The System Info page is used for at-a-glance problem diagnosis,Quality Assurance purposes, and as a shortcut to common tasks not limited to information gathering alone.
Many items on this tab can be CLICKED on to perform various functions. If you see your mouse cursor turn to a HAND, then you can click it for some function. Go ahead, click and see what happens!
NOTE: If a field is too short to display all the information, hover your mouse over the label to see the full information in a tooltiptext popup.
Items appearing in BLUE deserve your attention, but are not ‘wrong’ in any way, they are merely worthy of your attention, for example if a PC is on a Domain then that Domain name appears in BLUE, because it is in fact, on a Domain and not in a workgroup, something you should know about when working on a system.
Items appearing in RED means there is something wrong or something definitely needs your attention.
In the Info column:
- Install Date – The data Windows was installed (or repair-installed)
- Last Run – The last time d7 was run on this PC. This value is stored in the registry, can be stamped manually by clicking this label, or can be automatically stamped by enabling the option “Store last d7 run time in the registry” in Config > Behavior > General Behavior.
- Last Maint – The last time d7 maintenance (or dSupportSuite maintenance) was run on this system – also a value stored in the registry.
- Winsxs – The current size of the WindowsWinsxs folder.
- Minidumps – The last minidump (crash dump) generated by the system will be displayed here with the date/time. Clicking the dump will launch Nirsoft’s Bluescreenview for analyzing the dumps.
- Boot Time – (Vista+) this option displays the result of a WMI query to Windows performance counters. Note these are not always accurate.
- System Uptime – The amount of time the system has been ‘up’ since the last boot.
- Win Mode – Environment, e.g. Normal mode, Safe mode, etc.
- # / Name – This displays the current ticket / work order number and client name as entered in the prompt when d7 first starts on a new PC it has never run on previously (when that option is enabled.) This information is used by variables composing the reports directory naming conventions, configured in Config > Reports. Click this item to change the information.
- Username – current user name as reported by the %username% environment variable.
- Profile Path – The user’s profile directory as reported by the %userprofile% environment variable.
- ComputerName – The computer name as reported by the %computername% environment variable.
- Domain – Reports if the PC is joined to a domain, of course! Item will appear in BLUE if so.
- Anti-Virus – Reports the A/V software installed as reported by Windows Security Center via WMI. Item will be RED when disabled, outdated, or multiple products are installed.
- Anti-Spy – Reports anti-spyware apps installed as reported by Windows Security Center via WMI. (Vista+, not reported on XP) Item will be RED when disabled, outdated, or multiple products are installed.
- Firewall – Reports any firewall software installed as reported by Windows Security Center via WMI. Item will be RED when disabled, outdated, or multiple products are installed.
- UAC – Displays User Account Control status. Clicking this item will toggle UAC on/off. Obviously it does nothing on sub-Vista systems.
- MSConfig – Reports MSConfig status (Normal, Diagnostic, or Selective Startup modes.)
- System – Detects the system string from the BIOS as filled in by the OEM.
- MB – Gives the motherboard info retrieved from the BIOS, and hopefully the motherboard model number. In the case of a DELL system, it will give the Dell Service Tag instead of the motherboard model number. Clicking on this label will offer you the option to go directly to the downloads section of the motherboard manufacturer’s website, and will also copy the model number of the motherboard to the clipboard, so you can paste it directly into the search box. For a Dell system, it copies the service tag to the clipboard instead. Also on a Dell system, if you choose NO to go to the downloads, it will offer you the option to check the Dell warranty status for that particular service tag.
- BIOS – obvious
- CPU – Line one gives the registry string of the CPU, and line two gives the actual speed and HT/Core/CPU count. (D7 cannot differentiate between HT and Multiple core or multiple CPU systems.)
- Video – Gives video info. This can be incorrect if you have (or once had) multiple video adapters installed on the system. Clicking this item offers to take you to the video manufacturer’s downloads section of their website.
- Res – The current screen resolution / color depth.
In the Alerts Column:
- Windows Activation check
- Windows Service Pack alert
- IE version alert
- RAM alert – alerts you when RAM is either running low, or just needs an upgrade. D7 decides your RAM needs an upgrade if you aren’t running at least 1GB on WinXP, or 2GB on Vista+
- Check Event Log – Appears in RED if there are errors in the event logs since the last system reboot. Appears in BLUE if there are only warnings since the last system reboot. Click this item to launch d7’s internal event viewer.
- Paging File size check
- Free Space check (alerts when less than 15% of the OS partition is available.)
- User Profile path check (alerts when d7 believes you are logged into a TEMP profile.)
- A/V alert – D7 alerts you when you either have no anti-virus installed, or multiple anti-virus packages installed. Click to open d7’s internal Windows Security Center options dialog.
- Automatic Updates check. Click to launch either Windows dialog or d7’s own Automatic Updates configuration panel.
- System Restore check – Note does not alert if System Restore is BROKEN, only if it is enabled/disabled.
- Event Log check – alerts when anomalies are found since the last reboot only (blue when warnings appear, and red when errors appear.) Click to open d7’s internal event viewer with several nice options over the Windows event viewer.
- Dirty Volume check – alerts when a partition is flagged as ‘dirty’ and marked for chkdsk on reboot.
- PIO Mode check – If d7 suspects a device is in PIO mode that should be in DMA, clicking this item will apply a fix for the issue which requires a restart of Windows. Sometimes the alert is false, as d7 cannot differentiate between MWDMA2 and PIO mode, however applying the fix regardless has no adverse effects. See this option on the Repair tab for more details on the actual repair being performed.
- Device Manager check, click to bring up a devman window where you can google the issue.
- CEIP check – alerts when the Customer Experience Improvement Program is enabled within Windows. Clicking this item will bring up the Windows dialog allowing you to en/disable this item.
* SPECIAL NOTE – Anti-Virus Software Detection
I get many questions regarding d7’s Anti-Virus software detection, and how it works. Mostly people wonder:
- Why is it detecting A/V software (or even fake or rogue A/V software) that I have removed from the system?
- Why does it not detect _______ A/V software?
Maybe this will answer your question. How it works: d7 doesn’t detect Anti-Virus software installations themselves. Instead, d7 queries Windows Security Center (WSC) via a WMI call. d7 only reports back to you what WSC returns in the WMI query.
When Anti-Virus software installs, it registers itself with WSC (or it should, however some off brand A/V packages and even reputable ones that didn’t install 100% properly may not correctly register themselves with WSC…)
When Anti-Virus software is uninstalled, it removes itself from WSC (OR IT SHOULD.) Some A/V uninstallers merely do not remove themselves from WSC. In the case of ripping malware (rogue A/V’s) out of a system that have registered themselves with WSC, obviously that information wouldn’t be removed from WSC.
But how to fix these phantom entries? Simply click on the alert to bring up d7’s internal WSC options dialog, where you can selectively remove these phantom entries.
How to see what Windows sees and verify d7 is correct – and how to pluck out a specific A/V no longer present without using d7’s Repair functionality.
- From an elevated (admin) command prompt, type WBEMTEST and hit enter.
- In the new window, click the Connect button
- In the new window, under the Namespace entry, type rootSecurityCenter and click the Connect button
- Next click the EnumInstances button, and in the box type AntiVirusProduct
The final window that pops up will show you what Windows thinks is the Antivirus software (and what d7 queries to get it’s information). From here, you should be able to selectively delete A/V products that are no longer installed.
Windows 10/11 built-in Ransomware Protection (Controlled Folder Access) and CryptoPrevent (repost) CryptoPrevent version 21.7.23 adds a new setting for “Controlled...