Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Programs take forever to open and often lockup


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,672 posts
  • MVP

I think we need to try
Windows Repair all in one

http://www.tweaking....all_in_one.html

Download it and save it then run it.

You can skip to step 4 or 5 where it gives you the same picture as in the above link.
They now offer some preset options.  You can choose any of them then go in an uncheck the ones we don't need and
Make sure just these are checked before hitting Start:


Register System Files
Repair WMI

Remove Policies Set By Infections
Remove Temp Files
Repair Windows Updates

Reboot when done and run VEW again as before.


  • 0

Advertisements


#17
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Malwarebytes does not want to allow Tweaking.com to download.  Presumably it's safe! How do I force it to allow the download?

 

delboy


  • 0

#18
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Sorry for last post, read a bit further and excluded majorgeeks.com from MBAM.  Download ok now but the screens of Tweaking.com don't seem to agree with your description.  Can you elaborate please?

 

delboy


  • 0

#19
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Hi RKinner

Finally sorted how to use tweaking.com.

Here are the VEW results.

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 20/03/2018 20:03:27

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/03/2018 19:56:32
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/03/2018 19:55:44
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {B77C4C36-0154-4C52-AB49-FAA03837E47F} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 20/03/2018 19:53:54
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 20/03/2018 19:31:07
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Dell Data Vault Service API service depends on the Dell Data Vault Collector service which failed to start because of the following error:  The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2018 19:29:22
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2018 19:29:22
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 20/03/2018 19:29:21
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

Log: 'System' Date/Time: 20/03/2018 19:29:20
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Log: 'System' Date/Time: 20/03/2018 19:29:07
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load:  aswArPot aswbidsdriver aswbidsh aswblog aswbuniv aswHdsKe aswKbd aswRvrt aswSnx aswSP aswVmm discache ESProtectionDriver spldr Wanarpv6

Log: 'System' Date/Time: 20/03/2018 18:59:51
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 20.

Log: 'System' Date/Time: 20/03/2018 18:24:59
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 19/03/2018 16:40:52
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {B77C4C36-0154-4C52-AB49-FAA03837E47F}  and APPID  {EA022610-0748-4C24-B229-6C507EBDFDBB}  to the user Del-PC\Del SID (S-1-5-21-2568410734-3031030142-1223416489-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/03/2018 16:26:50
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 19/03/2018 16:12:27
Type: Error Category: 0
Event: 9 Source: iaStorV
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 19/03/2018 16:09:27
Type: Error Category: 0
Event: 9 Source: iaStorV
The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Log: 'System' Date/Time: 19/03/2018 15:56:11
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 20.

Log: 'System' Date/Time: 18/03/2018 17:17:42
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 18/03/2018 16:49:36
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 20.

Log: 'System' Date/Time: 18/03/2018 16:22:51
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 20.

Log: 'System' Date/Time: 18/03/2018 12:08:04
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {B77C4C36-0154-4C52-AB49-FAA03837E47F}  and APPID  {EA022610-0748-4C24-B229-6C507EBDFDBB}  to the user Del-PC\Del SID (S-1-5-21-2568410734-3031030142-1223416489-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 18/03/2018 12:06:08
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {B77C4C36-0154-4C52-AB49-FAA03837E47F}  and APPID  {EA022610-0748-4C24-B229-6C507EBDFDBB}  to the user Del-PC\Del SID (S-1-5-21-2568410734-3031030142-1223416489-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/03/2018 19:57:30
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name keystone.mwbsys.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/03/2018 19:57:09
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dnsproxy.ff.avast.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/03/2018 19:56:45
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 20/03/2018 19:56:34
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 20/03/2018 19:53:12
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 20/03/2018 19:53:01
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 20/03/2018 19:44:19
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 20/03/2018 19:44:08
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 20/03/2018 19:29:07
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 20/03/2018 19:29:07
Type: Warning Category: 0
Event: 2512 Source: Server
The server service was unable to change the domain name from WORKGROUP to WORKGROUP.

Log: 'System' Date/Time: 20/03/2018 19:28:55
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 20/03/2018 16:15:38
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 20/03/2018 16:15:37
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 19/03/2018 15:23:20
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 19/03/2018 15:23:19
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 19/03/2018 09:51:25
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 19/03/2018 09:51:23
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 18/03/2018 16:23:28
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name adaptv-match.dotomi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/03/2018 15:28:42
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 18/03/2018 15:28:40
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 20/03/2018 20:09:03

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/03/2018 19:41:50
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\PROGRAM FILES\DELL\DELLDATAVAULT\DDVCLEAN.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 20/03/2018 19:41:50
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\PROGRAM FILES\DELL\DELLDATAVAULT\DDVCLEANALERT.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 20/03/2018 19:41:50
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\PROGRAM FILES\DELL\DELLDATAVAULT\DDVALERT.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 20/03/2018 19:41:50
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\PROGRAM FILES\DELL\DELLDATAVAULT\DDVSUMMARY.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 20/03/2018 19:41:49
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 20/03/2018 19:41:46
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF while recovering .MOF file marked with autorecover.

Log: 'Application' Date/Time: 20/03/2018 16:39:10
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: mbam.exe, version: 3.0.0.1284, time stamp: 0x5a15ab42 Faulting module name: omint.dll, version: 5.5.2809.0, time stamp: 0x36dcb151 Exception code: 0xc0000005 Fault offset: 0x00008e0d Faulting process id: 0x544 Faulting application start time: 0x01d3c06993f6cc99 Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Faulting module path: C:\Program Files\Common Files\System\MAPI\1033\nt\omint.dll Report Id: 366c111b-2c5d-11e8-b468-0024e811b7db

Log: 'Application' Date/Time: 19/03/2018 11:49:15
Type: Error Category: 0
Event: 0 Source: SupportAssistAgent
An exception occurred in session change of service start: Object reference not set to an instance of an object.

Log: 'Application' Date/Time: 19/03/2018 10:01:16
Type: Error Category: 0
Event: 0 Source: SupportAssistAgent
An exception occurred in session change of service start: Object reference not set to an instance of an object.

Log: 'Application' Date/Time: 19/03/2018 10:01:14
Type: Error Category: 0
Event: 0 Source: SupportAssistAgent
An exception occurred in session change of service start: Object reference not set to an instance of an object.

Log: 'Application' Date/Time: 17/03/2018 15:05:38
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-73ba25e7.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-73ba25e7.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:38
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b44af030.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b44af030.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:38
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b279e51c.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b279e51c.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:38
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-fe97c382.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-fe97c382.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:38
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-edcdb203.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-edcdb203.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:09
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-fe97c382.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-fe97c382.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:09
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-73ba25e7.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-73ba25e7.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:09
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b279e51c.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b279e51c.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:09
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-edcdb203.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-edcdb203.exe" on line 0. Invalid Xml syntax.

Log: 'Application' Date/Time: 17/03/2018 15:05:09
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b44af030.exe".Error in manifest or policy file "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b44af030.exe" on line 0. Invalid Xml syntax.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/03/2018 19:52:27
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   2 user registry handles leaked from \Registry\User\S-1-5-21-2568410734-3031030142-1223416489-1001:
Process 1236 (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001
Process 1236 (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001

Log: 'Application' Date/Time: 20/03/2018 19:43:50
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 20/03/2018 19:43:49
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 20/03/2018 19:42:45
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, OffProv12, has been registered in the Windows Management Instrumentation namespace Root\MSAPPS12 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:45
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, OffProv12, has been registered in the Windows Management Instrumentation namespace Root\MSAPPS12 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:43
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, SystemConfigurationChangeEvents, has been registered in the Windows Management Instrumentation namespace Root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:43
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, SystemConfigurationChangeEvents, has been registered in the Windows Management Instrumentation namespace Root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:43
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, VolumeChangeEvents, has been registered in the Windows Management Instrumentation namespace Root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:43
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, VolumeChangeEvents, has been registered in the Windows Management Instrumentation namespace Root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:42
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, MS_Power_Management_Event_Provider, has been registered in the Windows Management Instrumentation namespace Root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:42
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, MS_Power_Management_Event_Provider, has been registered in the Windows Management Instrumentation namespace Root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:41
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ActiveScriptEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:41
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ActiveScriptEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:41
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, CommandLineEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:41
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, CommandLineEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:41
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, LogFileEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:41
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, LogFileEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:40
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, HiPerfCooker_v1, has been registered in the Windows Management Instrumentation namespace Root\WMI to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:40
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, HiPerfCooker_v1, has been registered in the Windows Management Instrumentation namespace Root\WMI to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/03/2018 19:42:39
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ActiveScriptEventConsumer, has been registered in the Windows Management Instrumentation namespace root\subscription to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,672 posts
  • MVP

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

 

Run vew again as before.

 

I am seeing problems with iastor.

 

This is an intel driver that talks to the hard drive.  I expect it's causing the delays and hangs.  See if you can find it in device manager (View, Show Hidden Drivers) and right click and Uninstall then reboot.  That should cause it to reinstall and perhaps it will work a bit better.  There is probably a newer version of it somewhere.


  • 0

#21
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Hi RKinner

 

Here are the results from the two VEW runs.

I will look into iastor and advise

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 21/03/2018 15:41:47

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 21/03/2018 15:43:00

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

delboy


  • 0

#22
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Sorry, cannot find iastor in Device Manager or find a newer version with Google.

 

Any further advice?

 

delboy


  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,672 posts
  • MVP

Did you forget to reboot before running VEW?

 

iastor is:

Intel® Rapid Storage Technology

https://downloadcent...logy-Intel-RST-

 

Note that there are several versions of each download.  You have to read the notes to know which one to choose but the good news is that the download won't install if it is the wrong one. 

 

You will probably need the older version:

 

https://downloadcent...face-and-Driver


  • 0

#24
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Hi RKinner

 

Here are the VEW results after restart

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 22/03/2018 18:19:31

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/03/2018 18:16:12
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01.

Log: 'System' Date/Time: 22/03/2018 18:16:00
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 22/03/2018 18:13:20
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ds.download.windowsupdate.com timed out after none of the configured DNS servers responded.

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 22/03/2018 18:21:12

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/03/2018 18:13:07
Type: Error Category: 0
Event: 0 Source: SupportAssistAgent
An exception occurred in session change of service start: Object reference not set to an instance of an object.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/03/2018 18:14:43
Type: Warning Category: 1
Event: 1020 Source: ASP.NET 4.0.30319.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.

Log: 'Application' Date/Time: 22/03/2018 18:14:01
Type: Warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{00010409-78E1-11D2-B60F-006097C998E7}', feature 'OUTLOOKNonBootFiles' failed during request for component '{AC67F250-273A-11D2-AA86-00A0C90F57B0}'

Log: 'Application' Date/Time: 22/03/2018 18:14:01
Type: Warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{00010409-78E1-11D2-B60F-006097C998E7}', feature 'OUTLOOKNonBootFiles', component '{8ADD2C9C-C8B7-11D1-9C67-0000F81F1B38}' failed.  The resource 'HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Outlook\UserData' does not exist.

Log: 'Application' Date/Time: 22/03/2018 18:13:53
Type: Warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{00010409-78E1-11D2-B60F-006097C998E7}', feature 'ProductNonBootFiles' failed during request for component '{6CAD4510-AE48-11D1-96A2-0080C728108A}'

Log: 'Application' Date/Time: 22/03/2018 18:13:53
Type: Warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{00010409-78E1-11D2-B60F-006097C998E7}', feature 'ProductNonBootFiles', component '{4A31E933-6F67-11D2-AAA2-00A0C90F57B0}' failed.  The resource 'HKEY_CURRENT_USER\Software\ODBC\ODBC.INI\MS Access Database\' does not exist.

Log: 'Application' Date/Time: 22/03/2018 18:12:35
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   11 user registry handles leaked from \Registry\User\S-1-5-21-2568410734-3031030142-1223416489-1001:
Process 1220 (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001
Process 1220 (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Microsoft\SystemCertificates\trust
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Microsoft\SystemCertificates\Root
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Microsoft\SystemCertificates\My
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Microsoft\SystemCertificates\CA
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Policies\Microsoft\SystemCertificates
Process 2908 (\Device\HarddiskVolume1\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Policies\Microsoft\SystemCertificates

 

I'm a bit concerned about installing the Intel RST driver as it warns to use the manufacturer specific (Dell) version. There doesn't seem to be an updated one available, or identified in Device manager.

What to do?

 

delboy


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,672 posts
  • MVP
Log: 'System' Date/Time: 22/03/2018 18:16:12
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&3557e4fb&0&01

 

.

Usually a simple change to the service will fix this.  Search for

 

services.msc

hit Enter.  This should bring up the service menu.

 

Scroll down to

 

Windows Driver Foundation - User-mode Driver Framework Service

 

right click and select Properties.  Change the Startup Type from Manual to Automatic.  OK. 

 

Log: 'Application' Date/Time: 22/03/2018 18:13:07
Type: Error Category: 0
Event: 0 Source: SupportAssistAgent
An exception occurred in session change of service start: Object reference not set to an instance of an object.

 

 

 

 

Dell Support Assist is still causing problems.  If you have uninstalled it then go back into the services menu and see if it still shows up as Dell Support Assist or just plain Support Assist.  Right click and select Properties then change the Startup Type: to Disabled.  Apply.

 

 

I would set a restore point before trying to install iastor update then if something goes wrong you can get back to where you were. but the fact that Dell doesn't offer a version implies they haven't modified it any.


  • 0

Advertisements


#26
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

hi RKinner

 

Have made the two changes in services.msc

 

Still not sure about the driver update, will dig into it and let you know result

 

delboy


  • 0

#27
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Hi RKinner

 

Back again!

I have completed the iastorV driver uninstall and auto reinstall as suggested in #20.

 

Is there a check to see if its made any improvement, before replacing the driver?

I am still a bit concerned which new driver I should use.

 

delboy


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,672 posts
  • MVP

Run it for a while and if you get a hangup or stall then run VEW and see if you see any reference to iastor


  • 0

#29
70delboy

70delboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 165 posts

Hi RKinner

 

Have done as you suggested.  No major problems, although today while MSN was opening it complained that a 'slow running script' was causing it to run slow. MSN then stopped responding and had to be shut down and restarted. 

 

Apart from that the PC seems more responsive.

 

Unless you have ant further suggestions I think that's as good as it gets!

 

Thanks for your help.

delboy


  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,672 posts
  • MVP

Which browser were you using for MSN?

 

IF IE get adblockplus.  https://adblockplus.org/It's a program you have to download and install.

 

For Firefox try ublock origin extension.

 

These will cut down on the number of ads and perhaps make some sites load faster.

 

Time to clean up:
IF we used a fixlist in FRST to clean your PC:
To delete the Quarantine Folder used by FRST create a fixlist.txt file with just the following line:

DeleteQuarantine:

Save the fixlist.txt to the same folder as FRST then run FRST and hit Fix.  You can easily delete any other folders and logs.
Otherwise just delete any files and logs from FRST.
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.


If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..

If you use Facebook you need FB Purity: http://www.fbpurity.com/
To prevent a relatively new phishing attack:  In Firefox, type:

about:config

in the URL box and hit Enter.  You should get a new page of options (if you get a notice about voiding the warranty just cancel the warning).  In the Search box put in

puny

You should only get 2 options:
"network.IDN_show_punycode"
We want it to say True but by default it is False so double click on it to toggle from False to True.
 "network.standard-url.punycode-host" Leave this one at default of Flase.
Close and restart firefox.

To test it you can go to:

https://www.xn--80ak6aa92e.com/

If the value is false you will see https://www.apple.cominstead of the correct value


If you are a Facebook user get the FB Purity extension for your browser:
http://www.fbpurity.com/
This will stop all of the suggested pages and ads so that Facebook loads much quicker.


Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

CryptoPrevent

https://www.foolishi...tion/#gsc.tab=0


The free version does not update on its own so you should check for updated versions once in a while. When you install it the default is NONE which is kind of worthless so change it to Standard or default. If you have problems after installing CryptoPrevent you can just uninstall it.

If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.

Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.


Recommended software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Medi Player it never seems to need extra files to work.
Photo organizer and editor:  Google's Picasa.  While it has been discontinued by Google you can still get it at:
http://techfilehippo...-free-download/
Office like free program:  Open Office: https://www.openoffice.org/download/
or
LibreOffice: https://www.libreoffice.org/
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
http://www.resplendence.com/downloads
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo.com/download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
http://www.filehippo...nload_speedfan/
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.
Download Flash and Video.  To save flash video.  Works with Firefox.  https://addons.mozil...lash-and-video/

Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.
Seagate hard drives.  If you have one it's going to fail on you so backup your data now!


Ron


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP