Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Background Programme Blocking Servers .....


  • Please log in to reply

#46
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

It found something! Photobucket's playing me up, at the moment. But, yeppers; After what looks like several scans, it's finally in red. " Virus Found ".

 

Ooh! In the vault, it says it's " Background.js "  Does that sound like our boy?


  • 0

Advertisements


#47
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Could be.  Did it remove it?


  • 0

#48
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

It's sitting in the vault, right now. Shall I delete it then? Was just holding it in case ye needed any information from it.


  • 0

#49
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

As long as it's in the vault it can't hurt anything.  You can delete it if you want or we could submit it to virustotal.com and see what the other A-Vs have to say about it but you have to have Avast remove it form the vault first.  .js files are javascript so you should also be able to open it in notepad so we can see what it was up to.


  • 0

#50
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Managed to get its Properties for ye:

 

 

Untitled_zpswdkmuulz.jpg

 

 

I see I can also click to send it to the lab. Your call. You're the one that knows what ye talking about (Thankfully!) This is all way above my head.

 


  • 0

#51
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

It's a PUP (Potentially Unwanted Program) so it's probably adware of some kind.

 

http://malwarefixes....nal-crossrider/

 

Do you have the full path?


  • 0

#52
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Hmm. Does seem to be saying it focuses on browsers ....? My problems stemmed (seemingly) from my browser ~ being knackered. I also tried a Restart, by the way: Smooth!

 

I've had a couple of hangs, today. But, it's looking seriously hopeful!

 

" Full Path " ....?  Sorry. Remember I have about as much tek savvy as one of ye Prairie Dogs. I'm just nothing like as cute to look at!  :D 


  • 0

#53
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Don't worry about the path.  On closer inspection I see it was in AdwCleaner's quarantine so we had already removed it. 

 

Run VEW again and let's see if your glitches left any events (you don't need to download it again if you already have it.  I'm just too lazy to go back and look):

 

 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#54
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 02/06/2016 17:29:39

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/06/2016 14:45:30
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 02/06/2016 05:19:51
Type: Error Category: 0
Event: 36 Source: volsnap
The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Log: 'System' Date/Time: 02/06/2016 03:09:44
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 01/06/2016 22:50:06
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 01/06/2016 22:24:51
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 01/06/2016 12:55:28
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 01/06/2016 02:16:02
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 31/05/2016 23:58:01
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

Log: 'System' Date/Time: 31/05/2016 23:53:26
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/06/2016 14:41:10
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name googleapis.l.google.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/06/2016 13:35:50
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.google-analytics.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/06/2016 12:10:00
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name gstaticadssl.l.google.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/06/2016 00:10:08
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ping.chartbeat.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 01/06/2016 12:51:09
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name s.yimg.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 01/06/2016 01:53:14
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name uk-mg42.mail.yahoo.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/05/2016 20:13:40
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_OLYMPUS&PROD_U1040_S1040&REV_1.00#000N97J23344&0#.

Log: 'System' Date/Time: 31/05/2016 13:05:54
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ctldl.windowsupdate.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/05/2016 20:31:38
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name apis.google.com timed out after none of the configured DNS servers responded.

 


  • 0

#55
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 02/06/2016 17:32:23

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/06/2016 14:37:30
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 02/06/2016 12:57:42
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 02/06/2016 03:01:40
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 01/06/2016 23:41:13
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 01/06/2016 12:47:09
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 31/05/2016 23:49:51
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 31/05/2016 23:44:22
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 31/05/2016 13:05:50
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 30/05/2016 20:23:33
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: plugin-container.exe, version: 46.0.1.5966, time stamp: 0x572818c9 Faulting module name: mozglue.dll, version: 46.0.1.5966, time stamp: 0x572808c3 Exception code: 0x80000003 Fault offset: 0x0000efdc Faulting process id: 0x1200 Faulting application start time: 0x01d1bab0deaf0c5e Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Report Id: 612ebe3f-26a4-11e6-8c86-0c5b8f279a64

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/06/2016 14:36:49
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 1116 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome


Log: 'Application' Date/Time: 02/06/2016 12:35:18
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 1192 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome


Log: 'Application' Date/Time: 02/06/2016 02:35:56
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 1164 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome


Log: 'Application' Date/Time: 01/06/2016 23:36:20
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 1164 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome


Log: 'Application' Date/Time: 01/06/2016 03:13:49
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 1160 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome


Log: 'Application' Date/Time: 31/05/2016 23:49:09
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   2 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 4836 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 4836 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 31/05/2016 23:46:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe' (pid 3268) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 31/05/2016 23:43:37
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   5 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 588 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000
Process 3148 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000
Process 2056 (\Device\HarddiskVolume2\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000
Process 2056 (\Device\HarddiskVolume2\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
Process 3148 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome


Log: 'Application' Date/Time: 31/05/2016 03:45:31
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   4 user registry handles leaked from \Registry\User\S-1-5-21-1600889185-3656679571-3126259524-1000:
Process 3016 (\Device\HarddiskVolume2\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000
Process 1216 (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\sched.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000
Process 3016 (\Device\HarddiskVolume2\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
Process 1492 (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\avguard.exe) has opened key \REGISTRY\USER\S-1-5-21-1600889185-3656679571-3126259524-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
 


  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP
Log: 'System' Date/Time: 02/06/2016 14:45:30
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.

 

 

Sometimes running a disk check will clear up the above error:
 
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
 
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. The disk check will run and will probably take an hour or more to finish.
 
Run VEW again as before.
 
Log: 'System' Date/Time: 02/06/2016 05:19:51
Type: Error Category: 0
Event: 36 Source: volsnap
The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

 

 

First, check how much free disk space is available on the system volume in Windows Explorer.

Open Control Panel / System / Advanced System Settings.

Select the System Protection Tab.

In the Protection Settings box, select the System Drive (Usually C:).

Click the Configure Button.

In the Disk Space Usage section, use the slider to increase the amount of disk space allocated to System Restore.

Apply/OK.

You can also use the Disk Cleanup tool to remove all but the latest System Restore Points. This will likely give you back a large amount of free disk space.

Go to Start/All Programs/Accessories/System Tools/Disk Cleanup. Select to clean up the files for All Users.

 

You will have the option of selecting which files to remove.

 

Select the Clean Up System Files button. This will show a new Tab called More Options. Click this tab and in the System Restore and Shadow Copies section, click the Cleanup Button. This will delete all but the most recent System Restore Point.
 

 

For these:

 

Event: 1014 Source: Microsoft-Windows-DNS-Client

 

 

Try using 8.8.8.8 as your primary DNS server.  See if that works better.

 

http://windows.micro...tcp-ip-settings

 

Going to the gym for a while.  Back in about 2 hours.


  • 0

#57
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

 

Log: 'Application' Date/Time: 02/06/2016 14:37:30
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 

 

 

Run the Fixit here:

http://support.micro...b;en-US;2545227


  • 0

#58
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application.

 

  Okay. I came unstuck at that point.  I did look down and find some reference to something seemingly pertaining to Windows and Logs. Think I right clicked that. Then backed the billyo out of there! Things popped up that I'm not touching ..... Scary things!

 

  I would point out though that I've ~ quite deliberately ~ been in that chat room all afternoon. Even talking to myself, to see if that slung me. It didn't.

 

Email has been 90%. Can't moan about that.

 

While you're at the gym, torturing yeself and thinking about Prairie Dogs, I'll feed my Hairy Dogs. I'll also refollow those steps and try to show ye what I saw that scared me.


  • 0

#59
Ditch

Ditch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Yep. I started coming adrift from ye instructions right about here, look. Just didn't seem to match up with what I was looking for.

 

Untitled.jpg

 

Windows 7, of course.

 

 


  • 0

#60
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Click on the arrow in front of Event viewer then on the arrow in front of Windows Logs

 

 

 

 

 

 

evt.jpg


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP