Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post Google Hijacker/Google Search Result vir ...
Go to first new post server not found
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Ramnit virus, nearly cleared
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post Network, good; Internet, bad
Go to first new post Windows live Messenger Virus
Go to first new post We Got System Checked :-(
Go to first new post This setup thing keeps popping up everyd ...
Go to first new post Extremely unresponsive, massive hang-ups ...
Go to first new post Trojan:dos/alureon.E still here!
Go to first new post Cannot access any google sites - youtube ...
Go to first new post "Congratulations, you won" &am ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Microsoft Visual C++ Runtime Library Buf ...
Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
I'm concerned someone is hacking into my laptop (In Progress)

Reply  
Thread Tools
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
10-Jul-2009, 08:31 AM #1
I'm concerned someone is hacking into my laptop
I bought a new laptop (Compaq Presario CQ60) a few day ago and im worried someone is hacking in because every so often (2-3 times per day) I get the "Duhh-Dumm" USB unplug sound and all the lights on my hard drives start to flash, including my 3 external hard drives. I've checked that all the USB drivers are up to date.
Also yesterday for no reason that I can find. When I turned my laptop on, my anti-virus software said their was a problem (I use windows OneCare) When I opened it up to see what it was, it said my firewall and Malware protection was turned off and it asked if I wanted to turn it back on but it wouldn't do anything when I selected 'yes'.
I ran Spybot S&D which returned a list of things which in all honesty I can't remember what they were but I told it to fix them anyway. I hoped this would resolve everything but it never, I still get the USB unpluging on it's own.

Sorry this is such a long post, but I want to make sure you guys know everything so their are no misunderstandings.

The USB's I use:
1 port has an external 'Maxtor' hard drive
Another port has a mouse mat with a built in USB hub and I have two other external hard drives plugged into that hub as well as an external DVD re-writer and a webcam.

I used the same hard drives and set up on my old computer.

I have no idea if this is relevent or not but I noticed that it happened to me on two different occasions when I was watching an online video on the same website. When I viewed this site today for the first time my anti-virus didn't like the site and it asked me to take action and quarentine something. Could this website have planted something malicious on my computer on previous visits.

Finally i know we are not allowed to request support for P2P downloading but just to make sure I have covered everything I want to point out that whenever I download something and the USB unplugs itself all torrents break. Does this suggest that all the USB connections are breaking?

Please help me resolve this.
Register for free to hide this ad!
daniel_b2380's Avatar
Distinguished Member with 2,456 posts.
  
Join Date: Jan 2003
Location: mid-atlantic
10-Jul-2009, 11:25 AM #2
richard,
welcome to tech support guy,

Quote:
....Finally i know we are not allowed to request support for P2P downloading....
this is NOT meant as some kind of lecture to you - just information

the biggest percentage of p2p users are just regular people - really no different than anyone else - [no special 'marking' on their hand -or- forehead, whatever..] - and i doubt that there is anyone amonst us who can say they DON'T want, or would enjoy something for free

however, there is that small percentage of people in this world, who, for whatever reason, have a completely different outlook on life - be it boredom - or a just plain malicious attitude in general - whatever... write / embed all sorts of malware into what there are 'sharing' - so when the unsuspecting innocent downloads that item - then they begin to experience all the problems with their computer such as you are having

it is a known fact that the percentage of those who use their computers with a 'best practices' approach have a much lower number of problems than those who partake of the downloading from p2p torrents

besides which, there are enough problems we face with using the 'legal' softwares we acquire from reputable sources - the glitches, incompatabilities and 'bugs' - why would anyone want any more???

so i guess it comes down to the thought of just how much is that FREE item going to COST you in the long run - rather it is the $$$$ spent if you had just bought it, or the time it takes to straighten out the 'mess' it caused - 'cause 'lost time' - [and frustration], does equal $$$$

[just my opinion]
__________________
daniel b . . . . . . . hope this helped, have a good day!!!
if i have helped you, please consider making a donation to help support this site
daniel_b2380's Avatar
Distinguished Member with 2,456 posts.
  
Join Date: Jan 2003
Location: mid-atlantic
10-Jul-2009, 11:26 AM #3
richard,
now, to your problem,

you might download and run this program
TrendMicro HijackThis
http://www.trendsecure.com/portal/en...ols/hijackthis

then click on the button:
'do a system scan and save a logfile'

DO NOT CLICK ON FIXING ANYTHING WITH THE PROGRAM
[most of the info there-in is harmless]

save the logfile to your desktop - [or somewhere convenient to remember]
then COPY that logfile and paste it into a post here so that one of the forum's certified malware experts can take a look at it and give you some valid suggestions, and, if you DO have a virus, - [spyware, malware, whatever], help you clean it up
__________________
daniel b . . . . . . . hope this helped, have a good day!!!
if i have helped you, please consider making a donation to help support this site
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,286 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
10-Jul-2009, 11:38 AM #4
Quote:
Originally Posted by RichardReeve View Post
I have no idea if this is relevent or not but I noticed that it happened to me on two different occasions when I was watching an online video on the same website. When I viewed this site today for the first time my anti-virus didn't like the site and it asked me to take action and quarentine something. Could this website have planted something malicious on my computer on previous visits.
It's possible the web site has been compromised but it would help to know what your anti-virus detected so please check the log and report back on that along with the HijackThis log.
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
10-Jul-2009, 12:15 PM #5
Hijack This Log
Thanks for the wise words in regards to P2P. I really had no idea that downloading this way was so risky and damaging to my computer. I always scan every file before I unzip or run it, but I guess if its as prevelent as you say, then things will get past this. Thanks for the info.

Here's the log from HijackThis, am I right to think this is all the services running on my computer?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:04:06, on 10/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Users\richard-personl\Desktop\New Folder\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...esario&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...esario&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...esario&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [O2Start] C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe /s
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6915 bytes
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,286 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
10-Jul-2009, 05:07 PM #6
I don't see anything but not everything shows in a HijackThis log. I would think there should be a service for Windows OneCare Live.

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
__________________
Microsoft MVP - Consumer Security
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
11-Jul-2009, 01:08 PM #7
Sorry for the delay in my reply. The Malwarebytes' scan is currently running so I will upload the report as soon as it's finished.
Since my last post my Onecare Anti-virus has failed to start the firewall and malware protection when I turn on my laptop and both times it wouldn't do anything when I select to turn it back on. Also one other thing, If im watching a video online or offline (using VLC) if the USB sound goes and all the drives start to flash, the video freezes and when it starts again it has no sound so I have to re-play the whole video again. Just wanted to point this out because it could be relevent.
Anyway, I'll do as you asked and upload the report as soon as the scan is finished, fingers crossed it manages to find and remove the problem.
Thanks for your help so far, I really do appriciate it.
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
11-Jul-2009, 02:38 PM #8
Heres the completed scans. Apparently nothing was detected. Does this mean my system is definatly clean?

My First attempt at the scan didn't work. The application froze and stayed greyed out with 'not responding' at the top. I opened the task manager and it was the only app running
my CPU was going up and down from 1% to 15% and my memory usage was at 57% so I'm not sure why it wasn't
responding. It wouldn't even close when I tried to end the task in the task manager. I had to basically
turn my laptop off by the power button and re-start it.
When I restarted it I kept getting a window pop up telling me a new device had been found but then it said
unidentified device ---> device unplugged. Then Another box kept asking me to instal the driver, locate the driver or ask
me later this box kept appearing and disappearing.

Here is the information from windows 'problem Reports and solutions' for
the hanged attempt to run the first scan.

Description
A problem caused this program to stop interacting with Windows.

Problem signature
Problem Event Name: AppTermFailureEvent
OS Version: 6.0.6001.2.1.0.768.2
Locale ID: 2057

Files that help describe the problem
mbam.exe.atk.kdmp
mbam.exe.mu.dmp
mbam.exe.xml
Version.txt

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.
------------------------------------------------
The quick scan report:

Malwarebytes' Anti-Malware 1.38
Database version: 2407
Windows 6.0.6001 Service Pack 1

11/07/2009 17:28:15
mbam-log-2009-07-11 (17-28-15).txt

Scan type: Quick Scan
Objects scanned: 74776
Time elapsed: 4 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


------------------------------------------------------------------------

------------------------------------------------------------------------------
I decided to do a full scan of my external hard drives as well. Don't know if this
was needed but I thought why not. Heres the report for that:

Malwarebytes' Anti-Malware 1.38
Database version: 2407
Windows 6.0.6001 Service Pack 1

11/07/2009 17:54:31
mbam-log-2009-07-11 (17-54-31).txt

Scan type: Full Scan (D:\|G:\|)
Objects scanned: 128239
Time elapsed: 24 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
--------------------------------------------------------------
It was strange how it wouldn't respond on my first attempt. Also I was asked by Spybot to allow or dis-allow a registry edit made by Malwarebytes' after it had been installed. I did allowed it.

Hope all this info helps
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,286 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
11-Jul-2009, 03:11 PM #9
Please go to Start - Run - type in eventvwr.msc to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.
__________________
Microsoft MVP - Consumer Security
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
11-Jul-2009, 04:25 PM #10
Event Logs
Here are the event logs for application errors in the last 24hrs:


---------------------------------------------------------------------



Application ERRORS:





----------------------------------------------------------------------

Log Name: Application
Source: Microsoft-Windows-WMI
Date: 11/07/2009 17:18:20
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T16:18:20.000Z" />
<EventRecordID>1060</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>

------------------------------------------------------------------
Log Name: Application
Source: Microsoft-Windows-WMI
Date: 11/07/2009 08:31:17
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:31:17.000Z" />
<EventRecordID>1019</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>
----------------------------------------------------------------------------

Log Name: Application
Source: Microsoft-Windows-WMI
Date: 10/07/2009 12:58:51
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:58:51.000Z" />
<EventRecordID>982</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>
--------------------------------------------------------------------------------------
Log Name: Application
Source: Microsoft-Windows-WMI
Date: 10/07/2009 11:14:13
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T10:14:13.000Z" />
<EventRecordID>934</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>
--------------------------------------------------------------------------

Log Name: Application
Source: Microsoft-Windows-WMI
Date: 09/07/2009 16:27:20
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-09T15:27:20.000Z" />
<EventRecordID>895</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>

---------------------------------------------------------------------------

Log Name: Application
Source: Microsoft-Windows-WMI
Date: 09/07/2009 09:40:39
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-09T08:40:39.000Z" />
<EventRecordID>854</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>

------------------------------------------------------------------------------

Log Name: Application
Source: Microsoft-Windows-WMI
Date: 09/07/2009 09:34:37
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152">10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-09T08:34:37.000Z" />
<EventRecordID>824</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>

---------------------------------------------------------------------
I have to make a seperate post for the system errors because the post is longer than allowed.
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
11-Jul-2009, 04:26 PM #11
event logs 2
---------------------------------------------------------------------



SYSTEM ERRORS:





----------------------------------------------------------------------
Log Name: System
Source: Service Control Manager
Date: 11/07/2009 17:18:21
Event ID: 7000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7000</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T16:18:21.000Z" />
<EventRecordID>7993</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Parallel port driver</Data>
<Data Name="param2">%%1058</Data>
</EventData>
</Event>

-----------------------------------------------------------------------------
Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 11/07/2009 17:18:04
Event ID: 15016
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T16:18:04.601Z" />
<EventRecordID>7952</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="552" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SecurityPackage">Kerberos</Data>
<Binary>000004000200300000000000A83A00C000000000000000000000000000000000000 00000000000000E030980</Binary>
</EventData>
</Event>
--------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-TaskScheduler
Date: 11/07/2009 17:18:04
Event ID: 412
Task Category: Service critical error
Level: Error
Keywords:
User: SYSTEM
Computer: richard-personl
Description:
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147549183. User Action: restart task scheduler service.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-TaskScheduler" Guid="{de7b24ea-73c8-4a09-985d-5bdadcfa9017}" />
<EventID>412</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>403</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T16:18:04.452Z" />
<EventRecordID>7951</EventRecordID>
<Correlation />
<Execution ProcessID="1160" ThreadID="1620" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="LoadBootJobsFailed">
<Data Name="ResultCode">2147549183</Data>
</EventData>
</Event>

----------------------------------------------------------------------------------------

Log Name: System
Source: EventLog
Date: 11/07/2009 17:17:58
Event ID: 6008
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
The previous system shutdown at 17:16:19 on 11/07/2009 was unexpected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="EventLog" />
<EventID Qualifiers="32768">6008</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T16:17:58.000Z" />
<EventRecordID>7943</EventRecordID>
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data>17:16:19</Data>
<Data>11/07/2009</Data>
<Data>
</Data>
<Data>
</Data>
<Data>31571</Data>
<Data>
</Data>
<Data>
</Data>
<Binary>D907070006000B001100100013002702D907070006000B001000100013002702600 900003C000000010000006009000000000000B00400000100000000000000</Binary>
</EventData>
</Event>

-----------------------------------------------------------------------------------------

Log Name: System
Source: Service Control Manager
Date: 11/07/2009 08:31:17
Event ID: 7000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7000</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:31:17.000Z" />
<EventRecordID>7822</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Parallel port driver</Data>
<Data Name="param2">%%1058</Data>
</EventData>
</Event>

-------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-Kernel-General
Date: 11/07/2009 08:30:51
Event ID: 5
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: richard-personl
Description:
{Registry Hive Recovered} Registry hive (file): '\??\C:\Users\richard-personl\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}" />
<EventID>5</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:30:51.853Z" />
<EventRecordID>7783</EventRecordID>
<Correlation />
<Execution ProcessID="1156" ThreadID="1304" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="FinalStatus">0x8000002a</Data>
<Data Name="ExtraStringLength">73</Data>
<Data Name="ExtraString">\??\C:\Users\richard-personl\AppData\Local\Microsoft\Windows\UsrClass.dat</Data>
</EventData>
</Event>

------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-TaskScheduler
Date: 11/07/2009 08:30:43
Event ID: 412
Task Category: Service critical error
Level: Error
Keywords:
User: SYSTEM
Computer: richard-personl
Description:
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147549183. User Action: restart task scheduler service.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-TaskScheduler" Guid="{de7b24ea-73c8-4a09-985d-5bdadcfa9017}" />
<EventID>412</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>403</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:30:43.892Z" />
<EventRecordID>7780</EventRecordID>
<Correlation />
<Execution ProcessID="1156" ThreadID="1608" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="LoadBootJobsFailed">
<Data Name="ResultCode">2147549183</Data>
</EventData>
</Event>

------------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 11/07/2009 08:30:43
Event ID: 15016
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:30:43.804Z" />
<EventRecordID>7779</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="72" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SecurityPackage">Kerberos</Data>
<Binary>000004000200300000000000A83A00C000000000000000000000000000000000000 00000000000000E030980</Binary>
</EventData>
</Event>

----------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 11/07/2009 08:30:43
Event ID: 15021
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
An error occured while using SSL configuration for socket address 81.97.250.198:63331. The error status code is contained within the returned data.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15021</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:30:43.803Z" />
<EventRecordID>7778</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="72" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SocketAddress">81.97.250.198:63331</Data>
<Binary>000004000200300000000000AD3A00C000000000000000000000000000000000000 00000000000005F0000C0</Binary>
</EventData>
</Event>

-----------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 11/07/2009 08:30:43
Event ID: 15021
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
An error occured while using SSL configuration for socket address 10.113.234.80:63331. The error status code is contained within the returned data.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15021</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-11T07:30:43.802Z" />
<EventRecordID>7777</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="72" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SocketAddress">10.113.234.80:63331</Data>
<Binary>000004000200300000000000AD3A00C000000000000000000000000000000000000 00000000000005F0000C0</Binary>
</EventData>
</Event>

-----------------------------------------------------------------------------------

Log Name: System
Source: Service Control Manager
Date: 10/07/2009 12:59:23
Event ID: 7000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
The SBSD Security Center Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7000</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:59:23.000Z" />
<EventRecordID>7661</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">SBSD Security Center Service</Data>
<Data Name="param2">%%1053</Data>
</EventData>
</Event>

--------------------------------------------------------------------------

Log Name: System
Source: Service Control Manager
Date: 10/07/2009 12:59:23
Event ID: 7009
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7009</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:59:23.000Z" />
<EventRecordID>7660</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">30000</Data>
<Data Name="param2">SBSD Security Center Service</Data>
</EventData>
</Event>

-----------------------------------------------------------------------------------------

Log Name: System
Source: Service Control Manager
Date: 10/07/2009 12:58:52
Event ID: 7000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7000</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:58:52.000Z" />
<EventRecordID>7625</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Parallel port driver</Data>
<Data Name="param2">%%1058</Data>
</EventData>
</Event>

----------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-TaskScheduler
Date: 10/07/2009 12:57:59
Event ID: 412
Task Category: Service critical error
Level: Error
Keywords:
User: SYSTEM
Computer: richard-personl
Description:
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147549183. User Action: restart task scheduler service.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-TaskScheduler" Guid="{de7b24ea-73c8-4a09-985d-5bdadcfa9017}" />
<EventID>412</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>403</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:57:59.542Z" />
<EventRecordID>7584</EventRecordID>
<Correlation />
<Execution ProcessID="1156" ThreadID="1620" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="LoadBootJobsFailed">
<Data Name="ResultCode">2147549183</Data>
</EventData>
</Event>

-------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 10/07/2009 12:57:59
Event ID: 15016
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:57:59.323Z" />
<EventRecordID>7583</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="824" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SecurityPackage">Kerberos</Data>
<Binary>000004000200300000000000A83A00C000000000000000000000000000000000000 00000000000000E030980</Binary>
</EventData>
</Event>

------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 10/07/2009 12:57:59
Event ID: 15021
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
An error occured while using SSL configuration for socket address 81.97.250.198:63331. The error status code is contained within the returned data.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15021</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:57:59.323Z" />
<EventRecordID>7582</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="824" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SocketAddress">81.97.250.198:63331</Data>
<Binary>000004000200300000000000AD3A00C000000000000000000000000000000000000 00000000000005F0000C0</Binary>
</EventData>
</Event>

----------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 10/07/2009 12:57:59
Event ID: 15021
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
An error occured while using SSL configuration for socket address 10.113.234.80:63331. The error status code is contained within the returned data.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15021</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T11:57:59.323Z" />
<EventRecordID>7581</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="824" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SocketAddress">10.113.234.80:63331</Data>
<Binary>000004000200300000000000AD3A00C000000000000000000000000000000000000 00000000000005F0000C0</Binary>
</EventData>
</Event>

----------------------------------------------------------------------------------------

Log Name: System
Source: Service Control Manager
Date: 10/07/2009 11:14:14
Event ID: 7000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7000</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T10:14:14.000Z" />
<EventRecordID>7460</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Parallel port driver</Data>
<Data Name="param2">%%1058</Data>
</EventData>
</Event>

-------------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 10/07/2009 11:13:44
Event ID: 15016
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T10:13:44.029Z" />
<EventRecordID>7418</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="72" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SecurityPackage">Kerberos</Data>
<Binary>000004000200300000000000A83A00C000000000000000000000000000000000000 00000000000000E030980</Binary>
</EventData>
</Event>

-----------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 10/07/2009 11:13:44
Event ID: 15021
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
An error occured while using SSL configuration for socket address 81.97.250.198:63331. The error status code is contained within the returned data.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15021</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T10:13:44.028Z" />
<EventRecordID>7417</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="72" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SocketAddress">81.97.250.198:63331</Data>
<Binary>000004000200300000000000AD3A00C000000000000000000000000000000000000 00000000000005F0000C0</Binary>
</EventData>
</Event>

-------------------------------------------------------------------------------------------------------

Log Name: System
Source: Microsoft-Windows-HttpEvent
Date: 10/07/2009 11:13:44
Event ID: 15021
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: richard-personl
Description:
An error occured while using SSL configuration for socket address 10.113.234.80:63331. The error status code is contained within the returned data.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-HttpEvent" Guid="{7b6bc78c-898b-4170-bbf8-1a469ea43fc5}" EventSourceName="HTTP" />
<EventID Qualifiers="49152">15021</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T10:13:44.019Z" />
<EventRecordID>7416</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="72" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security />
</System>
<EventData>
<Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
<Data Name="SocketAddress">10.113.234.80:63331</Data>
<Binary>000004000200300000000000AD3A00C000000000000000000000000000000000000 00000000000005F0000C0</Binary>
</EventData>
</Event>

-----------------------------------------------------------------------------------
Log Name: System
Source: Microsoft-Windows-TaskScheduler
Date: 10/07/2009 11:13:43
Event ID: 412
Task Category: Service critical error
Level: Error
Keywords:
User: SYSTEM
Computer: richard-personl
Description:
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147549183. User Action: restart task scheduler service.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-TaskScheduler" Guid="{de7b24ea-73c8-4a09-985d-5bdadcfa9017}" />
<EventID>412</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>403</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2009-07-10T10:13:43.907Z" />
<EventRecordID>7415</EventRecordID>
<Correlation />
<Execution ProcessID="1140" ThreadID="1616" />
<Channel>System</Channel>
<Computer>richard-personl</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData Name="LoadBootJobsFailed">
<Data Name="ResultCode">2147549183</Data>
</EventData>
</Event>

-------------------------------------------------------------------------------------------------
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
11-Jul-2009, 05:28 PM #12
what is going on!
I'm starting to get really paranoid now because I just looked down at my modem and all the lights are going even though I'm not using the internet. I opened up the network and sharing center and clicked on 'view status' which showed me that data was being uploaded. Now I understand that a computer communicates over the web but it looked like a lot of bytes being used. I'm getting so worried now that I've let something in and it's uploading all my hard drive files. I've unpluged all my hard drives and broadband enthernet cable and I'm going to have to use my mobile broadband USB stick untill this is resolved. I'm starting to seriously consider re-formating the whole lot.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,286 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
11-Jul-2009, 07:52 PM #13
Did this computer come pre-loaded? It looks like some things may not be set up properly.

I think if you can do a reformat that might be the best solution.
RichardReeve's Avatar
Computer Specs
Junior Member with 8 posts.
  
Join Date: Jul 2009
Location: chertsey Surrey
Experience: Intermediate
12-Jul-2009, 08:22 AM #14
Thanks
Yes, a lot of 'junk' was already pre-installed when I bought it. I un-installed quite a few things thats I didn't need but I left other stuff I wasn't sure of. I've already wiped hell of a lot of content i've accumilated on my external hard drives so now i'll re-format the laptop and fingers crossed all will be well.

Thanks for the help.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 79,286 posts.
  
Join Date: Aug 2003
Location: Quebec, Canada
12-Jul-2009, 06:56 PM #15
You're welcome.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

Tags
usb

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 10:11 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.