New
#11
It refuses to export .evtx so I had to do it as xml - if you really need evtx I'll try a remote connection, but I'm not sure that machine is set up for it.
https://www.dropbox.com/s/ikkizedd0r....2015.zip?dl=0
It refuses to export .evtx so I had to do it as xml - if you really need evtx I'll try a remote connection, but I'm not sure that machine is set up for it.
https://www.dropbox.com/s/ikkizedd0r....2015.zip?dl=0
Odd - but that may itself indicate the source of a problem....
There's a mass od duplications in both files, and I'm not used to working with the xml variant anyhow, so this is going to take some heavy lifting.
Back when I can sort through it!
It seems it won't let me remote connect ( mostly I suspect because I have a domain & it's not on it, and the controller is a bit broken ) - would you like me to export csv or flat text instead?
You're probably going to hate me for this but after trying a few, I found an alternative event viewer which *did* export to evtx ( thankfully, I was running out of alternatives ). Another 5 days of events in there though...
https://www.dropbox.com/s/01mqe9esns....2015.zip?dl=0
Thanks for that!
There's actually not a lot of problems there - the biggest source of errors appears to be a scheduled task that may be generating a mass of EventID 1903 errors in HHCTRL.
Often, this is SpyBot's Updating service, or another updater service for an AV or similar.
In your case, there appear to be two such tasks - each generating an error every 5 minutes.
Please check your Scheduled Tasks for entries that have such frequency, and see if anything shouts at you.
If it is Spybot, then I would suggest uninstalling it, since it's not very well-regarded any more.
What AV and/or Firewall are you using? what other AV's have ever been installed?
It was running the full Comodo suite which I did my best to get rid of ( it seems successfully ) while troubleshooting. Currently it's using MS Defender & no AV, but I'm vetting everything on my PC & copying across.
There were bits of Spybot left so I think I got rid of those. All i can see left in the task scheduler is innocuous-looking microsoft tasks. What would be a recommended spybot replacement for a user who is scared of computer security? :)
Malwarebytes Anti-Malware - free version. Malwarebytes | Free Anti-Malware & Internet Security Software
As far as AV is concerned, then MSE is almost certainly good enough for you unless you make a habit of going to dangerous sites.
Both run perfectly fine on the default settings.
Right, I'll throw that on for her. I run comodo myself mostly because I started using the firewall for the fine grain control & ended up using the AV as well.
So, what's the next diagnostic?