Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Event viewer


  • Please log in to reply
22 replies to this topic

#1 kenpersky

kenpersky

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 11 December 2010 - 05:52 PM

Hi everybody,
Would you please tell me what's wromg with my system, after screening the following eventviewer log:
Thanking you in advance

Error 12/11/2010 7:18:00 PM DistributedCOM 10016 None
Warning 12/11/2010 5:23:19 PM TOSHIBA Service Station 0 None
Warning 12/11/2010 5:23:19 PM TOSHIBA Service Station 0 None
Error 12/11/2010 5:22:27 PM Service Control Manager 7011 None
Warning 12/11/2010 5:22:03 PM DNS Client Events 1014 None
Warning 12/11/2010 3:38:50 PM User Profile Service 1530 None
Error 12/11/2010 3:38:46 PM EventSystem 4621 Event System
Warning 12/11/2010 12:22:02 PM DNS Client Events 1014 None
Warning 12/11/2010 11:54:02 AM TOSHIBA Service Station 0 None
Warning 12/11/2010 11:54:02 AM TOSHIBA Service Station 0 None
Warning 12/11/2010 11:47:49 AM User Profile Service 1530 None
Warning 12/11/2010 11:05:49 AM DNS Client Events 1014 None
Error 12/11/2010 10:44:57 AM DistributedCOM 10016 None
Warning 12/11/2010 10:37:19 AM TOSHIBA Service Station 0 None
Warning 12/11/2010 10:37:19 AM TOSHIBA Service Station 0 None
Warning 12/11/2010 10:34:35 AM User Profile Service 1530 None
Warning 12/11/2010 7:44:17 AM TOSHIBA Service Station 0 None
Warning 12/11/2010 7:44:17 AM TOSHIBA Service Station 0 None
Error 12/11/2010 7:43:12 AM Service Control Manager 7011 None
Warning 12/11/2010 12:25:06 AM User Profile Service 1530 None
Error 12/11/2010 12:25:00 AM EventSystem 4621 Event System
Error 12/11/2010 12:24:12 AM Application Hang 1002 (101)

BC AdBot (Login to Remove)

 


#2 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:50 PM

Posted 11 December 2010 - 06:12 PM

Please download VEW by Vino Rosso http://images.malwareremoval.com/vino/VEW.exe
from here and save it to your desktop

Double click it to start it Note: If running Windows Vista or Windows 7 you will need to right click the file and select Run as administrator and click Continue or Allow at the User Account Control Prompt.

Click the check boxes next to Application and System located under Select log to query on the upper left

Under Select type to list on the right click the boxes next to Error and Warning Note: If running Windows Vista or Windows 7 also click the box next to Critical (not XP).

Under Number or date of events select Number of events and type 20 in the box next to 1 to 20 and click Run

Once it finishes it will display a log file in notepad

Please copy and paste its entire contents into your next reply

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop


#3 kenpersky

kenpersky
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 11 December 2010 - 07:04 PM

Hi Jacee,
Thank you for your prompt reply. I have followed your instructions but I got this response: view has not been coded for your language (Arabic).
For your info, I have a windows 7 ultimate 32bit installed in English.

#4 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:50 PM

Posted 11 December 2010 - 10:49 PM

News to me ... I've never seen this before!! view has not been coded for your language (Arabic) Posted Image

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop


#5 kenpersky

kenpersky
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 12 December 2010 - 06:35 AM

Any clue about the above echanges??? Anyone can help

#6 PolaBar

PolaBar

  • Members
  • 259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 12 December 2010 - 07:17 AM

In event viewer click on view and make sure a check mark is next to "preview pane". Highlight each event and then copy the details that show in the preview pane and post them.

Just one for each different event, no need for duplicates of same event.

The "Warning 12/11/2010 5:22:03 PM DNS Client Events 1014 None" are almost always caused by slow responding web pages (or pop-up/ad blockers) and can be ignored.
The details will say something like "Name resolution for the name yada.yada.com timed out after none of the configured DNS servers responded"

Edited by PolaBar, 12 December 2010 - 07:18 AM.


#7 kenpersky

kenpersky
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 12 December 2010 - 08:54 AM

Anyone able to solve this problem
when I open View (as administartor)and check all the boxes, it gives me the following popup
"View has not been coded for your language (Arabic) Please contact the authbor

#8 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:50 PM

Posted 12 December 2010 - 11:11 AM

You may need to update the "Toshiba Service Station" application. It may be causing the 'hang' of an application trying to connect to the Internet ... such as your e-mail.

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop


#9 kenpersky

kenpersky
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 12 December 2010 - 12:09 PM

toshiba service station updated yesterday after I sent the eventviewer log, and still can't open View.
what do you think, is it a virus preventing to open it ??? please help

#10 kenpersky

kenpersky
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 12 December 2010 - 12:35 PM

Now, I have totally uninstalled Toshiba service station as I already read it causes some descrepanceis.
Still, I cannot run View

#11 PolaBar

PolaBar

  • Members
  • 259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 12 December 2010 - 01:31 PM

This is pretty strange, like Jacee, I have never seen this before. You can try Control Panel > Region and Language Options and make sure settings in all tabs are still english, but something may have corrupted your system language settings in the registry.

Might try running sfc to see if it finds an error.

click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
Type the following command, and then press ENTER:
sfc /scannow

#12 kenpersky

kenpersky
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 12 December 2010 - 01:56 PM

Cheers, thank you PolaBar, indeed it was the unicode language which was Arabic, now I turned it into English United States, and the result is this for you Jacee to examine. Before, I'd like to thank you Jacee and PolaBar.
For your info, I have just unistalled Toshiba Service Stattion, so you can take it into consideration

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 12/12/2010 6:46:55 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/12/2010 5:18:07 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {51ED6914-8016-4521-9F54-03DA1BD55E60}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 12/12/2010 5:11:34 PM
Type: Error Category: 0
Event: 8194 Source: VSS
Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {21bd8eb0-dccf-41d1-ac9c-fdb85c6c5e0f}

Log: 'Application' Date/Time: 12/12/2010 12:01:54 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {EB09F91B-4AD8-4C0C-A80C-A0499382D312}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 12/12/2010 12:17:28 AM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {3CE80789-1312-4E8E-B560-179BAE977304}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 11/12/2010 11:03:46 PM
Type: Error Category: 0
Event: 8194 Source: VSS
Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bba319a7-243d-4191-a692-81958c7a65ea}

Log: 'Application' Date/Time: 11/12/2010 3:38:46 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {1997B741-1A81-413A-8CD0-566B8343DB96}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 11/12/2010 12:25:00 AM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {893DC38E-2C9C-4756-AF8C-CACBCB9B897F}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 11/12/2010 12:24:12 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program WORDPAD.EXE version 6.1.7600.16624 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 14f0 Start Time: 01cb98c97fe6e6df Termination Time: 15 Application Path: C:\Program Files\Windows NT\Accessories\WORDPAD.EXE Report Id: f766ff88-04bc-11e0-9766-00235af5c621

Log: 'Application' Date/Time: 10/12/2010 11:14:52 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program iexplore.exe version 8.0.7600.16671 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: da0 Start Time: 01cb98bfef866cc6 Termination Time: 15 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: 47d1fb58-04b3-11e0-9766-00235af5c621

Log: 'Application' Date/Time: 10/12/2010 11:13:28 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program iexplore.exe version 8.0.7600.16671 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 4e8 Start Time: 01cb98b784824a82 Termination Time: 62 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: 15a318b1-04b3-11e0-9766-00235af5c621

Log: 'Application' Date/Time: 10/12/2010 4:18:46 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {650EEDB2-610E-463D-B46A-5D1C28DF704D}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 10/12/2010 1:11:18 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SMSystemAnalyzer.exe, version: 10.0.0.76, time stamp: 0x2a425e19 Faulting module name: SMSystemAnalyzer.exe, version: 10.0.0.76, time stamp: 0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x00004016 Faulting process id: 0xea8 Faulting application start time: 0x01cb986a8f9db910 Faulting application path: C:\Program Files\iolo\System Mechanic Professional\SMSystemAnalyzer.exe Faulting module path: C:\Program Files\iolo\System Mechanic Professional\SMSystemAnalyzer.exe Report Id: f951d59a-045e-11e0-92ea-00235af5c621

Log: 'Application' Date/Time: 10/12/2010 11:22:07 AM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {8CEC244B-227A-46CA-AA97-D642A0995DBF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 09/12/2010 11:11:58 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {1AC8D187-3A40-4343-9498-45B4A34F4714}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 09/12/2010 10:10:09 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {D57B7BE8-6F9B-4734-B648-61AA9B742EB1}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 09/12/2010 2:54:19 PM
Type: Error Category: 0
Event: 8193 Source: System Restore
Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" ; Description = Revo Uninstaller Pro's restore point - Webroot Software; Error = 0x8007043c).

Log: 'Application' Date/Time: 09/12/2010 11:12:30 AM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {C7445E01-D784-4030-A075-4B101BA01F37}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 08/12/2010 11:30:59 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {6BE94B09-9FAC-409F-B9C3-FB14EDFB83D9}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 08/12/2010 8:18:20 PM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {453CBE04-55BC-4B1A-8BDB-52FFF7514AC4}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

Log: 'Application' Date/Time: 08/12/2010 1:01:27 AM
Type: Error Category: 16
Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {A95E2759-4159-413D-82BC-EE54A1DFBE0E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/12/2010 6:45:52 PM
Type: Information Category: 0
Event: 903 Source: Microsoft-Windows-Security-SPP
The Software Protection service has stopped.

Log: 'Application' Date/Time: 12/12/2010 6:43:52 PM
Type: Information Category: 0
Event: 1 Source: SecurityCenter
The Windows Security Center Service has started.

Log: 'Application' Date/Time: 12/12/2010 6:43:51 PM
Type: Information Category: 0
Event: 2 Source: SecurityCenter
The Windows Security Center Service has stopped.

Log: 'Application' Date/Time: 12/12/2010 6:43:44 PM
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 12/12/2010 6:43:44 PM
Type: Information Category: 0
Event: 4101 Source: Microsoft-Windows-Winlogon
Windows license validated.

Log: 'Application' Date/Time: 12/12/2010 6:40:55 PM
Type: Information Category: 1
Event: 1003 Source: Microsoft-Windows-Search
The Windows Search Service started.


Log: 'Application' Date/Time: 12/12/2010 6:40:54 PM
Type: Information Category: 3
Event: 302 Source: ESENT
Windows (3888) Windows: The database engine has successfully completed recovery steps.

Log: 'Application' Date/Time: 12/12/2010 6:40:53 PM
Type: Information Category: 3
Event: 301 Source: ESENT
Windows (3888) Windows: The database engine has begun replaying logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log.

Log: 'Application' Date/Time: 12/12/2010 6:40:53 PM
Type: Information Category: 3
Event: 300 Source: ESENT
Windows (3888) Windows: The database engine is initiating recovery steps.

Log: 'Application' Date/Time: 12/12/2010 6:40:53 PM
Type: Information Category: 1
Event: 102 Source: ESENT
Windows (3888) Windows: The database engine (6.01.7600.0000) started a new instance (0).

Log: 'Application' Date/Time: 12/12/2010 6:40:51 PM
Type: Information Category: 0
Event: 902 Source: Microsoft-Windows-Security-SPP
The Software Protection service has started. 6.1.7600.16385

Log: 'Application' Date/Time: 12/12/2010 6:40:51 PM
Type: Information Category: 0
Event: 1003 Source: Microsoft-Windows-Security-SPP
The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status=
1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]



Log: 'Application' Date/Time: 12/12/2010 6:40:51 PM
Type: Information Category: 0
Event: 1066 Source: Microsoft-Windows-Security-SPP
Initialization status for service objects. C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000


Log: 'Application' Date/Time: 12/12/2010 6:40:47 PM
Type: Information Category: 0
Event: 900 Source: Microsoft-Windows-Security-SPP
The Software Protection service is starting.

Log: 'Application' Date/Time: 12/12/2010 6:38:47 PM
Type: Information Category: 0
Event: 1 Source: SecurityCenter
The Windows Security Center Service has started.

Log: 'Application' Date/Time: 12/12/2010 6:38:45 PM
Type: Information Category: 0
Event: 0 Source: WebrootSpySweeperService
The event description cannot be found.

Log: 'Application' Date/Time: 12/12/2010 6:38:43 PM
Type: Information Category: 0
Event: 5617 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service subsystems initialized successfully

Log: 'Application' Date/Time: 12/12/2010 6:38:40 PM
Type: Information Category: 0
Event: 0 Source: SignInAssistant
The event description cannot be found.

Log: 'Application' Date/Time: 12/12/2010 6:38:40 PM
Type: Information Category: 0
Event: 0 Source: SignInAssistant
The event description cannot be found.

Log: 'Application' Date/Time: 12/12/2010 6:38:40 PM
Type: Information Category: 0
Event: 0 Source: SignInAssistant
The event description cannot be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/12/2010 6:40:51 PM
Type: Warning Category: 3
Event: 3086 Source: Microsoft-Windows-Search
The system locale has changed. Existing data will be deleted and the index must be recreated.

Context: Application, SystemIndex Catalog


Log: 'Application' Date/Time: 12/12/2010 6:37:19 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-2969528629-1078469984-1903635629-1000:
Process 704 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunServices
Process 704 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce
Process 704 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Process 704 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\Run


Log: 'Application' Date/Time: 12/12/2010 5:24:05 PM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <iehistory://{S-1-5-21-2969528629-1078469984-1903635629-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
(HRESULT : 0x80004005) (0x80004005)


Log: 'Application' Date/Time: 12/12/2010 5:24:05 PM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <iehistory://{S-1-5-21-2969528629-1078469984-1903635629-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
(HRESULT : 0x80004005) (0x80004005)


Log: 'Application' Date/Time: 12/12/2010 5:18:09 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 19 user registry handles leaked from \Registry\User\S-1-5-21-2969528629-1078469984-1903635629-1000:
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\Root
Process 1572 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunServices
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\trust
Process 1572 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\My
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\CA
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Policies\Microsoft\SystemCertificates
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Policies\Microsoft\SystemCertificates
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Policies\Microsoft\SystemCertificates
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Policies\Microsoft\SystemCertificates
Process 1572 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Process 2052 (\Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1572 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\Run


Log: 'Application' Date/Time: 12/12/2010 5:01:26 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 5:01:26 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 5:01:26 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 5:01:26 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 1:39:43 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 1:39:43 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 1:39:43 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 1:39:43 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 12:30:09 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-2969528629-1078469984-1903635629-1000:
Process 1484 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunServices
Process 1484 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce
Process 1484 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Process 1484 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\Run


Log: 'Application' Date/Time: 12/12/2010 12:04:22 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 12:04:22 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 12:04:22 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 12:04:22 PM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

Log: 'Application' Date/Time: 12/12/2010 12:01:57 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-2969528629-1078469984-1903635629-1000:
Process 1324 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunServices
Process 1324 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce
Process 1324 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Process 1324 (\Device\HarddiskVolume2\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe) has opened key \REGISTRY\USER\S-1-5-21-2969528629-1078469984-1903635629-1000\Software\Microsoft\Windows\CurrentVersion\Run


Log: 'Application' Date/Time: 12/12/2010 11:54:01 AM
Type: Warning Category: 0
Event: 0 Source: TOSHIBA Service Station
Skipping empty element [tsu:setup_args]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/12/2010 4:59:23 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 11/12/2010 11:42:19 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/12/2010 10:04:06 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/12/2010 7:11:08 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 09/12/2010 2:50:41 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/12/2010 8:09:01 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/12/2010 4:59:36 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 4:50:58 PM on ?12/?12/?2010 was unexpected.

Log: 'System' Date/Time: 12/12/2010 11:53:19 AM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 12/12/2010 11:52:55 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WebrootSpySweeperService service.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:55 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:55 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:57 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

Log: 'System' Date/Time: 11/12/2010 11:42:56 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 11/12/2010 11:42:55 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

Log: 'System' Date/Time: 11/12/2010 11:42:55 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Log: 'System' Date/Time: 11/12/2010 11:42:54 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Log: 'System' Date/Time: 11/12/2010 11:42:45 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

Log: 'System' Date/Time: 11/12/2010 11:42:36 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache ehdrv ElRawDisk FileDisk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Tosrfcom vwififlt Wanarpv6 WfpLwf

Log: 'System' Date/Time: 11/12/2010 11:42:29 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 11/12/2010 11:42:29 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/12/2010 6:46:02 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The TPCH Service service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:45:58 PM
Type: Information Category: 0
Event: 206 Source: Microsoft-Windows-Application-Experience
The Program Compatibility Assistant service successfully performed phase two initialization.

Log: 'System' Date/Time: 12/12/2010 6:45:58 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The TOSHIBA HDD SSD Alert Service service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:45:52 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Software Protection service entered the stopped state.

Log: 'System' Date/Time: 12/12/2010 6:44:17 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The TOSHIBA Bluetooth Service service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:15 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Peer Networking Grouping service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:14 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Peer Name Resolution Protocol service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:13 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Peer Networking Identity Manager service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:05 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The HomeGroup Listener service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:03 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The HomeGroup Provider service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:03 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Function Discovery Resource Publication service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:44:02 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Function Discovery Provider Host service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:43:58 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Network Connections service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:43:55 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Multimedia Class Scheduler service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:43:53 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Program Compatibility Assistant Service service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:43:53 PM
Type: Information Category: 0
Event: 201 Source: Microsoft-Windows-Application-Experience
The Program Compatibility Assistant service started successfully.

Log: 'System' Date/Time: 12/12/2010 6:43:51 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Application Information service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:43:51 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Security Center service entered the running state.

Log: 'System' Date/Time: 12/12/2010 6:43:51 PM
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Security Center service entered the stopped state.

Log: 'System' Date/Time: 12/12/2010 6:43:43 PM
Type: Information Category: 1101
Event: 7001 Source: Microsoft-Windows-Winlogon
User Logon Notification for Customer Experience Improvement Program

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/12/2010 6:34:38 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ls2web.redmond.corp.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/12/2010 5:51:57 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/12/2010 1:39:05 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/12/2010 11:32:07 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/12/2010 10:54:00 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/12/2010 9:57:10 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/12/2010 12:14:18 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 11/12/2010 5:22:03 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 11/12/2010 12:22:02 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 11/12/2010 11:05:49 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 10:46:00 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 7:41:32 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 5:29:45 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.mypowermall.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 4:49:52 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 4:20:13 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 4:03:02 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 4:02:22 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 3:56:32 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 3:08:18 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/12/2010 11:55:58 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

#13 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:50 PM

Posted 12 December 2010 - 06:55 PM

Okay, you got it working in English! Read this page and follow the instructions concerning Event: 4621 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not remove the EventSystem.EventSubscription object {51ED6914-8016-4521-9F54-03DA1BD55E60}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: WRSS-SENS Client
Object description:
The HRESULT was 80070005

http://technet.microsoft.com/en-us/library/dd337567(WS.10).aspx

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop


#14 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:50 PM

Posted 12 December 2010 - 07:04 PM

Also, are you connected with wired or wireless router?

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop


#15 PolaBar

PolaBar

  • Members
  • 259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 12 December 2010 - 07:09 PM

The forum software seems to have chopped off part of the link that Jacee posted, you will have to copy and paste the whole line in your browser to get to the correct page. (including the ").aspx" that got left out of the link)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users