 13,900 K 6080 (Verified) WESTERN DIGITAL TECHNOLOGIES
SynTPEnh.exe < 0.01 6,228 K 9,120 K 4608 (Verified) Synaptics Incorporated
NVDisplay.Container.exe < 0.01 8,956 K 10,668 K 12036 
WmiPrvSE.exe < 0.01 11,528 K 14,024 K 8748 
csrss.exe 0.33 2,448 K 2,196 K 716 
svchost.exe < 0.01 6,640 K 15,816 K 1184 (Verified) Microsoft Windows Publisher
dasHost.exe  11,372 K 15,484 K 4500 
MMSSHOST.exe < 0.01 44,800 K 50,524 K 16284 
ipoint.exe < 0.01 4,828 K 3,004 K 404 (Verified) Microsoft Corporation
svchost.exe  8,444 K 11,788 K 2380 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 21,736 K 20,308 K 9376 (Verified) Microsoft Windows Publisher
WUDFHost.exe  1,576 K 576 K 1208 
wmpnetwk.exe < 0.01 14,332 K 7,372 K 2188 (Verified) Microsoft Windows
wlanext.exe 0.01 2,284 K 3,048 K 3096 
winword.exe  69,540 K 84,392 K 15272 (Verified) Microsoft Corporation
WinStore.App.exe Suspended 31,440 K 540 K 9408 (No signature was present in the subject) Microsoft Corporation
winlogon.exe  2,344 K 2,492 K 3612 
wininit.exe  1,560 K 748 K 824 
Video.UI.exe Suspended 18,860 K 356 K 2364 (No signature was present in the subject)
Updater.exe  4,880 K 2,296 K 3624 (No signature was present in the subject) Popcorn Time
TomTomHOMEService.exe  896 K 68 K 3616 (Verified) TomTom International BV
taskhostw.exe  14,344 K 22,616 K 1828 (Verified) Microsoft Windows
TabTip32.exe  1,280 K 1,368 K 16424 
TabTip.exe  4,316 K 7,444 K 11420 
SynTPHelper.exe  1,028 K 976 K 11756 
SynTPEnhService.exe  1,200 K 948 K 3764 (Verified) Synaptics Incorporated
svchost.exe 0.03 5,352 K 7,492 K 3060 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 6,492 K 10,392 K 5644 (Verified) Microsoft Windows Publisher
svchost.exe  4,244 K 7,032 K 10244 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,376 K 4,792 K 2796 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,540 K 5,588 K 1836 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,956 K 4,108 K 4028 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,476 K 9,728 K 3788 (Verified) Microsoft Windows Publisher
svchost.exe  2,752 K 4,780 K 10880 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 17,088 K 21,052 K 628 (Verified) Microsoft Windows Publisher
svchost.exe  1,984 K 3,556 K 3648 (Verified) Microsoft Windows Publisher
svchost.exe  9,904 K 20,444 K 15872 (Verified) Microsoft Windows Publisher
svchost.exe  4,316 K 15,296 K 10704 (Verified) Microsoft Windows Publisher
svchost.exe  2,780 K 3,720 K 2720 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,908 K 4,780 K 7512 (Verified) Microsoft Windows Publisher
svchost.exe  3,436 K 3,776 K 1088 (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 10,200 K 11,068 K 1572 (Verified) Microsoft Windows Publisher
svchost.exe  3,500 K 4,608 K 2776 (Verified) Microsoft Windows Publisher
svchost.exe  4,764 K 6,264 K 1788 (Verified) Microsoft Windows Publisher
svchost.exe  6,332 K 6,620 K 1704 (Verified) Microsoft Windows Publisher
svchost.exe  13,648 K 11,536 K 1596 (Verified) Microsoft Windows Publisher
svchost.exe  1,668 K 2,032 K 2752 (Verified) Microsoft Windows Publisher
svchost.exe  2,032 K 4,344 K 1532 (Verified) Microsoft Windows Publisher
svchost.exe  2,280 K 3,616 K 1740 (Verified) Microsoft Windows Publisher
svchost.exe  2,660 K 3,228 K 3732 (Verified) Microsoft Windows Publisher
svchost.exe  3,700 K 5,316 K 5692 (Verified) Microsoft Windows Publisher
svchost.exe  1,964 K 4,244 K 12864 (Verified) Microsoft Windows Publisher
svchost.exe  2,020 K 2,856 K 3160 (Verified) Microsoft Windows Publisher
svchost.exe  1,792 K 6,796 K 9456 (Verified) Microsoft Windows Publisher
svchost.exe  23,488 K 24,100 K 3708 (Verified) Microsoft Windows Publisher
svchost.exe  4,736 K 9,304 K 1636 (Verified) Microsoft Windows Publisher
svchost.exe  2,592 K 4,272 K 6360 (Verified) Microsoft Windows Publisher
svchost.exe  3,044 K 6,416 K 2492 (Verified) Microsoft Windows Publisher
svchost.exe  2,824 K 2,732 K 8472 (Verified) Microsoft Windows Publisher
svchost.exe  1,664 K 1,108 K 1284 (Verified) Microsoft Windows Publisher
svchost.exe  2,112 K 1,272 K 12328 (Verified) Microsoft Windows Publisher
svchost.exe  6,684 K 11,024 K 3716 (Verified) Microsoft Windows Publisher
svchost.exe  1,964 K 5,092 K 2412 (Verified) Microsoft Windows Publisher
svchost.exe  3,524 K 9,236 K 4296 (Verified) Microsoft Windows Publisher
svchost.exe  5,640 K 8,476 K 3724 (Verified) Microsoft Windows Publisher
svchost.exe  9,036 K 11,268 K 4020 (Verified) Microsoft Windows Publisher
svchost.exe  2,584 K 3,164 K 8248 (Verified) Microsoft Windows Publisher
svchost.exe  5,284 K 6,068 K 7172 (Verified) Microsoft Windows Publisher
svchost.exe  920 K 432 K 540 (Verified) Microsoft Windows Publisher
svchost.exe  1,352 K 356 K 1152 (Verified) Microsoft Windows Publisher
svchost.exe  2,216 K 4,352 K 1200 (Verified) Microsoft Windows Publisher
svchost.exe  1,716 K 1,380 K 1332 (Verified) Microsoft Windows Publisher
svchost.exe  7,284 K 8,976 K 2004 (Verified) Microsoft Windows Publisher
svchost.exe  2,508 K 4,808 K 1668 (Verified) Microsoft Windows Publisher
svchost.exe  2,148 K 5,220 K 2088 (Verified) Microsoft Windows Publisher
svchost.exe  1,304 K 1,384 K 2200 (Verified) Microsoft Windows Publisher
svchost.exe  2,036 K 4,056 K 2212 (Verified) Microsoft Windows Publisher
svchost.exe  2,288 K 2,356 K 2288 (Verified) Microsoft Windows Publisher
svchost.exe  1,852 K 1,932 K 2404 (Verified) Microsoft Windows Publisher
svchost.exe  3,004 K 2,804 K 3672 (Verified) Microsoft Windows Publisher
svchost.exe  4,064 K 1,916 K 3780 (Verified) Microsoft Windows Publisher
svchost.exe  1,308 K 1,820 K 3812 (Verified) Microsoft Windows Publisher
svchost.exe  3,972 K 4,896 K 4000 (Verified) Microsoft Windows Publisher
svchost.exe  3,436 K 8,432 K 4036 (Verified) Microsoft Windows Publisher
svchost.exe  1,600 K 816 K 4532 (Verified) Microsoft Windows Publisher
svchost.exe  3,624 K 5,760 K 4836 (Verified) Microsoft Windows Publisher
svchost.exe  1,624 K 2,236 K 6028 (Verified) Microsoft Windows Publisher
svchost.exe  1,792 K 3,668 K 6040 (Verified) Microsoft Windows Publisher
svchost.exe  3,708 K 3,740 K 8516 (Verified) Microsoft Windows Publisher
svchost.exe  2,312 K 3,580 K 8484 (Verified) Microsoft Windows Publisher
svchost.exe  2,404 K 3,692 K 8476 (Verified) Microsoft Windows Publisher
svchost.exe  6,564 K 1,656 K 7980 (Verified) Microsoft Windows Publisher
svchost.exe  1,384 K 1,040 K 6240 (Verified) Microsoft Windows Publisher
svchost.exe  1,564 K 648 K 7656 (Verified) Microsoft Windows Publisher
svchost.exe  1,968 K 1,772 K 11104 (Verified) Microsoft Windows Publisher
svchost.exe  2,228 K 2,888 K 3224 (Verified) Microsoft Windows Publisher
svchost.exe  3,616 K 3,596 K 4392 (Verified) Microsoft Windows Publisher
svchost.exe  8,868 K 18,240 K 10968 (Verified) Microsoft Windows Publisher
svchost.exe  1,984 K 2,508 K 6604 (Verified) Microsoft Windows Publisher
svchost.exe  1,940 K 7,284 K 16908 (Verified) Microsoft Windows Publisher
smss.exe  488 K 288 K 420 
smartscreen.exe  25,844 K 40,364 K 1456 (Verified) Microsoft Windows
SkypeHost.exe Suspended 50,940 K 38,716 K 9740 (No signature was present in the subject) Microsoft Corporation
sihost.exe  8,148 K 26,968 K 13180 (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 44,620 K 74,320 K 10580 (Verified) Microsoft Windows
SettingSyncHost.exe  2,252 K 956 K 10532 (Verified) Microsoft Windows
SearchUI.exe Suspended 55,052 K 84,944 K 6740 (Verified) Microsoft Windows
saUI.exe  1,892 K 4,504 K 15148 
RuntimeBroker.exe  28,916 K 52,652 K 10364 (Verified) Microsoft Windows
RtkAudioService64.exe  2,216 K 1,716 K 2652 (Verified) Realtek Semiconductor Corp
RAVBg64.exe  6,032 K 5,208 K 11300 
procexp.exe  3,124 K 10,244 K 15184 (Verified) Microsoft Corporation
PresentationFontCache.exe  24,936 K 1,064 K 9792 (Verified) Microsoft Corporation
PEFService.exe  1,568 K 1,244 K 14404 (Verified) McAfee
opvapp.exe  2,084 K 2,324 K 11652 
OPBHOBroker.exe  3,188 K 3,988 K 2980 
OmniServ.exe  3,412 K 2,412 K 1672 (No signature was present in the subject) Softex Inc.
nvtray.exe  2,392 K 2,320 K 9964 (Verified) NVIDIA Corporation
NVDisplay.Container.exe  2,960 K 4,348 K 3876 (Verified) NVIDIA Corporation
MSASCuiL.exe  1,924 K 2,208 K 14296 (Verified) Microsoft Windows
ModuleCoreService.exe  42,872 K 49,712 K 3748 (Verified) McAfee
ModuleCoreService.exe  11,784 K 13,444 K 1268 (Verified) McAfee
mfevtps.exe  11,696 K 10,596 K 5364 
mfevtps.exe  1,836 K 828 K 3936 (Verified) McAfee
mfemms.exe  2,796 K 5,024 K 4056 (Verified) McAfee
mfefire.exe < 0.01 4,468 K 4,276 K 7436 
Memory Compression  564 K 63,704 K 4752 
mDNSResponder.exe  1,952 K 2,936 K 3860 (Verified) Apple Inc.
McVulCtr.exe  9,824 K 3,172 K 10980 
McUICnt.exe  13,716 K 23,412 K 13640 (Verified) McAfee
mcsync.exe  9,268 K 3,812 K 1128 
mcsacore.exe < 0.01 42,660 K 5,660 K 3928 (Verified) McAfee
McCSPServiceHost.exe  6,672 K 12,680 K 972 (Verified) McAfee
LMS.exe  2,992 K 2,188 K 9116 (Verified) Intel Corporation - Software and Firmware Products
jhi_service.exe  1,276 K 92 K 9080 (Verified) Intel Corporation - Intel® Management Engine Firmware
itype.exe  4,900 K 2,604 K 16240 (Verified) Microsoft Corporation
IntelMeFWService.exe  1,008 K 80 K 9048 (Verified) Intel Corporation - Intel® Management Engine Firmware
InstallAgentUserBroker.exe  1,896 K 3,772 K 9704 (Verified) Microsoft Windows
InstallAgent.exe  2,112 K 5,356 K 11812 (Verified) Microsoft Windows
ijplmsvc.exe  1,212 K 1,044 K 3680 (Verified) Canon Inc.
igfxHK.exe  2,336 K 3,044 K 3588 (Verified) Intel Corporation - pGFX
igfxEM.exe  3,320 K 6,148 K 9528 (Verified) Intel Corporation - pGFX
igfxCUIService.exe  2,384 K 3,824 K 2312 (Verified) Intel Corporation - pGFX
IAStorDataMgrSvc.exe  31,252 K 21,296 K 8956 (Verified) Intel Corporation - Rapid Storage Technology
HPWMISVC.exe  1,284 K 1,388 K 3692 (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe  30,060 K 10,760 K 8736 (Verified) HP Inc.
hpservice.exe  1,016 K 136 K 2548 (Verified) HP Inc.
hpqwmiex.exe  1,884 K 2,352 K 8540 (Verified) Hewlett-Packard Company
HP3DDGService.exe  632 K 100 K 2556 (Verified) HP Inc.
HeciServer.exe  1,508 K 844 K 3656 (No signature was present in the subject) Intel® Corporation
fontdrvhost.exe  4,508 K 8,428 K 10908 
fontdrvhost.exe  1,936 K 368 K 636 
escsvc64.exe  1,484 K 4,308 K 3700 (Verified) SEIKO EPSON Corporation
EPCP.exe  10,580 K 13,656 K 3640 (Verified) SEIKO EPSON CORPORATION
dllhost.exe  2,472 K 11,224 K 12996 (Verified) Microsoft Windows
conhost.exe  1,244 K 788 K 3120 
conhost.exe  1,400 K 1,708 K 2672 (Verified) Microsoft Windows
ClientCore.exe  21,060 K 46,948 K 1856 (Verified) Softex Incorporated
ApplicationFrameHost.exe  20,452 K 28,028 K 4896 (Verified) Microsoft Windows
 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,913 posts
  • MVP

Looks OK except you have McAfee installed. 

 

Let's look at your event logs:

 

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

 

Let's look at your system health:

 

Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0

#5
rpschultz9

rpschultz9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Okay. Thanks. Here are the two files you requested. Also, what anti-virus software do you recommend if not McAfee?

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 22/11/2017 12:24:37 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/10/2017 5:49:59 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 01/09/2017 1:56:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/11/2017 6:52:01 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {53362C32-A296-4F2D-A2F8-FD984D08340B}  and APPID  {53362C32-A296-4F2D-A2F8-FD984D08340B}  to the user Robert\Robert SID (S-1-5-21-363467306-1127443218-308174236-1004) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 22/11/2017 4:39:07 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 22/11/2017 4:38:26 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 22/11/2017 4:32:44 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user Robert\Robert SID (S-1-5-21-363467306-1127443218-308174236-1004) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 22/11/2017 3:58:22 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.

Log: 'System' Date/Time: 22/11/2017 3:49:46 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 22/11/2017 3:07:07 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PAULAS-PC17 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 22/11/2017 4:27:17 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 21/11/2017 3:58:22 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.

Log: 'System' Date/Time: 21/11/2017 2:55:39 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 21/11/2017 2:50:58 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PAULAS-PC17 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 20/11/2017 9:07:34 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 20/11/2017 3:58:22 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.

Log: 'System' Date/Time: 20/11/2017 3:27:58 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 19/11/2017 10:51:05 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 19/11/2017 4:01:39 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 19/11/2017 3:58:23 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.

Log: 'System' Date/Time: 18/11/2017 9:59:25 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 18/11/2017 7:08:56 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 18/11/2017 3:58:23 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Interactive Services Detection service terminated with the following error:  Incorrect function.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/11/2017 7:19:38 PM
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\PAULAS-PC17 on the network \Device\NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}.    Browser master: \\PAULAS-PC17  Network: \Device\NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 22/11/2017 7:01:49 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name client.wns.windows.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/11/2017 3:08:56 PM
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\PAULAS-PC17 on the network \Device\NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}.    Browser master: \\PAULAS-PC17  Network: \Device\NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 21/11/2017 10:00:16 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name client.wns.windows.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/11/2017 3:49:20 PM
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\PAULAS-PC17 on the network \Device\NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}.    Browser master: \\PAULAS-PC17  Network: \Device\NetBT_Tcpip_{3F2208B2-5889-4A9C-A52B-BA6FEDB88AD1}    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 20/11/2017 3:32:56 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/11/2017 3:31:15 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name evoke-windowsservices-tas.msedge.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/11/2017 3:20:20 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name settings-win.data.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/11/2017 1:04:43 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name settings-win.data.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 19/11/2017 6:03:46 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 0 seconds since the last report.

Log: 'System' Date/Time: 19/11/2017 6:03:46 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 0 seconds since the last report.

Log: 'System' Date/Time: 19/11/2017 6:03:46 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 0 seconds since the last report.

Log: 'System' Date/Time: 19/11/2017 6:03:46 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 0 seconds since the last report.

Log: 'System' Date/Time: 18/11/2017 9:16:31 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name PAULAS-PC17 timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/11/2017 5:15:25 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name crl.comodoca.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 9:48:39 PM
Type: Warning Category: 0
Event: 4101 Source: Display
Display driver igfx stopped responding and has successfully recovered.

 

 

Here is the Second one:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 22/11/2017 12:31:56 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/11/2017 7:19:27 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:27 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:27 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:27 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1

Log: 'Application' Date/Time: 22/11/2017 7:19:27 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=21, authorId=311, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=21, authorId=311, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1

Log: 'Application' Date/Time: 22/11/2017 7:19:23 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=21, authorId=311, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:22 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:22 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:22 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Log: 'Application' Date/Time: 22/11/2017 7:19:22 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1

Log: 'Application' Date/Time: 22/11/2017 7:19:22 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path validation failed. Error: typeId=21, authorId=311, vendorId=0, vendorType=0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/11/2017 6:41:59 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (1312) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 22/11/2017 6:41:59 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (1312) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/20/2017 20:50:29.252 Rand:1359432647 Computer:] [SignFmHdrFromFm:Create time:11/20/2017 20:55:29.891 Rand:3603932437 Computer:]

Log: 'Application' Date/Time: 22/11/2017 4:36:40 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (14844) WebCacheLocal: The shadow header page of file C:\Users\Robert\AppData\Local\Microsoft\Windows\WebCache\V01.chk was damaged. The primary header page (4096 bytes) was used instead.

Log: 'Application' Date/Time: 21/11/2017 2:52:40 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (1240) WebCacheLocal: The shadow header page of file C:\Users\Robert\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.

Log: 'Application' Date/Time: 20/11/2017 8:50:28 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (12996) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 20/11/2017 8:50:28 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (12996) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/18/2017 18:20:37.106 Rand:2709464069 Computer:] [SignFmHdrFromFm:Create time:11/18/2017 18:25:41.083 Rand:2796595869 Computer:]

Log: 'Application' Date/Time: 18/11/2017 6:15:09 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (12292) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 18/11/2017 6:15:09 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (12292) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/18/2017 15:59:48.730 Rand:1733799755 Computer:] [SignFmHdrFromFm:Create time:11/18/2017 16:09:50.492 Rand:2542591303 Computer:]

Log: 'Application' Date/Time: 18/11/2017 3:59:47 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (12292) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 18/11/2017 3:59:47 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (12292) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/14/2017 22:39:14.333 Rand:2799107254 Computer:] [SignFmHdrFromFm:Create time:11/14/2017 22:49:16.142 Rand:1969999612 Computer:]

Log: 'Application' Date/Time: 15/11/2017 7:36:21 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.

Log: 'Application' Date/Time: 15/11/2017 7:24:10 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe' (pid 9204) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 14/11/2017 10:39:14 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (9304) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 14/11/2017 10:39:14 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (9304) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/14/2017 18:57:30.627 Rand:1659730613 Computer:] [SignFmHdrFromFm:Create time:11/14/2017 19:07:30.461 Rand:4265784493 Computer:]

Log: 'Application' Date/Time: 14/11/2017 6:57:29 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (9304) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 14/11/2017 6:57:29 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (9304) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/12/2017 22:47:58.180 Rand:2899845745 Computer:] [SignFmHdrFromFm:Create time:11/12/2017 22:53:04.144 Rand:1949789669 Computer:]

Log: 'Application' Date/Time: 12/11/2017 10:47:58 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (14840) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 12/11/2017 10:47:58 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (14840) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/12/2017 16:22:43.171 Rand:1636428194 Computer:] [SignFmHdrFromFm:Create time:11/12/2017 16:27:44.765 Rand:3055920062 Computer:]

Log: 'Application' Date/Time: 12/11/2017 4:22:42 PM
Type: Warning Category: 1
Event: 636 Source: ESENT
DllHost (14840) Internet_NOEDP_LEGACY_IDB: Flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm" will be deleted. Reason: ReadHdrFailed.

Log: 'Application' Date/Time: 12/11/2017 4:22:42 PM
Type: Warning Category: 1
Event: 640 Source: ESENT
DllHost (14840) Internet_NOEDP_LEGACY_IDB: Error -1919 validating header page on flush map file "C:\Users\Robert\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.jfm". The flush map file will be invalidated.  Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:11/11/2017 19:50:19.094 Rand:3882409403 Computer:] [SignFmHdrFromFm:Create time:11/11/2017 19:54:42.611 Rand:2721730360 Computer:]

 

Thanks again


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,913 posts
  • MVP

Still waiting on the speccy log.

Copy the next two lines:

 

reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods" /s > \junk.txt

notepad \junk.txt

 

 

Start, All Programs, Accessories then right click on Command Prompt and Run As Admin.

 

Right click and Paste (or edit then Paste).  Hit Enter if Notepad does not open,  Copy and paste the text into a reply.


  • 0

#7
rpschultz9

rpschultz9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

here's the H_Key stuff. Scacey txt file is also attached - if I did it right  :)  Thanks for doing all this - This is all WAY above what I know how to do.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311
    Name    REG_SZ    Microsoft

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\18
    PeerConfigUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerDllPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimAuth.dll
    PeerFriendlyName    REG_SZ    @%SystemRoot%\System32\SimAuth.dll,-1001
    PeerIdentityPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerInteractiveUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerInvokePasswordDialog    REG_DWORD    0x0
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerRequireConfigUI    REG_DWORD    0x1
    Properties    REG_DWORD    0x166c48be
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...Config"><EapSim xmlns="http://www.microsoft...iderName><Realm Enabled="true"></Realm></EapSim></Config></EapHostConfig></EAPConfig></OneX></security></MSM></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21
    PeerConfigUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\TtlsCfg.dll
    PeerDllPath    REG_EXPAND_SZ    %SystemRoot%\System32\TtlsAuth.dll
    PeerFriendlyName    REG_SZ    @%SystemRoot%\System32\TtlsCfg.dll,-1001
    PeerIdentityPath    REG_EXPAND_SZ    %SystemRoot%\System32\TtlsCfg.dll
    PeerInteractiveUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\TtlsCfg.dll
    PeerInvokePasswordDialog    REG_DWORD    0x0
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerRequireConfigUI    REG_DWORD    0x1
    Properties    REG_DWORD    0x173cd8af

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth\1025
    FriendlyName    REG_EXPAND_SZ    @%SystemRoot%\system32\TtlsCfg.dll,-3000
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...onfig"><EapTtls xmlns="http://www.microsoft...M></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth\1026
    FriendlyName    REG_EXPAND_SZ    @%SystemRoot%\system32\TtlsCfg.dll,-3001
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...onfig"><EapTtls xmlns="http://www.microsoft...M></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth\1027
    FriendlyName    REG_EXPAND_SZ    @%SystemRoot%\system32\TtlsCfg.dll,-3002
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...onfig"><EapTtls xmlns="http://www.microsoft...M></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth\1028
    FriendlyName    REG_EXPAND_SZ    @%SystemRoot%\system32\TtlsCfg.dll,-3003
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...onfig"><EapTtls xmlns="http://www.microsoft...M></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth\13
    FriendlyName    REG_EXPAND_SZ    @%SystemRoot%\system32\rastls.dll,-2001
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...onfig"><EapTtls xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...ostConfig"><Eap xmlns="http://www.microsoft...</Type><EapType xmlns="http://www.microsoft...erverValidation xmlns="http://www.microsoft...cceptServerName xmlns="http://www.microsoft...M></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21\WLANProfileCreationUXAuth\26
    FriendlyName    REG_EXPAND_SZ    @%SystemRoot%\system32\raschap.dll,-2002
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...onfig"><EapTtls xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...ostConfig"><Eap xmlns="http://www.microsoft...</Type><EapType xmlns="http://www.microsoft...M></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\23
    PeerConfigUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerDllPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimAuth.dll
    PeerFriendlyName    REG_SZ    @%SystemRoot%\System32\SimAuth.dll,-1002
    PeerIdentityPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerInteractiveUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerInvokePasswordDialog    REG_DWORD    0x0
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerRequireConfigUI    REG_DWORD    0x1
    Properties    REG_DWORD    0x166c48be
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...Config"><EapAka xmlns="http://www.microsoft...iderName><Realm Enabled="true"></Realm></EapAka></Config></EapHostConfig></EAPConfig></OneX></security></MSM></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254\14122

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254\14122\1
    PeerDllPath    REG_EXPAND_SZ    %SystemRoot%\System32\WcnEapPeerProxy.dll
    PeerFriendlyName    REG_SZ    Windows Connect Now EAP Peer
    PeerInvokePasswordDialog    REG_DWORD    0x0
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerRequireConfigUI    REG_DWORD    0x1
    Properties    REG_DWORD    0x848000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\50
    PeerConfigUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerDllPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimAuth.dll
    PeerFriendlyName    REG_SZ    @%SystemRoot%\System32\SimAuth.dll,-1003
    PeerIdentityPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerInteractiveUIPath    REG_EXPAND_SZ    %SystemRoot%\System32\SimCfg.dll
    PeerInvokePasswordDialog    REG_DWORD    0x0
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerRequireConfigUI    REG_DWORD    0x1
    Properties    REG_DWORD    0x166c48be
    WLANProfileTemplate    REG_SZ    <?xml version="1.0"?><WLANProfile xmlns="http://www.microsoft...ncryption><OneX xmlns="http://www.microsoft...><EapHostConfig xmlns="http://www.microsoft...EapMethod><Type xmlns="http://www.microsoft.../Type><VendorId xmlns="http://www.microsoft...rId><VendorType xmlns="http://www.microsoft...rType><AuthorId xmlns="http://www.microsoft...pMethod><Config xmlns="http://www.microsoft...g"><EapAkaPrime xmlns="http://www.microsoft...iderName><Realm Enabled="true"></Realm></EapAkaPrime></Config></EapHostConfig></EAPConfig></OneX></security></MSM></WLANProfile>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9
    (Default)    REG_EXPAND_SZ    Cisco

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\17
    PeerDllPath    REG_EXPAND_SZ    C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
    PeerFriendlyName    REG_SZ    @C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll,-117
    Properties    REG_DWORD    0x32c406e
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerInvokePasswordDialog    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\25
    PeerDllPath    REG_EXPAND_SZ    C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
    PeerFriendlyName    REG_SZ    @C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll,-119
    Properties    REG_DWORD    0x173cd9ff
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerInvokePasswordDialog    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\43
    PeerDllPath    REG_EXPAND_SZ    C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
    PeerFriendlyName    REG_SZ    @C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll,-30119
    Properties    REG_DWORD    0x173ef9ff
    PeerInvokeUsernameDialog    REG_DWORD    0x0
    PeerInvokePasswordDialog    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\43\UserData

 

 


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,913 posts
  • MVP

I deleted your speccy log.  You forgot to clear the serial number.  No need to repost but do check speccy and see if this number is changing:

 

BB
                                            Attribute name    Reported Uncorrectable Errors
                                            Real value    393,216
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000060000
                                            Status    Good

 

This is in your hard drive info.  The rest looks good but I don't like the above.  It should be 0

 

 

Copy the next 5 lines:

 

reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9"
reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\21"
reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254"
sc config UI0Detect start= demand

for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"

 

Open an Elevated Command Prompt:

win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if the prompt does not return.  You will get a few errors from the last line but ignore them.

 

 

 

 

 

 

To disable NetBIOS over TCP/IP support
  1. From the Network and Dial-up Connections icon in Control Panel , select Local Area Connection and right-click Properties .
  2. On the General tab, click Internet Protocol (TCP/IP) in the list of components, and click the Properties button.
  3. Click the Advanced button.
  4. Click the WINS tab.

Video of the procedure at:

 

 

We want to Disable NetBios over TCPIP so make sure you check the appropriate box then OK.

 

 

 

Basically, we noted down the exact model name of and then removed both the NVIDIA and Intel display drivers, by going to Device Manager, right clicking and selecting "Uninstall". Check the box that says 'delete these drivers from the system'.

Then, we restarted the laptop. After restarting, we download the drivers from the official vendor website (that is, Intel and NVIDIA, not the Dell website) and installed those drivers.

 

I want to do the above to take care of this errors:

 

Event: 4101 Source: Display
Display driver igfx stopped responding and has successfully recovered.

 

 

This one is important since it causes the system to freeze for a few seconds while the driver restarts.

 

So we need to open device manager:

 

https://www.isunshar...windows-10.html

 

Then find Display Adapters and click on the arrow in front to open it up.  You should see two drivers.  One from Intel and one from nvidia. 

 Right click on one and select properties then click on the Details tab.  Change Property to Hardware IDs.  Click on the top one then right click and copy.  Paste that into a reply.  Repeat for the other one.

 

The next step is to identify and download the drivers from intel and Nvidia but I will have to do that.

 

 

 

The next one is a bit of a problem. 

 

 

Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

Log: 'System' Date/Time: 17/11/2017 11:53:50 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 92683 seconds since the last report.

 

 

There are two reasons for these alarms.  The most common is overheating.  CPUs will slow down to protect themselves when they get hot.  Speccy is not reliable but it claims you are running a bit hot.  Let's get a second opinion:

http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  What does it show for System or CPU when the PC is idle?  Watch a video or do an anti-virus scan.  What does it say after about 10 minutes?

 

Another possibility is down in the BIOS setup.  Some PCs have an option to save power or run more quietly and this can get activated and slow things down.  When your PC boots it should tell you how to get into the BIOS/CMOS setup.  IF not tell me the make and model.  Poke around in setup and see if you have anything that looks like it wants to make it run quieter or use less power and turn it off.  Save and Exit.

 

Reboot

 

Run VEW again and before and post both logs.


  • 0

#9
rpschultz9

rpschultz9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Intel = PCI\VEN_8086&DEV_0A16&SUBSYS_2281103C&REV_0B

NVidia = PCI\VEN_10DE&DEV_1340&SUBSYS_2281103C&REV_A2

 

I don't know if I did this right but, the temp was 44C to start - I ran a virus scan for 15 minutes and opened and worked on a learn Spanish program at the same time and it jumped to 55C then went back to 48C after a few minutes. But I noticed it jumped up to between 48 and 52 after that.

 

I'd rather not "Poke around" in the Bios.

 

What anti-virus program do you recommend?
 


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,913 posts
  • MVP

The first one is Intel HD Graphics Driver.  Intel doesn't make it easy to tell which one you need so best to use their tool to identify it:

 

https://www.intel.co...tml?iid=dc_iduu

 

Then under:

 

Intel® Driver & Support Assistant (Intel® DSA)

 

click on Download now it should lead you through the procedure to get the latest driver.

 

 

The second one is:

 

NVIDIA GeForce 830M

 

http://www.nvidia.co...px/126907/en-us

 

Doesn't appear to be a heat problem.

 

When I say poke around I mean just look and see what your options are.  When you exit from the setup you have an option to Save and Exit or just Exit without saving.  If you find something that looks like it might apply let me know.  IF we do make a change and it doesn't work for you then you can go back in and change it back.

 

 

 

As for anti-viruses:

For free:  the free Avast

 

For pay:  Kaspersky or Bitdefender

 

I would suggest you download the free avast first, uninstall McAfee, run the removal tool then reboot, install the free Avast.  (Stick with the Basic program and don't let them talk you in to the trial version.).  Once you get it installed and updated then let it do a boot-time scan:

 

It takes like 6 hours so I usually let it run at night.


Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP