Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Random Browser dropouts especially on startup & eventviewer proble


  • Please log in to reply

#91
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

I understand, but the date modified for the file is ‎26 ‎November ‎2019, ‏‎22:44:13. So it couldn't be up to date because it wasn't modified today.

Hence, it seems it couldn't possibly cause the network delay.

But if I've attached the file if you believe we must look at it.

setupapi.app.log


  • 0

Advertisements


#92
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

Don't know why it was looking at the file.  I can see where Windows-Repair-All-In-One reregistered a bunch of dlls then it looks like you deleted the network adapter and it reinstalled.

 

Back in the ProMon log I am seeing a loss of a least a second each time it reads that awful hosts file and it does it several times.  Can you uninstall whatever it is that makes the hosts file then verify that the host file is empty except for one or two default entries below some comments?  The file is

C:\Windows\System32\drivers\etc\HOSTS

 

You can edit it by searching for

notepad.exe and then right clicking and Run As Admin.  Then point notepad at C:\Windows\System32\drivers\etc\HOSTS


  • 0

#93
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

Thank you!!!

I don't know why it didn't work the first time when I first disabled the Hosts file before starting this thread, but I just disabled it again

and tried VPN, disabling/re-enabling LAN and then rebooted and found not network delay.

So I then reinstated the Hosts file and the network delay returned.

I tried reducing lines and it turns out that I can have a 14kb Hosts file without network delays, but a 1mb+ hosts files with StevenBlacks enabled was causing network delays. Which sucks because it's a great list and I enabled it to protect me once Windows 7 ESU ends this January.

Now I don't know how to use it or apply it to Ublock/Ghostery/PrivacyBadger. Any ideas?

 

Remaining issues:

Event Viewer Errors remain.

On bootup, MSE still takes time to enable Real Time Protection itself.

The Firefox issues you noticed.


Edited by phickspc, 27 November 2019 - 12:02 PM.

  • 0

#94
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

Which errors are you still seeing?  Need the output from VEW.

 

MSE is from Microsoft so don't expect them to continue updates for Win 7 versions forever.  I will look at the boot proc mon logs and see if I can see what is slowing MSE down but look at your desktop and make sure you don't have it cluttered with icons.  They slow down the boot.  Best to move all of the shortcuts you don't need everyday into separate folder called Shortcuts.  Get autoruns from
http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin.

and uncheck stuff you don't need to have started with every boot.  Winamp loads a lot of files so removing it from the startup mix might help speed things up.  You might look at the free  Avast.  They still support XP so should support Win 7 for a few year more.  (Hint: right click on the Avast icon and select Silent Mode and it won't bother you with offers to upgrade or clean your system.)

 

In Firefox, do you really need all of the comic strip fonts?  No idea why but FF takes a long time loading them each time.  Go through your extensions and see if you really need them enabled all of the time.  Since you are using the portable version of Firefox for some reason the only options for startup are the default and the blank page.  The default page is incredibly busy so very slow loading.  I set mine to the blank page and without any extensions FF loaded in less than 5 seconds.  If you must use the default firefox page uncheck the options to use Pockets and most visited.  I don't see an adblocker in your list of extensions.  Hate to add another one to your mix but it will actually speed up browsing by killing your ads.  I use ublock origin which despite the stupid name is the best around and puts the least load on the browser.  It also maintains a list of bad sites and prevents you from going there.  (I think it's list is 26,000 domains.  Might be an alternative to your ugly hosts file.)


  • 0

#95
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

Thanks for all the suggestions!

Winamp isn't started upon boot, I manually launch it.

I haven't configured any special fonts in Firefox. All I see in Options>Language & Settings>fonts section are default settings.

How do I find these multiple Comic strip fonts that you're seeing in my Firefox?

I already have addons: ublock origin, along with privacy badger, ghostery, netcraft, Decentraleyes.

Aren't most of these adblockers?

 

I'll clear event logs first and then post a VEW log.


  • 0

#96
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

VEW System Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/11/2019 21:24:50
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 27/11/2019 21:06:00
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 40.

Log: 'System' Date/Time: 27/11/2019 21:06:00
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/11/2019 21:08:35
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.Home timed out after none of the configured DNS servers responded.

 

 

VEW Application Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/11/2019 21:11:11
Type: Error Category: 0
Event: 100 Source: RIM MDNS
Client application bug: DNSServiceResolve(Friendly_3F5D409FC2F968AE_F1E26793D882E2D9._bp2p._tcp.local.) active for over two minutes. This places considerable burden on the network.

Log: 'Application' Date/Time: 27/11/2019 21:11:11
Type: Error Category: 0
Event: 100 Source: RIM MDNS
Client application bug: DNSServiceResolve(2cc9cf1832ed28b77460678bb54e13._tunnel._tcp.local.) active for over two minutes. This places considerable burden on the network.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/11/2019 21:24:09
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint 70 04 3c 28 93 39 60 37 92 da 92 8f 73 f5 50 86 60 3f bf 27 is about to expire or already expired.

Log: 'Application' Date/Time: 27/11/2019 21:23:00
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   0 user registry handles leaked from \Registry\User\S-1-5-21-1925592742-456944920-4000667399-1008_Classes:


 


  • 0

#97
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

Here is a screen shot of some of the 'comic strip' fonts:

 

comic.JPG

 

This was created by adding the filter Process Name is firefox.exe then Include.  Add, Apply.  I looked up the first font and it says it was made by Blambot Comic Fonts:

https://www.1001font...chick-font.html

 

Your browser spends a lot of time looking at a long list of sites which I presume is from your history and is used I presume for the stuff on the default firefox home page.

 

http.JPG

 

No idea what "privacy badger, ghostery, netcraft, Decentraleyes." do but it sounds like the old German saying:

If some is good, more is better and too much is just right.

 

 


  • 0

#98
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

I have plenty of fonts in C:/Windows/Fonts. But I don't understand how to stop firefox spending a lot of time looking at them.

Those websites are in my bookmarks. Not sure why it keeps looking at them or how to stop that happening.


  • 0

#99
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

The comic fonts aren't standard so don't know where you got them.

 

Do you perhaps have the sidebar turned on?


  • 0

#100
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

I installed fonts in C:/Windows/Fonts decades ago. But I don't know why they are specifically causing a problem in firefox.

Yes I have sidebar on.


  • 0

Advertisements


#101
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

No idea why firefox likes your fonts but the sidebar is probably the reason it likes your bookmarks.


  • 0

#102
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

I guess it's fine with the sidebar as it doesn't take any less time with sidebar disabled.

Is there anything we can do about the event viewer errors?


  • 0

#103
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

Let's see what we are now getting:

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

 

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 


  • 0

#104
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,997 posts
  • MVP

Also what is

C:\Users\nvadmin\AppData\Local\Research In Motion\BlackBerry 10 Desktop\Logs\PeerToPeer\history\nginx_20190926_00006.log

 

How big is it and why do we have so many logs?  There are multiple logs with just the last number different.

 

Your PeerManager spends a lot of time playing with the logs.


  • 0

#105
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

nginx_20190926_00006.log is 1kb and contains one line:

"2019/09/26 13:07:20 [emerg] 4364#720: bind() to [fd34:7892:cff3:ccbd:3257:9d26:2b82:2e4f]:4487 failed (10049: The requested address is not valid in its context)".

 

The folder it sits in is 100mb. It contains over 15,000 logs. Most of them are 0-1kb. The largest are 100-298kb.

No idea what its purpose is. Oldest files are from 2016, when I bought my Blackberry Classic.

I use Blackberry software for my smartphone but I didn't connect it yesterday, and yet they were generated 6 times for every time I either are re generated logged on or restarted.

 

P.S. The Vew logs you're asking for are in post #96, where I cleared all logs and then proceeded to create the vew logs.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP