L
luso
Hi,
(cont. from previous thread)
As I said, my system came pre-installed with XP Media Center Edition. All
updates installed, most 3rd parrty programs removed (have AVG Anti-Virus free
edition), Service Pack 3, 1GB memory, on a Dell laptop.
When I boot up or restart from standby, applications take about 3 minutes to
actually open. After a while, they open a bit faster (only 1 minute waiting),
but every command that opens a window seems to take forever. This has always
been like this as far as I remember, and I did try Dell support but they were
not very good. Will follow Gerry's suggestion to report on the system:
---------------------------------------
Device Manager: No yellow question marks, all in order.
Event Viewer, System log errors:
Event Type: Error
Event Source: Windows Update Agent
Event Category: Software Sync
Event ID: 16
Date: 03/10/2008
Time: 23:46:20
User: N/A
Computer: AILEENGOMES
Description:
Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the
set schedule. Windows will continue to try to establish a connection.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 30 sult=0x0
0010: 30 30 30 30 30 30 30 20 0000000
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 30 30 30 30 30 30 ={000000
0028: 30 30 2d 30 30 30 30 2d 00-0000-
0030: 30 30 30 30 2d 30 30 30 0000-000
0038: 30 2d 30 30 30 30 30 30 0-000000
0040: 30 30 30 30 30 30 7d 20 000000}
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 30 Number=0
0058: 20 00 .
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 17
Date: 04/10/2008
Time: 00:02:09
User: N/A
Computer: AILEENGOMES
Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an
unreachable host. (0x80072751)
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: Print
Event Category: None
Event ID: 20
Date: 20/08/2008
Time: 13:13:23
User: NT AUTHORITY\SYSTEM
Computer: AILEENGOMES
Description:
Printer Driver Microsoft Office Document Image Writer Driver for Windows NT
x86 Version-3 was added or updated. Files:- mdigraph.dll, mdiui.dll,
mdiui.dll.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Print
Event Category: None
Event ID: 23
Date: 04/10/2008
Time: 03:58:02
User: NT AUTHORITY\SYSTEM
Computer: GOMESCOMPUTER
Description:
Printer Lexmark X1100 Series,0 failed to initialize because a suitable
Lexmark X1100 Series driver could not be found.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 04/10/2008
Time: 00:02:09
User: N/A
Computer: AILEENGOMES
Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. No
attempt to contact a source will be made for 29 minutes. NtpClient has no
source of accurate time.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 30/09/2008
Time: 10:24:30
User: N/A
Computer: AILEENGOMES
Description:
The time service has not been able to synchronize the system time for 49152
seconds because none of the time providers has been able to provide a usable
time stamp. The system clock is unsynchronized.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: NETw4x32
Event Category: None
Event ID: 43
Date: 30/08/2008
Time: 15:55:41
User: N/A
Computer: AILEENGOMES
Description:
The description for Event ID ( 43 ) in Source ( NETw4x32 ) cannot be found.
The local computer may not have the necessary registry information or message
DLL files to display messages from a remote computer. You may be able to use
the /AUXSOURCE= flag to retrieve this description; see Help and Support for
details. The following information is part of the event: .
Data:
0000: 16 00 00 00 01 00 c2 00 ......Â.
0008: 00 00 00 00 2b 00 04 c0 ....+..À
0010: 04 00 03 00 01 00 00 c0 .......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: Win32k
Event Category: None
Event ID: 240
Date: 29/09/2008
Time: 20:45:16
User: N/A
Computer: AILEENGOMES
Description:
A request to suspend power was denied by winlogon.exe.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 02 00 4e 00 ......N.
0008: 00 00 00 00 f0 00 00 80 ....ð..€
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: PlugPlayManager
Event Category: None
Event ID: 256
Date: 23/09/2008
Time: 09:05:56
User: N/A
Computer: AILEENGOMES
Description:
Timed out sending notification of device interface change to window of
"IWMSWindow"
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Dhcp
Event Category: None
Event ID: 1000
Date: 04/10/2008
Time: 12:03:27
User: N/A
Computer: GOMESCOMPUTER
Description:
Your computer has lost the lease to its IP address 192.168.1.3 on the
Network Card with network address 001302476DDE.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Dhcp
Event Category: None
Event ID: 1002
Date: 04/10/2008
Time: 00:14:54
User: N/A
Computer: AILEENGOMES
Description:
The IP address lease 192.168.1.5 for the Network Card with network address
001302476DDE has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 1002
Date: 13/09/2008
Time: 15:22:34
User: N/A
Computer: AILEENGOMES
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {5DA846A4-FEC5-420F-B227-F60C1FFAFCCA}
Scan Type: AntiSpyware
Scan Parameters: Quick Scan
User: AILEENGOMES\Luis Gomes
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1003
Date: 04/10/2008
Time: 12:03:27
User: N/A
Computer: GOMESCOMPUTER
Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001302476DDE. The
following error occurred:
The semaphore timeout period has expired. . Your computer will continue to
try and obtain an address on its own from the network address (DHCP) server.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 79 00 00 00 y...
Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1007
Date: 30/08/2008
Time: 15:56:18
User: N/A
Computer: AILEENGOMES
Description:
Your computer has automatically configured the IP address for the Network
Card with network address 001302476DDE. The IP address being used is
169.254.17.97.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 ....
Event Type: Warning
Event Source: Server
Event Category: None
Event ID: 2504
Date: 04/10/2008
Time: 12:03:44
User: N/A
Computer: GOMESCOMPUTER
Description:
The server could not bind to the transport
\Device\NetBT_Tcpip_{D4F637DF-FA16-4D59-A424-13FAADBF3338}.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: aa 05 00 00 ª...
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 04/10/2008
Time: 01:29:47
User: N/A
Computer: AILEENGOMES
Description:
Windows Defender Real-Time Protection agent has detected changes. Microsoft
recommends you analyze the software that made these changes for potential
risks. You can use information about how these programs operate to choose
whether to allow them to run or remove them from your computer. Allow
changes only if you trust the program or the software publisher. Windows
Defender can't undo changes that you allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {D65F0394-E962-4C07-85D8-E678C7CF66BC}
User: AILEENGOMES\Luis Gomes
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found: driver:WSearchIdxPi
Alert Type: Unclassified software
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Tcpip
Event Category: None
Event ID: 4199
Date: 28/09/2008
Time: 13:59:56
User: N/A
Computer: AILEENGOMES
Description:
The system detected an address conflict for IP address 192.168.1.2 with the
system having network hardware address 00:1D:E0:87:CC:83. Network operations
on this system may be disrupted as a result.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 03 00 50 00 ......P.
0008: 00 00 00 00 67 10 00 c0 ....g..À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 29/09/2008
Time: 19:31:59
User: N/A
Computer: AILEENGOMES
Description:
TCP/IP has reached the security limit imposed on the number of concurrent
TCP connect attempts.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 20/08/2008
Time: 19:42:20
User: N/A
Computer: AILEENGOMES
Description:
The Vodafone Mobile Connect Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 04/10/2008
Time: 02:23:37
User: NT AUTHORITY\SYSTEM
Computer: AILEENGOMES
Description:
DCOM got error "The service cannot be started, either because it is disabled
or because it has no enabled devices associated with it. " attempting to
start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 04/10/2008
Time: 12:48:53
User: GOMESCOMPUTER\Luis Gomes
Computer: GOMESCOMPUTER
Description:
The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM
within the required timeout.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 04/10/2008
Time: 12:15:41
User: NT AUTHORITY\NETWORK SERVICE
Computer: GOMESCOMPUTER
Description:
The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security
permission can be modified using the Component Services administrative tool.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: PSched
Event Category: None
Event ID: 14103
Date: 30/08/2008
Time: 15:55:40
User: N/A
Computer: AILEENGOMES
Description:
QoS [Adapter {D4F637DF-FA16-4D59-A424-13FAADBF3338}]:
The netcard driver failed the query for OID_GEN_LINK_SPEED.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 04 00 02 00 56 00 ......V.
0008: 00 00 00 00 17 37 00 c0 .....7.À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0d 00 01 c0 ...À
Task Manager information:
Peak Memory Usage:
svchost.exe | SYSTEM | 150,840 K
avgw.exe | Luis Gomes | 73,364 K
iexplore.exe | Luis Gomes | 56,512 K
MsMpEng.exe | SYSTEM | 53,424 K
avgas.exe | Luis Gomes | 49,904 K
Virtual Memory Size:
avgw.exe | Luis Gomes | 59,608 K
avgas.exe | Luis Gomes | 53,612 K
guard.exe | SYSTEM | 44,456 K
MsMpEng.exe | SYSTEM | 43,056 K
iexplore.exe | Luis Gomes | 36,508 K
svchost.exe | SYSTEM | 24,856 K
Disk defragmenter report:
Volume Gomes Computer (C
Volume size = 87.03 GB
Cluster size = 4 KB
Used space = 16.80 GB
Free space = 70.23 GB
Percent free space = 80 %
Volume fragmentation
Total fragmentation = 9 %
File fragmentation = 18 %
Free space fragmentation = 0 %
File fragmentation
Total files = 74,645
Average file size = 488 KB
Total fragmented files = 2,229
Total excess fragments = 13,136
Average fragments per file = 1.17
Pagefile fragmentation
Pagefile size = 1.49 GB
Total fragments = 2
Folder fragmentation
Total folders = 8,733
Fragmented folders = 82
Excess folder fragments = 276
Master File Table (MFT) fragmentation
Total MFT size = 104 MB
MFT record count = 83,778
Percent MFT in use = 78 %
Total MFT fragments = 3
--------------------------------------------------------------------------------
Fragments File Size Most fragmented files
348 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP375\snapshot\_REGISTRY_MACHINE_SOFTWARE
339 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP390\snapshot\_REGISTRY_MACHINE_SOFTWARE
328 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP382\snapshot\_REGISTRY_MACHINE_SOFTWARE
324 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP364\snapshot\_REGISTRY_MACHINE_SOFTWARE
323 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP388\snapshot\_REGISTRY_MACHINE_SOFTWARE
316 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP378\snapshot\_REGISTRY_MACHINE_SOFTWARE
315 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP380\snapshot\_REGISTRY_MACHINE_SOFTWARE
314 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP395\snapshot\_REGISTRY_MACHINE_SOFTWARE
314 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP366\snapshot\_REGISTRY_MACHINE_SOFTWARE
309 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP372\snapshot\_REGISTRY_MACHINE_SOFTWARE
251 17 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP377\A0154929.exe
241 15 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP387\A0156243.exe
187 12 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP376\A0154876.rbf
185 12 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP387\A0156209.rbf
158 10 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP376\A0154785.rbf
115 114 MB \WINDOWS\Installer\a74e685.msp
114 7 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP371\A0154720.rbf
96 384 KB \Program Files\Microsoft
Office\CLIPART\PUB60COR
95 6 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP376\A0154835.rbf
64 4 MB \Program Files\Microsoft
Office\OFFICE11\1033\ACMAIN11.CHM
61 339 KB \Documents and Settings\Luis
Gomes\Desktop\My Mobile Pictures\Thumbs.db
56 478 KB \Documents and Settings\Luis Gomes\My
Documents\My Pictures\My mobile phone Pictures\Thumbs.db
55 3 MB
\WINDOWS\SoftwareDistribution\Download\13d5d266d7681d26b42f8dff88cadc20\SP2GDR\mshtml.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP389\A0156346.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP386\A0156161.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP396\A0156609.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP390\A0156392.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP393\A0156508.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP390\A0156391.dll
Will also do the remaining disk cleanup and system restore cleanup, which I
do every so often.
Thanks,
Best regards,
L
(cont. from previous thread)
As I said, my system came pre-installed with XP Media Center Edition. All
updates installed, most 3rd parrty programs removed (have AVG Anti-Virus free
edition), Service Pack 3, 1GB memory, on a Dell laptop.
When I boot up or restart from standby, applications take about 3 minutes to
actually open. After a while, they open a bit faster (only 1 minute waiting),
but every command that opens a window seems to take forever. This has always
been like this as far as I remember, and I did try Dell support but they were
not very good. Will follow Gerry's suggestion to report on the system:
---------------------------------------
Device Manager: No yellow question marks, all in order.
Event Viewer, System log errors:
Event Type: Error
Event Source: Windows Update Agent
Event Category: Software Sync
Event ID: 16
Date: 03/10/2008
Time: 23:46:20
User: N/A
Computer: AILEENGOMES
Description:
Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the
set schedule. Windows will continue to try to establish a connection.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 30 sult=0x0
0010: 30 30 30 30 30 30 30 20 0000000
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 30 30 30 30 30 30 ={000000
0028: 30 30 2d 30 30 30 30 2d 00-0000-
0030: 30 30 30 30 2d 30 30 30 0000-000
0038: 30 2d 30 30 30 30 30 30 0-000000
0040: 30 30 30 30 30 30 7d 20 000000}
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 30 Number=0
0058: 20 00 .
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 17
Date: 04/10/2008
Time: 00:02:09
User: N/A
Computer: AILEENGOMES
Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an
unreachable host. (0x80072751)
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: Print
Event Category: None
Event ID: 20
Date: 20/08/2008
Time: 13:13:23
User: NT AUTHORITY\SYSTEM
Computer: AILEENGOMES
Description:
Printer Driver Microsoft Office Document Image Writer Driver for Windows NT
x86 Version-3 was added or updated. Files:- mdigraph.dll, mdiui.dll,
mdiui.dll.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Print
Event Category: None
Event ID: 23
Date: 04/10/2008
Time: 03:58:02
User: NT AUTHORITY\SYSTEM
Computer: GOMESCOMPUTER
Description:
Printer Lexmark X1100 Series,0 failed to initialize because a suitable
Lexmark X1100 Series driver could not be found.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 04/10/2008
Time: 00:02:09
User: N/A
Computer: AILEENGOMES
Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. No
attempt to contact a source will be made for 29 minutes. NtpClient has no
source of accurate time.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 30/09/2008
Time: 10:24:30
User: N/A
Computer: AILEENGOMES
Description:
The time service has not been able to synchronize the system time for 49152
seconds because none of the time providers has been able to provide a usable
time stamp. The system clock is unsynchronized.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: NETw4x32
Event Category: None
Event ID: 43
Date: 30/08/2008
Time: 15:55:41
User: N/A
Computer: AILEENGOMES
Description:
The description for Event ID ( 43 ) in Source ( NETw4x32 ) cannot be found.
The local computer may not have the necessary registry information or message
DLL files to display messages from a remote computer. You may be able to use
the /AUXSOURCE= flag to retrieve this description; see Help and Support for
details. The following information is part of the event: .
Data:
0000: 16 00 00 00 01 00 c2 00 ......Â.
0008: 00 00 00 00 2b 00 04 c0 ....+..À
0010: 04 00 03 00 01 00 00 c0 .......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: Win32k
Event Category: None
Event ID: 240
Date: 29/09/2008
Time: 20:45:16
User: N/A
Computer: AILEENGOMES
Description:
A request to suspend power was denied by winlogon.exe.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 02 00 4e 00 ......N.
0008: 00 00 00 00 f0 00 00 80 ....ð..€
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: PlugPlayManager
Event Category: None
Event ID: 256
Date: 23/09/2008
Time: 09:05:56
User: N/A
Computer: AILEENGOMES
Description:
Timed out sending notification of device interface change to window of
"IWMSWindow"
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Dhcp
Event Category: None
Event ID: 1000
Date: 04/10/2008
Time: 12:03:27
User: N/A
Computer: GOMESCOMPUTER
Description:
Your computer has lost the lease to its IP address 192.168.1.3 on the
Network Card with network address 001302476DDE.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Dhcp
Event Category: None
Event ID: 1002
Date: 04/10/2008
Time: 00:14:54
User: N/A
Computer: AILEENGOMES
Description:
The IP address lease 192.168.1.5 for the Network Card with network address
001302476DDE has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 1002
Date: 13/09/2008
Time: 15:22:34
User: N/A
Computer: AILEENGOMES
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {5DA846A4-FEC5-420F-B227-F60C1FFAFCCA}
Scan Type: AntiSpyware
Scan Parameters: Quick Scan
User: AILEENGOMES\Luis Gomes
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1003
Date: 04/10/2008
Time: 12:03:27
User: N/A
Computer: GOMESCOMPUTER
Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001302476DDE. The
following error occurred:
The semaphore timeout period has expired. . Your computer will continue to
try and obtain an address on its own from the network address (DHCP) server.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 79 00 00 00 y...
Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1007
Date: 30/08/2008
Time: 15:56:18
User: N/A
Computer: AILEENGOMES
Description:
Your computer has automatically configured the IP address for the Network
Card with network address 001302476DDE. The IP address being used is
169.254.17.97.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 ....
Event Type: Warning
Event Source: Server
Event Category: None
Event ID: 2504
Date: 04/10/2008
Time: 12:03:44
User: N/A
Computer: GOMESCOMPUTER
Description:
The server could not bind to the transport
\Device\NetBT_Tcpip_{D4F637DF-FA16-4D59-A424-13FAADBF3338}.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: aa 05 00 00 ª...
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 04/10/2008
Time: 01:29:47
User: N/A
Computer: AILEENGOMES
Description:
Windows Defender Real-Time Protection agent has detected changes. Microsoft
recommends you analyze the software that made these changes for potential
risks. You can use information about how these programs operate to choose
whether to allow them to run or remove them from your computer. Allow
changes only if you trust the program or the software publisher. Windows
Defender can't undo changes that you allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {D65F0394-E962-4C07-85D8-E678C7CF66BC}
User: AILEENGOMES\Luis Gomes
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found: driver:WSearchIdxPi
Alert Type: Unclassified software
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Tcpip
Event Category: None
Event ID: 4199
Date: 28/09/2008
Time: 13:59:56
User: N/A
Computer: AILEENGOMES
Description:
The system detected an address conflict for IP address 192.168.1.2 with the
system having network hardware address 00:1D:E0:87:CC:83. Network operations
on this system may be disrupted as a result.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 03 00 50 00 ......P.
0008: 00 00 00 00 67 10 00 c0 ....g..À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 29/09/2008
Time: 19:31:59
User: N/A
Computer: AILEENGOMES
Description:
TCP/IP has reached the security limit imposed on the number of concurrent
TCP connect attempts.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 20/08/2008
Time: 19:42:20
User: N/A
Computer: AILEENGOMES
Description:
The Vodafone Mobile Connect Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 04/10/2008
Time: 02:23:37
User: NT AUTHORITY\SYSTEM
Computer: AILEENGOMES
Description:
DCOM got error "The service cannot be started, either because it is disabled
or because it has no enabled devices associated with it. " attempting to
start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 04/10/2008
Time: 12:48:53
User: GOMESCOMPUTER\Luis Gomes
Computer: GOMESCOMPUTER
Description:
The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM
within the required timeout.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 04/10/2008
Time: 12:15:41
User: NT AUTHORITY\NETWORK SERVICE
Computer: GOMESCOMPUTER
Description:
The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security
permission can be modified using the Component Services administrative tool.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: PSched
Event Category: None
Event ID: 14103
Date: 30/08/2008
Time: 15:55:40
User: N/A
Computer: AILEENGOMES
Description:
QoS [Adapter {D4F637DF-FA16-4D59-A424-13FAADBF3338}]:
The netcard driver failed the query for OID_GEN_LINK_SPEED.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 04 00 02 00 56 00 ......V.
0008: 00 00 00 00 17 37 00 c0 .....7.À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0d 00 01 c0 ...À
Task Manager information:
Peak Memory Usage:
svchost.exe | SYSTEM | 150,840 K
avgw.exe | Luis Gomes | 73,364 K
iexplore.exe | Luis Gomes | 56,512 K
MsMpEng.exe | SYSTEM | 53,424 K
avgas.exe | Luis Gomes | 49,904 K
Virtual Memory Size:
avgw.exe | Luis Gomes | 59,608 K
avgas.exe | Luis Gomes | 53,612 K
guard.exe | SYSTEM | 44,456 K
MsMpEng.exe | SYSTEM | 43,056 K
iexplore.exe | Luis Gomes | 36,508 K
svchost.exe | SYSTEM | 24,856 K
Disk defragmenter report:
Volume Gomes Computer (C
Volume size = 87.03 GB
Cluster size = 4 KB
Used space = 16.80 GB
Free space = 70.23 GB
Percent free space = 80 %
Volume fragmentation
Total fragmentation = 9 %
File fragmentation = 18 %
Free space fragmentation = 0 %
File fragmentation
Total files = 74,645
Average file size = 488 KB
Total fragmented files = 2,229
Total excess fragments = 13,136
Average fragments per file = 1.17
Pagefile fragmentation
Pagefile size = 1.49 GB
Total fragments = 2
Folder fragmentation
Total folders = 8,733
Fragmented folders = 82
Excess folder fragments = 276
Master File Table (MFT) fragmentation
Total MFT size = 104 MB
MFT record count = 83,778
Percent MFT in use = 78 %
Total MFT fragments = 3
--------------------------------------------------------------------------------
Fragments File Size Most fragmented files
348 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP375\snapshot\_REGISTRY_MACHINE_SOFTWARE
339 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP390\snapshot\_REGISTRY_MACHINE_SOFTWARE
328 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP382\snapshot\_REGISTRY_MACHINE_SOFTWARE
324 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP364\snapshot\_REGISTRY_MACHINE_SOFTWARE
323 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP388\snapshot\_REGISTRY_MACHINE_SOFTWARE
316 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP378\snapshot\_REGISTRY_MACHINE_SOFTWARE
315 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP380\snapshot\_REGISTRY_MACHINE_SOFTWARE
314 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP395\snapshot\_REGISTRY_MACHINE_SOFTWARE
314 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP366\snapshot\_REGISTRY_MACHINE_SOFTWARE
309 32 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP372\snapshot\_REGISTRY_MACHINE_SOFTWARE
251 17 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP377\A0154929.exe
241 15 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP387\A0156243.exe
187 12 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP376\A0154876.rbf
185 12 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP387\A0156209.rbf
158 10 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP376\A0154785.rbf
115 114 MB \WINDOWS\Installer\a74e685.msp
114 7 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP371\A0154720.rbf
96 384 KB \Program Files\Microsoft
Office\CLIPART\PUB60COR
95 6 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP376\A0154835.rbf
64 4 MB \Program Files\Microsoft
Office\OFFICE11\1033\ACMAIN11.CHM
61 339 KB \Documents and Settings\Luis
Gomes\Desktop\My Mobile Pictures\Thumbs.db
56 478 KB \Documents and Settings\Luis Gomes\My
Documents\My Pictures\My mobile phone Pictures\Thumbs.db
55 3 MB
\WINDOWS\SoftwareDistribution\Download\13d5d266d7681d26b42f8dff88cadc20\SP2GDR\mshtml.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP389\A0156346.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP386\A0156161.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP396\A0156609.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP390\A0156392.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP393\A0156508.dll
53 3 MB \System Volume
Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP390\A0156391.dll
Will also do the remaining disk cleanup and system restore cleanup, which I
do every so often.
Thanks,
Best regards,
L