You have a Windows Update in progress right now. Let's wait until tomorrow since it's my bedtime. It should be done by then. Then repeat the Latency Monitor. Please only let it run for 20 second. Also give me a screenshot of the processes page with the Hard Pagefaults sorted so the most are at the top.
well...i think i did something bad, having problems
Started by
darkmj16
, Aug 23 2020 08:35 PM
#32
Posted 03 September 2020 - 03:42 PM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
ya that update nvr finished kept getting stuck. its the feature update.
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for 0:00:28 (h:mm:ss) on all processors.
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name: DARK
OS version: Windows 10, 10.0, version 1909, build: 18363 (x64)
Hardware: To Be Filled By O.E.M., To Be Filled By O.E.M.
CPU: AuthenticAMD AMD Ryzen 7 1700 Eight-Core Processor
Logical processors: 16
Processor groups: 1
RAM: 16316 MB total
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed: 30 MHz
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
Highest measured interrupt to process latency (µs): 6181.90
Average measured interrupt to process latency (µs): 24.179134
Highest measured interrupt to DPC latency (µs): 6177.70
Average measured interrupt to DPC latency (µs): 18.548726
_________________________________________________________________________________________________________
REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
Highest ISR routine execution time (µs): 13.780
Driver with highest ISR routine execution time: ntoskrnl.exe - NT Kernel & System, Microsoft Corporation
Highest reported total ISR routine time (%): 0.000524
Driver with highest ISR total time: Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
Total time spent in ISRs (%) 0.000821
ISR count (execution time <250 µs): 1797
ISR count (execution time 250-500 µs): 0
ISR count (execution time 500-1000 µs): 0
ISR count (execution time 1000-2000 µs): 0
ISR count (execution time 2000-4000 µs): 0
ISR count (execution time >=4000 µs): 0
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
Highest DPC routine execution time (µs): 6493.670
Driver with highest DPC routine execution time: Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
Highest reported total DPC routine time (%): 0.257811
Driver with highest DPC total execution time: Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
Total time spent in DPCs (%) 0.349348
DPC count (execution time <250 µs): 31997
DPC count (execution time 250-500 µs): 0
DPC count (execution time 500-10000 µs): 487
DPC count (execution time 1000-2000 µs): 627
DPC count (execution time 2000-4000 µs): 77
DPC count (execution time >=4000 µs): 6
_________________________________________________________________________________________________________
REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
Process with highest pagefault count: avastui.exe
Total number of hard pagefaults 512
Hard pagefault count of hardest hit process: 512
Number of processes hit: 1
_________________________________________________________________________________________________________
PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s): 3.100845
CPU 0 ISR highest execution time (µs): 13.780
CPU 0 ISR total execution time (s): 0.002258
CPU 0 ISR count: 989
CPU 0 DPC highest execution time (µs): 6493.670
CPU 0 DPC total execution time (s): 1.304396
CPU 0 DPC count: 24201
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s): 0.708817
CPU 1 ISR highest execution time (µs): 9.60
CPU 1 ISR total execution time (s): 0.000058
CPU 1 ISR count: 7
CPU 1 DPC highest execution time (µs): 986.780
CPU 1 DPC total execution time (s): 0.028072
CPU 1 DPC count: 808
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s): 0.630117
CPU 2 ISR highest execution time (µs): 11.050
CPU 2 ISR total execution time (s): 0.000555
CPU 2 ISR count: 70
CPU 2 DPC highest execution time (µs): 980.080
CPU 2 DPC total execution time (s): 0.037626
CPU 2 DPC count: 722
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s): 0.539660
CPU 3 ISR highest execution time (µs): 0.0
CPU 3 ISR total execution time (s): 0.0
CPU 3 ISR count: 0
CPU 3 DPC highest execution time (µs): 1.350
CPU 3 DPC total execution time (s): 0.000009
CPU 3 DPC count: 8
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s): 0.559151
CPU 4 ISR highest execution time (µs): 0.0
CPU 4 ISR total execution time (s): 0.0
CPU 4 ISR count: 0
CPU 4 DPC highest execution time (µs): 308.920
CPU 4 DPC total execution time (s): 0.00260
CPU 4 DPC count: 157
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s): 0.706827
CPU 5 ISR highest execution time (µs): 0.0
CPU 5 ISR total execution time (s): 0.0
CPU 5 ISR count: 0
CPU 5 DPC highest execution time (µs): 424.860
CPU 5 DPC total execution time (s): 0.074669
CPU 5 DPC count: 2200
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s): 0.606014
CPU 6 ISR highest execution time (µs): 0.0
CPU 6 ISR total execution time (s): 0.0
CPU 6 ISR count: 0
CPU 6 DPC highest execution time (µs): 411.220
CPU 6 DPC total execution time (s): 0.016305
CPU 6 DPC count: 703
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s): 0.539495
CPU 7 ISR highest execution time (µs): 0.0
CPU 7 ISR total execution time (s): 0.0
CPU 7 ISR count: 0
CPU 7 DPC highest execution time (µs): 213.40
CPU 7 DPC total execution time (s): 0.001220
CPU 7 DPC count: 82
_________________________________________________________________________________________________________
CPU 8 Interrupt cycle time (s): 0.614066
CPU 8 ISR highest execution time (µs): 0.0
CPU 8 ISR total execution time (s): 0.0
CPU 8 ISR count: 0
CPU 8 DPC highest execution time (µs): 379.510
CPU 8 DPC total execution time (s): 0.030204
CPU 8 DPC count: 507
_________________________________________________________________________________________________________
CPU 9 Interrupt cycle time (s): 0.536738
CPU 9 ISR highest execution time (µs): 0.0
CPU 9 ISR total execution time (s): 0.0
CPU 9 ISR count: 0
CPU 9 DPC highest execution time (µs): 20.30
CPU 9 DPC total execution time (s): 0.000038
CPU 9 DPC count: 14
_________________________________________________________________________________________________________
CPU 10 Interrupt cycle time (s): 0.639950
CPU 10 ISR highest execution time (µs): 0.0
CPU 10 ISR total execution time (s): 0.0
CPU 10 ISR count: 0
CPU 10 DPC highest execution time (µs): 1005.380
CPU 10 DPC total execution time (s): 0.0130
CPU 10 DPC count: 848
_________________________________________________________________________________________________________
CPU 11 Interrupt cycle time (s): 0.554678
CPU 11 ISR highest execution time (µs): 0.0
CPU 11 ISR total execution time (s): 0.0
CPU 11 ISR count: 0
CPU 11 DPC highest execution time (µs): 353.350
CPU 11 DPC total execution time (s): 0.002757
CPU 11 DPC count: 90
_________________________________________________________________________________________________________
CPU 12 Interrupt cycle time (s): 0.638202
CPU 12 ISR highest execution time (µs): 3.830
CPU 12 ISR total execution time (s): 0.000405
CPU 12 ISR count: 338
CPU 12 DPC highest execution time (µs): 931.10
CPU 12 DPC total execution time (s): 0.029640
CPU 12 DPC count: 878
_________________________________________________________________________________________________________
CPU 13 Interrupt cycle time (s): 0.527580
CPU 13 ISR highest execution time (µs): 1.590
CPU 13 ISR total execution time (s): 0.000006
CPU 13 ISR count: 4
CPU 13 DPC highest execution time (µs): 48.130
CPU 13 DPC total execution time (s): 0.000128
CPU 13 DPC count: 20
_________________________________________________________________________________________________________
CPU 14 Interrupt cycle time (s): 0.661361
CPU 14 ISR highest execution time (µs): 2.920
CPU 14 ISR total execution time (s): 0.000122
CPU 14 ISR count: 86
CPU 14 DPC highest execution time (µs): 381.10
CPU 14 DPC total execution time (s): 0.017435
CPU 14 DPC count: 431
_________________________________________________________________________________________________________
CPU 15 Interrupt cycle time (s): 0.946629
CPU 15 ISR highest execution time (µs): 7.850
CPU 15 ISR total execution time (s): 0.000390
CPU 15 ISR count: 303
CPU 15 DPC highest execution time (µs): 604.420
CPU 15 DPC total execution time (s): 0.056781
CPU 15 DPC count: 1525
_________________________________________________________________________________________________________
Attached Thumbnails
#33
Posted 03 September 2020 - 07:55 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
See if you can force the update. Go to
https://www.microsof...nload/windows10
Click on Update Now. Save the file and then right click and Run As Admin. Follow the prompts.
#34
Posted 07 September 2020 - 09:20 PM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
sorry for the long wait but i had to step away. the update keeps going to 99% installed and then freezes. even when ran as admin.
but now i get bsod. mostly on shutdown but sometimes when using the computer. from what i can see the cause is power relay driver... or something along those lines.
#35
Posted 08 September 2020 - 04:57 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Download BlueScreenView
http://www.nirsoft.n...creen_view.html
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.
Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
#36
Posted 08 September 2020 - 05:01 AM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
I will soon when im back at my comp but ibgot some pics if thatll help.
So since i got the driver error i decided to run the driver mgr verifer. Now i cant boot bc of this bsod unless i do a restore go figure
So since i got the driver error i decided to run the driver mgr verifer. Now i cant boot bc of this bsod unless i do a restore go figure
Attached Thumbnails
#37
Posted 08 September 2020 - 05:42 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
You need to hold the camera sideways so I can see the whole screen.
Try booting into Safe Mode:
https://www.howtogee...8-the-easy-way/
Then you can turn off Driver Verifier
https://www.howtogee...-in-windows-10/
#38
Posted 08 September 2020 - 06:13 AM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
as long as i dont start a driver verification check it boots fine. heres the bs results. there should be more then 1 idk why there wasnt.
==================================================
Dump File : 090820-37953-01.dmp
Crash Time : 9/8/2020 2:13:59 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 00000000`00002004
Parameter 2 : ffffac02`f12e0a88
Parameter 3 : fffff80d`350101f0
Parameter 4 : fffff38d`419101d0
Caused By Driver : LGBusEnum.sys
Caused By Address : LGBusEnum.sys+1f0
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+1c23c0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\090820-37953-01.dmp
Processors Count : 16
Major Version : 15
Minor Version : 18362
Dump File Size : 997,284
Dump File Time : 9/8/2020 2:21:44 AM
==================================================
#39
Posted 08 September 2020 - 06:48 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Uninstall:
Logitech Gaming Software 9.02
that should get rid of the driver that is causing the driver verifier BSOD
Let's see if there are any events that might shed light on what happened:
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
#40
Posted 08 September 2020 - 07:12 AM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 9/8/2020 9:11:13 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 8/9/2020 11:08:33 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 8/9/2020 10:30:16 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 8/9/2020 5:10:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 7/9/2020 10:58:16 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 6/9/2020 3:31:09 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 5/9/2020 7:03:28 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 4/9/2020 1:32:20 PM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple iPhone (location 002e.0000.0003.004.000.000.000.000.000) is offline due to a user-mode driver crash. Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process. Please contact the device manufacturer for more information about this problem.
Log: 'System' Date/Time: 4/9/2020 1:32:20 PM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 002e.0000.0003.004.000.000.000.000.000) is offline due to a user-mode driver crash. Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process. Please contact the device manufacturer for more information about this problem.
Log: 'System' Date/Time: 4/9/2020 1:32:19 PM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated. This may temporarily interrupt your ability to access the devices.
Log: 'System' Date/Time: 4/9/2020 10:12:51 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 4/9/2020 4:49:55 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 4/9/2020 1:11:40 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 3/9/2020 3:36:41 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 2/9/2020 10:50:22 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 2/9/2020 10:43:00 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 2/9/2020 6:17:12 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 2/9/2020 5:13:43 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 2/9/2020 3:25:28 PM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple iPhone (location 002e.0000.0003.004.000.000.000.000.000) is offline due to a user-mode driver crash. Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process. Please contact the device manufacturer for more information about this problem.
Log: 'System' Date/Time: 2/9/2020 3:25:28 PM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 002e.0000.0003.004.000.000.000.000.000) is offline due to a user-mode driver crash. Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process. Please contact the device manufacturer for more information about this problem.
Log: 'System' Date/Time: 2/9/2020 3:25:28 PM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated. This may temporarily interrupt your ability to access the devices.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 8/9/2020 11:09:16 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetMsmqActivator service depends on the MSMQ service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 8/9/2020 11:08:32 AM
Type: Error Category: 0
Event: 161 Source: volmgr
Dump file creation failed due to error during dump creation.
Log: 'System' Date/Time: 8/9/2020 11:02:26 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
Log: 'System' Date/Time: 8/9/2020 10:30:56 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetMsmqActivator service depends on the MSMQ service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 8/9/2020 10:30:15 AM
Type: Error Category: 0
Event: 161 Source: volmgr
Dump file creation failed due to error during dump creation.
Log: 'System' Date/Time: 8/9/2020 10:30:38 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 6:21:02 AM on ?9/?8/?2020 was unexpected.
Log: 'System' Date/Time: 8/9/2020 10:06:19 AM
Type: Error Category: 0
Event: 1 Source: Virtual Disk Service
Unexpected failure. Error code: 5@02000028
Log: 'System' Date/Time: 8/9/2020 10:06:19 AM
Type: Error Category: 0
Event: 1 Source: Virtual Disk Service
Unexpected failure. Error code: 5@02000028
Log: 'System' Date/Time: 8/9/2020 10:06:16 AM
Type: Error Category: 0
Event: 1 Source: Virtual Disk Service
Unexpected failure. Error code: 5@02000028
Log: 'System' Date/Time: 8/9/2020 9:27:17 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetMsmqActivator service depends on the MSMQ service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 8/9/2020 9:24:55 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Avast Antivirus service did not shut down properly after receiving a preshutdown control.
Log: 'System' Date/Time: 8/9/2020 9:24:39 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
Log: 'System' Date/Time: 8/9/2020 6:21:44 AM
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-WER-SystemErrorReporting
The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c4 (0x0000000000002004, 0xffffac02f12e0a88, 0xfffff80d350101f0, 0xfffff38d419101d0). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 1b04762f-2faf-4caa-99ef-29e768975f7a.
Log: 'System' Date/Time: 8/9/2020 6:21:41 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 6:22:13 AM on ?9/?4/?2020 was unexpected.
Log: 'System' Date/Time: 8/9/2020 5:47:58 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Avast Antivirus service did not shut down properly after receiving a preshutdown control.
Log: 'System' Date/Time: 8/9/2020 5:47:42 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
Log: 'System' Date/Time: 8/9/2020 5:10:28 AM
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-WER-SystemErrorReporting
The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c4 (0x0000000000002004, 0xffff8605859932b8, 0xfffff80197c101f0, 0xffff8284356a01d0). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 615db0cc-a521-4b70-8a14-6af18b52dfe2.
Log: 'System' Date/Time: 8/9/2020 5:10:25 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 6:22:13 AM on ?9/?4/?2020 was unexpected.
Log: 'System' Date/Time: 8/9/2020 4:48:34 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
Log: 'System' Date/Time: 8/9/2020 4:25:13 AM
Type: Error Category: 0
Event: 1 Source: Virtual Disk Service
Unexpected failure. Error code: 5@02000028
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 8/9/2020 1:02:14 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 12:53:09 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 12:02:47 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 12:02:24 PM
Type: Warning Category: 0
Event: 27 Source: e1rexpress
Intel® I211 Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 8/9/2020 11:12:14 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name configuration.apple.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 11:11:59 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 11:09:24 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 11:09:24 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 11:08:42 AM
Type: Warning Category: 0
Event: 27 Source: e1rexpress
Intel® I211 Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 8/9/2020 10:31:20 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name 1.pool.ntp.org timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 10:31:11 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 10:31:11 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 10:30:24 AM
Type: Warning Category: 0
Event: 27 Source: e1rexpress
Intel® I211 Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 8/9/2020 9:27:49 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name config.nos-avg.cz. timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 9:27:23 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 9:27:23 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 9:26:42 AM
Type: Warning Category: 0
Event: 27 Source: e1rexpress
Intel® I211 Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 8/9/2020 9:24:56 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll
Log: 'System' Date/Time: 8/9/2020 8:52:33 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 8/9/2020 8:16:50 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
#41
Posted 08 September 2020 - 07:13 AM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 9/8/2020 9:12:49 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 8/9/2020 10:57:18 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\WFS.MOF while recovering .MOF file marked with autorecover.
Log: 'Application' Date/Time: 8/9/2020 9:41:41 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: regsvr32.exe, version: 10.0.18362.1, time stamp: 0x919e66d2 Faulting module name: edgeangle.dll, version: 11.0.18362.1, time stamp: 0x9f9216a0 Exception code: 0xc0000602 Fault offset: 0x000000000009342a Faulting process id: 0x25e4 Faulting application start time: 0x01d685c4409681e8 Faulting application path: C:\WINDOWS\SYSTEM32\regsvr32.exe Faulting module path: C:\WINDOWS\system32\edgeangle.dll Report Id: 0735bab9-415f-4c32-9147-07da92c0e982 Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 8/9/2020 9:07:04 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\WFS.MOF while recovering .MOF file marked with autorecover.
Log: 'Application' Date/Time: 8/9/2020 8:25:22 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 21344 and the required size was 30280.
Log: 'Application' Date/Time: 8/9/2020 5:45:36 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\WFS.MOF while recovering .MOF file marked with autorecover.
Log: 'Application' Date/Time: 8/9/2020 5:10:47 AM
Type: Error Category: 3
Event: 455 Source: ESENT
svchost (3800,R,98) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU00BE0.log.
Log: 'Application' Date/Time: 8/9/2020 4:42:21 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program RepairCenter.exe version 2.0.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 337c Start Time: 01d6858f7446ea4c Termination Time: 35 Application Path: C:\Post-Install Programs\Win10 Manager\RepairCenter.exe Report Id: 3d90ea4f-669d-4593-8b6a-9e4fed9d9184 Faulting package full name: Faulting package-relative application ID: Hang type: Unknown
Log: 'Application' Date/Time: 8/9/2020 4:07:28 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: LockSystem.exe, version: 1.8.9.0, time stamp: 0x5ee88c79 Faulting module name: KERNELBASE.dll, version: 10.0.18362.997, time stamp: 0x91b9349a Exception code: 0xc000041d Fault offset: 0x000000000003a719 Faulting process id: 0x2c10 Faulting application start time: 0x01d685957b6547fd Faulting application path: C:\Post-Install Programs\Win10 Manager\LockSystem.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: d4dba327-5706-482c-884c-def4ef30bf49 Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 8/9/2020 4:07:01 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: LockSystem.exe, version: 1.8.9.0, time stamp: 0x5ee88c79 Faulting module name: KERNELBASE.dll, version: 10.0.18362.997, time stamp: 0x91b9349a Exception code: 0xe0434352 Fault offset: 0x000000000003a719 Faulting process id: 0x2c10 Faulting application start time: 0x01d685957b6547fd Faulting application path: C:\Post-Install Programs\Win10 Manager\LockSystem.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 4f8c3cab-d555-4a10-a89e-352c153e4faf Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 8/9/2020 4:06:56 AM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: LockSystem.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
at System.Windows.Forms.NativeWindow.CreateHandle(System.Windows.Forms.CreateParams)
at System.Windows.Forms.Control.CreateHandle()
at System.Windows.Forms.Control.get_Handle()
at System.Windows.Forms.Control.CreateGraphicsInternal()
at System.Windows.Forms.ThreadExceptionDialog..ctor(System.Exception)
at System.Windows.Forms.Application+ThreadContext.OnThreadException(System.Exception)
at System.Windows.Forms.Control.WndProcException(System.Exception)
at System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)
Log: 'Application' Date/Time: 8/9/2020 3:42:55 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: regsvr32.exe, version: 10.0.18362.1, time stamp: 0x919e66d2 Faulting module name: edgeangle.dll, version: 11.0.18362.1, time stamp: 0x9f9216a0 Exception code: 0xc0000602 Fault offset: 0x000000000009342a Faulting process id: 0x1090 Faulting application start time: 0x01d685922006c116 Faulting application path: C:\WINDOWS\SYSTEM32\regsvr32.exe Faulting module path: C:\WINDOWS\system32\edgeangle.dll Report Id: a81f22ba-59e6-4c6e-8a61-7fddb25ecb1c Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 6/9/2020 6:35:58 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: svchost.exe_MapsBroker, version: 10.0.18362.1, time stamp: 0x32d6c210 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0x8400000e Fault offset: 0x0000000000000000 Faulting process id: 0xff4 Faulting application start time: 0x01d68417d8d636ed Faulting application path: C:\WINDOWS\System32\svchost.exe Faulting module path: unknown Report Id: 2741408c-7953-4ee9-aa1d-89808ea7b0cd Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 5/9/2020 7:23:50 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 21792 and the required size was 28440.
Log: 'Application' Date/Time: 4/9/2020 12:47:38 PM
Type: Error Category: 0
Event: 17 Source: SecurityCenter
Security Center failed to validate caller with error DC040780.
Log: 'Application' Date/Time: 4/9/2020 12:45:49 PM
Type: Error Category: 3
Event: 455 Source: ESENT
taskhostw (7448,R,98) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Dark's\AppData\Local\Microsoft\Windows\WebCache\V010000B.log.
Log: 'Application' Date/Time: 4/9/2020 11:53:16 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program mbamtray.exe version 4.0.0.782 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2920 Start Time: 01d682ad4dd0ea36 Termination Time: 4294967295 Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Report Id: 5b877090-8e49-49bb-a127-b36fb0f1210e Faulting package full name: Faulting package-relative application ID: Hang type: Cross-process
Log: 'Application' Date/Time: 4/9/2020 1:46:07 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: malwarebytes_assistant.exe, version: 4.0.0.782, time stamp: 0x5f3ebcab Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5e8272e4 Exception code: 0xc0000005 Fault offset: 0x0000000000219d05 Faulting process id: 0x14c8 Faulting application start time: 0x01d6825d2474569f Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report Id: 2c1a38b1-875f-41b7-b061-ab09c0c661ac Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 4/9/2020 1:15:17 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 21736 and the required size was 26232.
Log: 'Application' Date/Time: 3/9/2020 11:52:40 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: svchost.exe_cbdhsvc, version: 10.0.18362.1, time stamp: 0x32d6c210 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000021d49d06ac8 Faulting process id: 0x1664 Faulting application start time: 0x01d682364fbd2bd2 Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: unknown Report Id: c4b9f897-b11b-4529-a0c5-e09c9d45aedc Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 3/9/2020 11:51:09 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Radeonsoftware.exe, version: 10.1.2.1808, time stamp: 0x5f32a3c1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000022ac0a06ac8 Faulting process id: 0x1378 Faulting application start time: 0x01d6823659d21351 Faulting application path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe Faulting module path: unknown Report Id: a1fc4093-d123-42d8-9a1e-5bd4f39d1159 Faulting package full name: Faulting package-relative application ID:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 8/9/2020 11:11:14 AM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint 5d 70 47 53 29 d2 a0 bb 8b e7 23 0d ff d7 c9 7e 32 ee bc a2 is about to expire or already expired.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:57 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:57 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:57 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:56 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:56 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:56 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:56 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:56 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:56 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:55 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:55 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:55 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:38 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, MDMSettingsProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
#42
Posted 08 September 2020 - 07:28 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
For now I would uninstall all Apple software and Bonjour.
You may be running out of space on the hard drive. Right click on your C: drive and select properties. Click on Disk Cleanup. Clean up System Files. Check all. Downloads are often a problem so if there are some you want to keep you may want to move them to your other drive before letting it clean them. OK
How much free space do you have now?
#43
Posted 08 September 2020 - 07:35 AM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
56gb from 232gb... wait
something doesnt seem right. all the programs and music and pics and 1 game i have on the drive dont total even 60gb... so win10 is roughly 116gb? moves are on my 2nd data drive.
#44
Posted 08 September 2020 - 08:42 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
To find out what is using the drive:
Download and Save
http://windirstat.in...rrent_setup.exe
and then right click on it and Run As Admin.
Accept the defaults then once it runs, click on the C:\ drive and OK. It will take 5 to 10 minutes to finish. Wait until it says 100% and the little pacmen stop chomping and a confusing colored display shows up. I like to turn off the display (Options then uncheck Show Treemap). This will show you what folder is using the drive and the percentage. To get details within a folder just click on the + in front of the folder.
My Windows folder is only 21 GB
#45
Posted 08 September 2020 - 08:45 PM
darkmj16
- Topic Starter
-
- Member
-
- 194 posts
Member
oooookkkkkk so few things. 1 why is my timestamps for these folders showing hours even days into the furture as last time they were accessed?
2 it took 1 hour 7 mins for the scan to complete and thats with me leaving the comp along.
3 the program scanned 137gb, but for intensive purpuses the drive only shows 125gb used
4 taking the 60gb of data i put on that leaves65-77gb. i tried looking though it all (i did find 50gb of data from me i deleted b4 the scan) and my iwndows folder is 18gb, but whats this hidden folder windows-bt? bc it looks and is the same size as the window folder.
5 and finally while looking thought the folders i got bsod. see pic. and heres some logs
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 9/8/2020 10:40:43 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 9/9/2020 2:15:40 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 8/9/2020 11:08:33 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 8/9/2020 10:30:16 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 8/9/2020 5:10:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 7/9/2020 10:58:16 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 6/9/2020 3:31:09 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 5/9/2020 7:03:28 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 4/9/2020 1:32:20 PM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple iPhone (location 002e.0000.0003.004.000.000.000.000.000) is offline due to a user-mode driver crash. Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process. Please contact the device manufacturer for more information about this problem.
Log: 'System' Date/Time: 4/9/2020 1:32:20 PM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 002e.0000.0003.004.000.000.000.000.000) is offline due to a user-mode driver crash. Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process. Please contact the device manufacturer for more information about this problem.
Log: 'System' Date/Time: 4/9/2020 1:32:19 PM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated. This may temporarily interrupt your ability to access the devices.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 9/9/2020 2:16:22 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetMsmqActivator service depends on the MSMQ service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 9/9/2020 2:15:39 AM
Type: Error Category: 0
Event: 161 Source: volmgr
Dump file creation failed due to error during dump creation.
Log: 'System' Date/Time: 9/9/2020 2:16:02 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 3:51:32 PM on ?9/?8/?2020 was unexpected.
Log: 'System' Date/Time: 8/9/2020 11:21:11 PM
Type: Error Category: 0
Event: 17 Source: BTHUSB
The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Log: 'System' Date/Time: 8/9/2020 6:29:15 PM
Type: Error Category: 0
Event: 10142 Source: Microsoft-Windows-WinRM
The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.
Log: 'System' Date/Time: 8/9/2020 2:28:03 PM
Type: Error Category: 0
Event: 5007 Source: Netwtw04
5007 - TX/CMD timeout (TfdQueue hanged)
Log: 'System' Date/Time: 8/9/2020 2:28:03 PM
Type: Error Category: 0
Event: 5007 Source: Netwtw04
5007 - TX/CMD timeout (TfdQueue hanged)
Log: 'System' Date/Time: 8/9/2020 11:09:16 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetMsmqActivator service depends on the MSMQ service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 8/9/2020 11:08:32 AM
Type: Error Category: 0
Event: 161 Source: volmgr
Dump file creation failed due to error during dump creation.
Log: 'System' Date/Time: 8/9/2020 11:02:26 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The aswbIDSAgent service did not shut down properly after receiving a preshutdown control.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 9/9/2020 2:34:21 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} and APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} to the user DARK\Dark's SID (S-1-5-21-1748863081-2824756504-2947151313-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 9/9/2020 2:18:32 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 9/9/2020 2:18:32 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 9/9/2020 2:16:45 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ocsp.digicert.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 9/9/2020 2:15:48 AM
Type: Warning Category: 0
Event: 27 Source: e1rexpress
Intel® I211 Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 8/9/2020 11:23:29 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wguswgc-wgcct.wargaming.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 11:23:18 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name p63-ckdatabase.icloud.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 11:21:42 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name emupdate.avcdn.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 11:21:30 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ip-info.ff.avast.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 8/9/2020 11:21:20 PM
Type: Warning Category: 0
Event: 10400 Source: Microsoft-Windows-NDIS
The network interface "Xbox Wireless Adapter for Windows" has begun resetting. There will be a momentary disruption in network connectivity while the hardware resets. Reason: The network driver detected that its hardware has stopped responding to commands. This network interface has reset 1 time(s) since it was last initialized.
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 9/8/2020 10:41:52 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 9/9/2020 2:33:34 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: TiWorker.exe, version: 10.0.18362.1073, time stamp: 0x098f4341 Faulting module name: cbscore.dll, version: 10.0.18362.1073, time stamp: 0xc1e81ce6 Exception code: 0xc0000005 Fault offset: 0x0000000000006136 Faulting process id: 0x964 Faulting application start time: 0x01d6864f2d4635d0 Faulting application path: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1073_none_171f6eef2a0feed0\TiWorker.exe Faulting module path: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1073_none_171f6eef2a0feed0\cbscore.dll Report Id: bc1d9310-5899-4eca-937c-8963fb2150c6 Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 8/9/2020 11:21:36 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program dwm.exe version 10.0.18362.387 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 510 Start Time: 01d685d0723f115c Termination Time: 1268 Application Path: C:\Windows\System32\dwm.exe Report Id: 55547857-c4fe-423c-b812-0f5678c8b069 Faulting package full name: Faulting package-relative application ID: Hang type: Unknown
Log: 'Application' Date/Time: 8/9/2020 10:57:18 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\WFS.MOF while recovering .MOF file marked with autorecover.
Log: 'Application' Date/Time: 8/9/2020 9:41:41 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: regsvr32.exe, version: 10.0.18362.1, time stamp: 0x919e66d2 Faulting module name: edgeangle.dll, version: 11.0.18362.1, time stamp: 0x9f9216a0 Exception code: 0xc0000602 Fault offset: 0x000000000009342a Faulting process id: 0x25e4 Faulting application start time: 0x01d685c4409681e8 Faulting application path: C:\WINDOWS\SYSTEM32\regsvr32.exe Faulting module path: C:\WINDOWS\system32\edgeangle.dll Report Id: 0735bab9-415f-4c32-9147-07da92c0e982 Faulting package full name: Faulting package-relative application ID:
Log: 'Application' Date/Time: 8/9/2020 9:07:04 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\WFS.MOF while recovering .MOF file marked with autorecover.
Log: 'Application' Date/Time: 8/9/2020 8:25:22 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 21344 and the required size was 30280.
Log: 'Application' Date/Time: 8/9/2020 5:45:36 AM
Type: Error Category: 0
Event: 4 Source: Microsoft-Windows-WMI
Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\WFS.MOF while recovering .MOF file marked with autorecover.
Log: 'Application' Date/Time: 8/9/2020 5:10:47 AM
Type: Error Category: 3
Event: 455 Source: ESENT
svchost (3800,R,98) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU00BE0.log.
Log: 'Application' Date/Time: 8/9/2020 4:42:21 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program RepairCenter.exe version 2.0.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 337c Start Time: 01d6858f7446ea4c Termination Time: 35 Application Path: C:\Post-Install Programs\Win10 Manager\RepairCenter.exe Report Id: 3d90ea4f-669d-4593-8b6a-9e4fed9d9184 Faulting package full name: Faulting package-relative application ID: Hang type: Unknown
Log: 'Application' Date/Time: 8/9/2020 4:07:28 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: LockSystem.exe, version: 1.8.9.0, time stamp: 0x5ee88c79 Faulting module name: KERNELBASE.dll, version: 10.0.18362.997, time stamp: 0x91b9349a Exception code: 0xc000041d Fault offset: 0x000000000003a719 Faulting process id: 0x2c10 Faulting application start time: 0x01d685957b6547fd Faulting application path: C:\Post-Install Programs\Win10 Manager\LockSystem.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: d4dba327-5706-482c-884c-def4ef30bf49 Faulting package full name: Faulting package-relative application ID:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 9/9/2020 2:16:34 AM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint 5d 70 47 53 29 d2 a0 bb 8b e7 23 0d ff d7 c9 7e 32 ee bc a2 is about to expire or already expired.
Log: 'Application' Date/Time: 8/9/2020 11:21:36 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: Radeon RX 570 Series)
Log: 'Application' Date/Time: 8/9/2020 7:11:14 PM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint 5d 70 47 53 29 d2 a0 bb 8b e7 23 0d ff d7 c9 7e 32 ee bc a2 is about to expire or already expired.
Log: 'Application' Date/Time: 8/9/2020 11:11:14 AM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint 5d 70 47 53 29 d2 a0 bb 8b e7 23 0d ff d7 c9 7e 32 ee bc a2 is about to expire or already expired.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv1, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 8/9/2020 10:57:58 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DMWmiBridgeProv, has been registered in the Windows Management Instrumentation namespace root\cimv2\mdm\dmmap to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Attached Thumbnails
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
