Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Problems


  • This topic is locked This topic is locked
17 replies to this topic

#1 Kaiser01

Kaiser01

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 04 December 2010 - 02:41 PM

Hi

Big window pops up when trying to acess the internet etc.. after 5- 10 minutes Window says Failure Security Options with a big red x.only option is okay. Been happening off and on I have vista 64 and have norton 360 on mine. I've ran check disk = okay. I also wonder what could be going on.

Edited by hamluis, 04 December 2010 - 05:55 PM.
Split post, created new topic ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 05 December 2010 - 12:25 AM

1. Click Start, click Run, type chkdsk /f /r, and then click OK.
2. At the command prompt, type Y to let the disk scanner run when you restart the computer.
3. Restart the computer.
4. Chkdsk will run.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Kaiser01

Kaiser01
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 21 December 2010 - 08:17 PM

Sorry it took so long , couldn't find it to recently. Have had printer nightmare. I will try to do it. I repaired vista 64 due to the printer issue been doing okay. I had to turn off side bar on vista. Hasn't really done it since. I will try what you suggested when I get a chance and reply back


Thanks
Kaiser01

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 21 December 2010 - 08:38 PM

No problem :)

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Kaiser01

Kaiser01
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 25 December 2010 - 02:24 PM

Tried that still nothing.

Okay here is an update, I logged in as admin due to the fact I have other people with profiles on it. Home"" a pop up after I tried using win mail or ie8 or norotn 360 all froze and came up the box Window says Failure Security Options with a big red x.only option is okay. Had to power off and restart using the power button sorry took so long.

Merry Christmas

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 25 December 2010 - 05:17 PM

Please download VEW and save it to your Desktop: http://images.malwareremoval.com/vino/VEW.exe

Double-click VEW.exe then under Select log to query, select:
Application
System


Under Select type to list, select:
Critical (Vista only)
Error


Click the radio button for Number of events
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

In Notepad, click Edit > Select all then Edit > Copy
Reply to this post, click in the reply window and press Ctrl+V on your keyboard to paste the log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Kaiser01

Kaiser01
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 25 December 2010 - 08:20 PM

Here log below, I replaced my name in the log with ""my name" I appreciate your help.

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 25/12/2010 7:09:19 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 25/12/2010 11:53:22 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 25/12/2010 5:45:53 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 25/12/2010 5:23:28 PM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\my name\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPMANAGER\MANIFEST\APPMGR_MANIFEST.CAB> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 25/12/2010 5:17:46 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 23/12/2010 11:38:37 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 23/12/2010 2:50:57 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application iexplore.exe, version 8.0.6001.18999, time stamp 0x4ccf92fb, faulting module mshtml.dll, version 8.0.6001.18999, time stamp 0x4ccfa8d4, exception code 0xc0000005, fault offset 0x00029def, process id 0xde4, application start time 0x01cba24b7f38b150.

Log: 'Application' Date/Time: 23/12/2010 2:39:38 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 22/12/2010 11:42:05 AM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\my name\APPDATA\LOCAL\MICROSOFT\TOOLBAR\APPMANAGER\MANIFEST\APPMGR_MANIFEST.CAB> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


Log: 'Application' Date/Time: 22/12/2010 11:33:11 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 22/12/2010 3:51:21 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 21/12/2010 10:33:48 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 21/12/2010 10:05:42 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 21/12/2010 11:35:43 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 21/12/2010 3:15:56 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 20/12/2010 10:05:29 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 20/12/2010 11:29:46 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 19/12/2010 7:35:55 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 19/12/2010 3:31:43 PM
Type: Error Category: 3
Event: 215 Source: ESENT
WinMail (5012) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Log: 'Application' Date/Time: 19/12/2010 3:14:59 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 18/12/2010 4:37:48 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/12/2010 11:53:23 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 25/12/2010 5:52:02 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 25/12/2010 5:45:55 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 25/12/2010 5:45:40 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 11:43:22 AM on 12/25/2010 was unexpected.

Log: 'System' Date/Time: 25/12/2010 5:17:47 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 23/12/2010 11:38:38 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 23/12/2010 2:39:39 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 22/12/2010 11:33:12 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 22/12/2010 3:51:23 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SMR161

Log: 'System' Date/Time: 22/12/2010 12:12:45 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Log: 'System' Date/Time: 21/12/2010 10:29:39 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The HP Health Check Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 20/12/2010 2:03:27 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The LogMeIn Rescue (7cf1e784-2abe-4f5f-a0be-430d98495814) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Log: 'System' Date/Time: 16/12/2010 11:17:36 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {0228576F-6E6C-4E1A-B175-0E46A316AFE2} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 15/12/2010 3:17:37 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.

Log: 'System' Date/Time: 15/12/2010 3:17:07 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.

Log: 'System' Date/Time: 09/12/2010 2:27:21 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 08/12/2010 11:25:14 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {31371420-098D-4C0E-A11E-EBEC2305DD01} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 08/12/2010 10:57:49 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Background Intelligent Transfer Service service hung on starting.

Log: 'System' Date/Time: 08/12/2010 2:58:17 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 07/12/2010 3:32:10 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 25 December 2010 - 10:00 PM

How long ago did the issue start?
More, than couple of days ago?

What concerns me in your log the most is this:
The following boot-start or system-start driver(s) failed to load: SMR161
I can't find any reference to any SMR161.sys file.
May be something malicious, but before we go there, please answer my first questions.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Kaiser01

Kaiser01
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 26 December 2010 - 12:12 AM

I say about 1 1/2 ago. I've had nightmares with my hp printer software not being able to work, did a vista repair, and it does. Outcome of that was slower computer, and the security message only came up after a few days later. I appreciate the prompt response. The main thing in the last couple of weeks, when I first startup, it takes a while to get into winmail and etc.. if i click too soon it takes a few minutes , and says not responding.

Thanks
Kaiser01

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 26 December 2010 - 01:22 PM

Try system restore to a few day ago...

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Kaiser01

Kaiser01
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 29 December 2010 - 10:38 PM

It has been doing this more than a couple of days same restore backup. My backup was disabled before this all happened. I had 2 sets and used one before. I hate to reset all to factory settings. I havent used it since Sunday and seems like it worse. slower now. What could it be? Everything seems not to respond here and there. Is there any way to catch what is going on?

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 29 December 2010 - 10:54 PM

With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread and post a DDS log HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. Help is on the way!

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Kaiser01

Kaiser01
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 PM

Posted 31 December 2010 - 09:13 PM

Thanks for all the help , havent been able to do the dds etc.. One thing?? I used malaware antibytes and it did come up with the following below.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\My Web Search Bar Search Scope Monitor (Adware.MyWebSearch) -> Value: My Web Search Bar Search Scope Monitor -> Quarantined and deleted successfully

I will try to do the new thread for this , but in the meantime what do you think?? By the way norton 360 didnt show this and when I tried to use the mywebsearch remover, told me wasnt on there, and afterwards in a couple of hours, I tried to use my id log in toolbar , wasn't there. Notified norton of it.

Thanks

Have a happy new year!!
Kaiser01

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:25 AM

Posted 31 December 2010 - 09:22 PM

I can't comment on malware related issues.
You need to create new topic in malware forum.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 hamluis

hamluis

    Moderator


  • Moderator
  • 55,738 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:25 PM

Posted 01 January 2011 - 09:12 AM

BleepingComputer.com - Am I infected What do I do - http://www.bleepingcomputer.com/forums/forum103.html . If you initiate a new thread there, please follow suggested admin rules/procedures listed there.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users