Thank you so much for your post, I am definatly not sure its a virus, i guess
that was just my 1st assumption, at one point my bit defender virus scan
would not work, then when i tried a few days later it worked and deleted 4
trojans...
here are the error logs, there were several of each kind, but i tried to
just post one of each... Thanks alot for your help!
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 6/19/2009
Time: 12:07:02 PM
User: N/A
Computer: IBM-CF19D4E780E
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module
flash10b.ocx, version 10.0.22.87, fault address 0x000da264.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 62 2e 6f 63 78 h10b.ocx
0040: 20 31 30 2e 30 2e 32 32 10.0.22
0048: 2e 38 37 20 61 74 20 6f .87 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 30 64 61 32 36 34 0d 0a 0da264..
Event Type: Error
Event Source: Application Hang
Event Category: (101)
Event ID: 1002
Date: 6/19/2009
Time: 11:08:06 AM
User: N/A
Computer: IBM-CF19D4E780E
Description:
Hanging application firefox.exe, version 1.9.0.3439, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 66 69 72 65 66 6f firefo
0018: 78 2e 65 78 65 20 31 2e x.exe 1.
0020: 39 2e 30 2e 33 34 33 39 9.0.3439
0028: 20 69 6e 20 68 75 6e 67 in hung
0030: 61 70 70 20 30 2e 30 2e app 0.0.
0038: 30 2e 30 20 61 74 20 6f 0.0 at o
0040: 66 66 73 65 74 20 30 30 ffset 00
0048: 30 30 30 30 30 30 000000
Event Type: Warning
Event Source: Userenv
Event Category: None
Event ID: 1517
Date: 6/11/2009
Time: 3:09:25 AM
User: NT AUTHORITY\SYSTEM
Computer: IBM-CF19D4E780E
Description:
Windows saved user IBM-CF19D4E780E\Administrator registry while an
application or service was still using the registry during log off. The
memory used by the user's registry has not been freed. The registry will be
unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring
the services to run in either the LocalService or NetworkService account.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: NTBackup
Event Category: None
Event ID: 8019
Date: 6/10/2009
Time: 10:56:14 PM
User: N/A
Computer: IBM-CF19D4E780E
Description:
End Operation: Warnings or errors were encountered.
Consult the backup report for more details.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: COM+
Event Category: (107)
Event ID: 4830
Date: 6/10/2009
Time: 10:39:32 PM
User: N/A
Computer: IBM-CF19D4E780E
Description:
COM+ has determined that your machine is running very low on available
memory. In order to ensure proper system behavior, the activation of the
component has been refused. If this problem continues, either install more
memory or increase the size of your paging file. Memory statistics are:
dwMemoryLoad = 83
ullTotalPhys = 0x01feec000
ullAvailPhys = 0x0053b1000
ullTotalPageFile = 0x03604b000
ullAvailPageFile = 0x002b69000
ullTotalVirtual = 0x07ffe0000
ullAvailVirtual = 0x07cdc7000
Process Name: svchost.exe
Comsvcs.dll file version: not loaded
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: VSS
Event Category: None
Event ID: 12292
Date: 6/10/2009
Time: 10:39:32 PM
User: N/A
Computer: IBM-CF19D4E780E
Description:
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider
COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x8007000e].
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 43 4f 52 53 4f 46 54 43 CORSOFTC
0008: 37 30 00 00 00 00 00 00 70......
0010: 43 4f 52 53 4f 46 54 43 CORSOFTC
0018: 36 30 00 00 00 00 00 00 60......
Event Type: Error
Event Source: JavaQuickStarterService
Event Category: None
Event ID: 1
Date: 6/10/2009
Time: 4:50:03 PM
User: N/A
Computer: IBM-CF19D4E780E
Description:
The description for Event ID ( 1 ) in Source ( JavaQuickStarterService )
cannot be found. The local computer may not have the necessary registry
information or message DLL files to display messages from a remote computer.
You may be able to use the /AUXSOURCE= flag to retrieve this description; see
Help and Support for details. The following information is part of the event:
Access violation at 0x4010ae, access to 0x00000000
.
Event Type: Error
Event Source: Microsoft Office 11
Event Category: None
Event ID: 1000
Date: 6/10/2009
Time: 3:57:20 PM
User: N/A
Computer: IBM-CF19D4E780E
Description:
Faulting application powerpnt.exe, version 11.0.5529.0, stamp 3f281ac3,
faulting module msdaps.dll, version 2.81.1132.0, stamp 4802a136, debug? 0,
fault address 0x0000bf4b.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 00 70 00 70 00 6c 00 A.p.p.l.
0008: 69 00 63 00 61 00 74 00 i.c.a.t.
0010: 69 00 6f 00 6e 00 20 00 i.o.n. .
0018: 46 00 61 00 69 00 6c 00 F.a.i.l.
0020: 75 00 72 00 65 00 20 00 u.r.e. .
0028: 20 00 70 00 6f 00 77 00 .p.o.w.
0030: 65 00 72 00 70 00 6e 00 e.r.p.n.
0038: 74 00 2e 00 65 00 78 00 t...e.x.
0040: 65 00 20 00 31 00 31 00 e. .1.1.
0048: 2e 00 30 00 2e 00 35 00 ..0...5.
0050: 35 00 32 00 39 00 2e 00 5.2.9...
0058: 30 00 20 00 33 00 66 00 0. .3.f.
0060: 32 00 38 00 31 00 61 00 2.8.1.a.
0068: 63 00 33 00 20 00 69 00 c.3. .i.
0070: 6e 00 20 00 6d 00 73 00 n. .m.s.
0078: 64 00 61 00 70 00 73 00 d.a.p.s.
0080: 2e 00 64 00 6c 00 6c 00 ..d.l.l.
0088: 20 00 32 00 2e 00 38 00 .2...8.
0090: 31 00 2e 00 31 00 31 00 1...1.1.
0098: 33 00 32 00 2e 00 30 00 3.2...0.
00a0: 20 00 34 00 38 00 30 00 .4.8.0.
00a8: 32 00 61 00 31 00 33 00 2.a.1.3.
00b0: 36 00 20 00 66 00 44 00 6. .f.D.
00b8: 65 00 62 00 75 00 67 00 e.b.u.g.
00c0: 20 00 30 00 20 00 61 00 .0. .a.
00c8: 74 00 20 00 6f 00 66 00 t. .o.f.
00d0: 66 00 73 00 65 00 74 00 f.s.e.t.
00d8: 20 00 30 00 30 00 30 00 .0.0.0.
00e0: 30 00 62 00 66 00 34 00 0.b.f.4.
00e8: 62 00 0d 00 0a 00 b.....
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1090
Date: 6/9/2009
Time: 8:06:18 AM
User: NT AUTHORITY\SYSTEM
Computer: IBM-CF19D4E780E
Description:
Windows couldn't log the RSoP (Resultant Set of Policies) session status. An
attempt to connect to WMI failed. No more RSoP logging will be done for this
application of policy.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 10005
Date: 4/12/2009
Time: 6:13:15 PM
User: IBM-CF19D4E780E\Administrator
Computer: IBM-CF19D4E780E
Description:
Product: Norton WMI Update -- A product that requires Norton WMI Update is
still installed on this system.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 31 35 32 36 44 38 37 {1526D87
0008: 43 2d 41 39 35 35 2d 34 C-A955-4
0010: 46 41 42 2d 42 46 31 38 FAB-BF18
0018: 2d 36 39 37 42 41 34 35 -697BA45
0020: 37 45 33 35 32 7d 7E352}
nass said:
maai said:
Problem started when I tried to turn on my computer and it stopped on a black
screen with white letters saying "operating system not found"
I went into the diagnostic center and it passed all tests...
I tried re-booting it, and it went a little further in the rebooting process
(to the blue screen that says "please wait while windows starts") but error
messages kept popping up saying that data on c:/ was not able to be
saved...c:/system32 was not able to be saved etc...etc...
when you go to close the error messages it just starts the reboot process
again and goes in a vicious cycle...
everything was FINE the night/week etc. before...
Now I have been able to turn on my computer (not sure why, it just turned on
one day). I have been afraid to turn it off for several days because I know
there's still a problem. When I'm on the internet (with Internet Explorer or
Firefox) it keeps closing down on me. Also, my speakers stopped working for
a while, then for no apparant reason worked again for a few days, then just
stopped working again.also sometimes applications refuse to open and give
error messages.
I've been debating whether or not throwing my laptop against a wall will
solve this problem >:-l
Hi,
Your issue can be either a corrupt applications, bad Hard drive ( I know you
said you run a complete test, not always accurate) or a virus as you said but
what made you assume that?
Try to perform a System Restore to a working day/Restore point or give us
the list of errors in the Event Viewer.
Have a look in the Event Viewer and send us the error messages you will see
there in in the event viewer in your next post:
Open a Notepad, customize or minimize to the taskbar as you will need it
later for this step to copy the error message on it.
Open a run command and type in:
eventvwr.msc click [OK] you will get the Event viewer control Panel.
click on each of these:
Application
System
Security
Look in the right Pane/window for error message with red (X) or Yellow
exclamation mark /!\ , double click each one to get more info about the
causer.
On the Event error properties message you will see:
Up Arrow
Down arrow
Two pages
