Suspected Virus/Malware freezing computer

By alligatoring
Feb 24, 2010
Topic Status:
Not open for further replies.
  1. I have a Toshiba Satellite P100 running Windows XP that has recently started freezing. I was directed here after posting in the BSOD, Freezing section. I am unable to complete the steps in the 8-step guide as my computer freezes before it's able to complete a scan, by freeze I mean it becomes completely unresponsive, there is no BSOD but Ctrl Alt Del doesn't work either. I can run boot time scans without freezing but Avast! did not pick anything up and I'm not sure what else to try. I do have Hiren's Boot CD but none of the anti virus/anti malware programs show up in the boot menu oddly enough.

    I was hoping for some advice on a few things:

    Can I backup any of my files onto an external drive, then format, reinstall the AV programs and scan my external drive? (and then transfer the data back). I have some PSDs and other media files from projects that I would really love if I could backup.
    edit: my external drive may or may not also be infected already since I do not know when the infection actually occurred and I was working on backing up data before it started freezing up.

    I have also read the post on identity theft, since my laptop is on a network how likely is it that whatever is afflicting my computer has spread? There has been no file active sharing (generated by us the users), the computers are running the same up-to-date AV program that I was (Avast!) I am concerned since I wanted to change my important passwords but am unsure whether they could be infected as well. I am currently running scans on them.

    What would the best course of action be from here? Being unable to run scans in normal windows mode or even in safe mode. I really am trying to exhaust all other options until I am left with only formatting and deleting all my hard worked on projects. This is a wakeup call to backup more frequently.

    Thank you for any advice or suggestions, I really appreciate them!
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    I don't want you to feel like we're bouncing you back and forth between forums-but:

    The suggestion to check the Event Viewer is exactly what I recommend. We can't check for malware if you can't run any programs. Please see if this will work for you:

    Important! When the systems freezes, I want you to note the time on the computer clock. Events are time coded and you need to look for Error at time of freeze

    Please download VEW and save it to your Desktop:

    Setting up the program

    Double-click VEW.exe then under Select log to query, select:
    • Application
      [*] System


      Under Select type to list, select:
    • Critical (Vista only)
    • Error

      Click the radio button for Number of events
    • Type 20 in the 1 to 20 box
    • Then click the Run button.
    • Notepad will open with the output log.

      Load the log
    • In Notepad, click Edit> Select all
    • Then press Edit > Copy
    • Press Ctrl+V on your keyboard to paste the log to your next reply.

    (Courtesy rev-Olie)

    Give me the time of the freeze- I will check for corresponding Errors in the log. I read your other thread and it wasn't clear to me what happened with the Event Viewer. If this works, give me the time and the log- we'll go from there.
  3. alligatoring

    alligatoring Newcomer, in training Topic Starter

    The last two freezes: 7:35 pm and 7:41 pm


    Vino's Event Viewer v01c run on Windows XP in English
    Report run at 24/02/2010 7:46:30 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 24/02/2010 7:44:57 PM
    Type: error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSP aswTdi

    Log: 'System' Date/Time: 24/02/2010 7:44:56 PM
    Type: error Category: 0
    Event: 7001 Source: Service Control Manager
    The avast! Antivirus service depends on the avast! Standard Shield Support service which failed to start because of the following error: The specified driver is invalid.

    Log: 'System' Date/Time: 24/02/2010 7:44:56 PM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The avast! Standard Shield Support service failed to start due to the following error: The specified driver is invalid.

    Log: 'System' Date/Time: 24/02/2010 7:44:56 PM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The aswFsBlk service failed to start due to the following error: The specified driver is invalid.

    Log: 'System' Date/Time: 24/02/2010 7:22:18 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:18 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:16 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:16 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:16 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.

    Log: 'System' Date/Time: 24/02/2010 7:22:16 PM
    Type: error Category: 0
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    The following are all Errors from Avast. If you have Norton/Symantec, you shouldn't be running Avast also. Uninstall Avast.

    Event: 7000 Source: Service Control Manager
    Event: 7001 Source: Service Control Manager
    Event: 7026 Source: Service Control Manager
    Log: 'System' Date/Time: 24/02/2010 7:44:56-7:44:58 PM
    • The aswFsBlk service (Avast! antivirus system system driver file) failed to start due to the following error: The specified driver is invalid.
    • The avast! Standard Shield Support service failed to start due to the following error: The specified driver is invalid.
    • The avast! Antivirus service depends on the avast! Standard Shield Support service which failed to start because of the following error: The specified driver is invalid.
    • The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSP aswTdi

    It is probable that the application referred to here might be part of Avast:
    Event: 7023 Source: Service Control Manager
    The Application Management service terminated with the following error: The specified module could not be found.
    Log: 'System' Date/Time: 24/02/2010 7:22:16 PM>> x5
    Log: 'System' Date/Time: 24/02/2010 7:22:17 PM>> x10
    Log: 'System' Date/Time: 24/02/2010 7:22:18 PM>> x2

    So, between 7:22:16 PM and 7:22:18, an application attempted to run but shut down 17 times because it couldn't find what it needed to run.

    Then, between 7:44:56 PM and 7:44:58, Avast tried to load and run 4 times, but could not because the driver wasn't any good!

    The first freeze at 7:35 pm probably happened because the system was tired of trying to do something it couldn't. I'll guess that second freeze, 7:41 pm came around the time that the failed Avast loads taxed the system so much that it shut down.

    Do this: Avast Removal

    Reboot. then run the following:

    TFC (Temp File Cleaner)

    Download TFC to your desktop
    • Open the file and close any other windows.
    • It will close all programs itself when run, make sure to let it run uninterrupted.
    • Click the Start button to begin the process. The program should not take long to finish its job
    • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

    TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. . TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.

    TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.

    Empty the Recycle Bin
  5. alligatoring

    alligatoring Newcomer, in training Topic Starter

    I did as instructed and now I'm getting all of these errors in the event log. (I have no devices plugged into my computer). Lastest freeze time: 8:57 pm
    I'm thinking it might be better to just try and save what I can and then format.

    Vino's Event Viewer v01c run on Windows XP in English
    Report run at 25/02/2010 9:03:59 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The Intel(R) PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The MSCamSvc service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The ConfigFree Service service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The Intel(R) PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The Intel(R) PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:36:49 PM
    Type: error Category: 0
    Event: 7034 Source: Service Control Manager
    The DVD-RAM_Service service terminated unexpectedly. It has done this 1 time(s).

    Log: 'System' Date/Time: 25/02/2010 8:34:14 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Log: 'System' Date/Time: 25/02/2010 8:32:16 PM
    Type: error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

    Log: 'System' Date/Time: 25/02/2010 8:32:16 PM
    Type: error Category: 0
    Event: 7001 Source: Service Control Manager
    The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

    Log: 'System' Date/Time: 25/02/2010 8:32:16 PM
    Type: error Category: 0
    Event: 7001 Source: Service Control Manager
    The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.

    Log: 'System' Date/Time: 25/02/2010 8:32:16 PM
    Type: error Category: 0
    Event: 7001 Source: Service Control Manager
    The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

    Log: 'System' Date/Time: 25/02/2010 8:32:16 PM
    Type: error Category: 0
    Event: 7001 Source: Service Control Manager
    The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

    Log: 'System' Date/Time: 25/02/2010 8:31:56 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

    Log: 'System' Date/Time: 25/02/2010 8:31:51 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Log: 'System' Date/Time: 25/02/2010 8:31:49 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

    Log: 'System' Date/Time: 25/02/2010 8:31:44 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

    Log: 'System' Date/Time: 25/02/2010 1:50:08 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Log: 'System' Date/Time: 25/02/2010 1:49:26 PM
    Type: error Category: 0
    Event: 10005 Source: DCOM
    DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    I can't help you anymore with respect to malware. Many of the current errors appear to have occurred while the system was in Safe Mode. The drivers that didn't start don't start in Safe Mode.

    We aren't getting anywhere here. You posted in the correct forum to begin with and they should have tried to deal with the Event Errors there.
  7. alligatoring

    alligatoring Newcomer, in training Topic Starter

    Thanks for your help. I'm just going to format.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Sorry it came to that, but I don't know where the problem is. Let us know after you get set up again if you need any help. I will close this thread.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.