Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Think I have some odd kind of virus


  • Please log in to reply
10 replies to this topic

#1 kalex80

kalex80

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 01 July 2009 - 04:03 AM

Hi,
I don't have a clue about computers so I may not be giving the information you need, but about a week ago my laptop stopped working. I would turn it on, it would boot up normally, but after a minute would go to a blank blue screen or to a screen with lots of black and grey pixels a little like snow on an old tv. No matter what I did, whether I started to use it or not, it would do this.

A few days later it was working again, but the time and date were set to February 2006, and it wouldn't recognise the certificates for any sites when I was using firefox, or when I tried explorer. The CPU doesn't seem high but everything is slow to work with Word and Firefox temporarily freezing quite often. Also, each time I restart it, it is still doing the same thing where it won't recognise the certificates of any sites. To get past that I've been using system restore, but it just does it again when I restart. When it denies the sites it doesn't even seem to be searching for the ones that I've selected i.e. gmail, google etc. It keeps saying 'Search.avg' cannot be found, or does not have a valid certificate.

Today when I went to restart it, a pop up with 'Access violation at address 0046FBF5 in module 'TeaTimer.exe'. Read of address 00000010' came up as well.

Not sure if this is enough for anyone to give me any advice, but anything would be appreciated.

Cheers,
K

BC AdBot (Login to Remove)

 


#2 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 01 July 2009 - 04:25 AM

Oh yeah, I've run spybot and avg which came up with nothing.

Edited by kalex80, 01 July 2009 - 04:25 AM.


#3 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 01 July 2009 - 07:34 AM

Can anyone help?

#4 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 01 July 2009 - 08:52 AM

Is there any more information that I can post which would help anyone to understand the problem and maybe give me some advice?

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:20 PM

Posted 01 July 2009 - 11:51 AM

In general, any website that wants to secure their site or some of it's pages with Secure Sockets Layer (SSL) must obtain a valid certificate from a trusted third party Certificate Authority (CA). A server certificate is used for authentication. There are many different types of certificates and separate certificates for every browser. Web browsers include a number of "root certificates", which belong to CAs and are distributed with 'trust bits' set by default. Browser manufacturers choose whose root certificates to include. A number of well-known CAs, such as Verisign and Geotrust, have their root certificates in all major browsers.

With Microsoft, certification authority providers are required to complete a WebTrust for Certification Authorities audit or provide an equivalent third-party attestation. See Microsoft Root Certificate Program Members. All new root certification authorities for Windows XP are made available to end users through the Windows Update certificate trust list (CTL). This provides maximum flexibility for CA providers and Microsoft to respond immediately in the event of an unforeseen security issue. Some anti-virus vendors require the installation of the Microsoft Root Certificate update before allowing installation.

Have you gone to Windows Update and updated your Root Certificate?

Why should you update? The Update Root Certificates component in Windows XP is designed to automatically check the list of trusted authorities on the Microsoft Windows Update Web site when this check is needed by a userís application. Read more about the Update Root Certificates component in XP Certificate Support & Benefits and Purposes of Certificate Functionality.

It also wouldn't hurt to run a few anti-malware scans if you have not done so already.

Please download Malwarebytes Anti-Malware (v1.38) and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

-- If Malwarebytes Anti-Malware results in any error messages, please refer to Fixes for common problems and Error Codes. Some issues with errors can be related to malware infection but others are not.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 02 July 2009 - 06:57 PM

Hi,
The Root Certificate is up to date nd I ran the Malwarebytes Anti-malware program and it didn't come up with anything. I'm still having the same problems so I'm not really sure what's going on. The results of the scan are below.
Malwarebytes' Anti-Malware 1.38
Database version: 2365
Windows 5.1.2600 Service Pack 3

03/07/2009 09:53:10
mbam-log-2009-07-03 (09-53-10).txt

Scan type: Quick Scan
Objects scanned: 92613
Time elapsed: 9 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#7 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 04 July 2009 - 02:02 AM

And it seems that I am also unable to open internet options.

If anyone can help me I'm getting a bit desperate.

Edited by kalex80, 04 July 2009 - 05:18 AM.


#8 snowdrop

snowdrop

  • Members
  • 513 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 04 July 2009 - 05:57 AM

If the computer appears to be reverting to a time some years back,(i.e. NOT 'holding'its power) a suggestion might be to check the power supply to the laptop and the battery's ability to retain its power

is the computer even seeking to retrieve its Microsoft Updates?

#9 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 06 July 2009 - 07:26 PM

It only reverted back the first time it crashed and has updated since. The power supply is fine too. When it is restarted or left in sleep mode for too long the internet settings seem to change so that I can't open any pages and under no circumstances am I able to open internet options.

#10 kalex80

kalex80
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:20 PM

Posted 07 July 2009 - 06:44 PM

Not being able to open internet options is really bothering me. I can't figure out why it won't open.

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:20 PM

Posted 07 July 2009 - 11:18 PM

Please download sreng2.zip and save it to your Desktop.
  • Create a new folder on your hard drive called Sreng2 (C:\Sreng2) and extract (unzip) the file there. (click here if you're not sure how to do this. Vista users refer to this link.)
  • Open the folder and double-click on SREngLdr.EXE to launch it.
  • Select System Repair from the left pane.
  • Click on Windows Shell/IE.
  • Put a check mark in the box next to Enable Internet Explorer options and all tabs...
  • Click Repair.
  • The Status should now show Ok.
  • Exit SREng and reboot the computer.
or see How do I repair Internet Explorer in Windows Vista and Windows XP
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users