Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have many problems. need help.


  • Please log in to reply
4 replies to this topic

#1 smarts

smarts

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 13 September 2009 - 05:06 PM

Ok, my computer does several things I can't figure out.
When playing music on any player, it goes to a blue screen with white 0's all over it. I don't know if it is a hardware problem or what.
When playing a game or opening a window it is so slow, and sometimes internet explorer sits there and does nothing instead of opening a site.
About 3 weeks ago my browser quit saving the sites I would usually drop down and click on to go to, along with my usernames and password were no longer being saved, so if i go to a site i go to everyday.....i have to treat it as if i have never been there before!!
I am so ready to throw this thing out the door, I have a Compaq v5000 series laptop that came with a upgrade to vista I bought it Jan 2007. Looking at your sight I downloaded and ran AVG and Malwarebytes but I still have these probs, any suggestions will be helpful, I can't afford a new computer yet!!

BC AdBot (Login to Remove)

 


#2 possumbarnes

possumbarnes

  • Members
  • 333 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tennessee, USA
  • Local time:07:12 PM

Posted 13 September 2009 - 07:51 PM

Ok, my computer does several things I can't figure out.
When playing music on any player, it goes to a blue screen with white 0's all over it. I don't know if it is a hardware problem or what.

Can you hear the music playing or does it go to the blue screen and just freeze? Is this blue screen a Blue Screen of Death, as in do you have to reboot the computer to clear the blue screen. Is there anything besides white zeros all over it? Any kind of Stop Error code or anything else? If so, you may want to click here and see if this applies to you.

When playing a game or opening a window it is so slow, and sometimes internet explorer sits there and does nothing instead of opening a site.

How much memory is installed? You can quickly check this by right-clicking My Computer (or Computer under the START menu in Vista) and clicking on Properties. The amount of installed RAM you have will be displayed in the Window that opens. With Vista, anything less than 1 gb of RAM will cause the system to be slow. I would recommend at least 2 gb of RAM for Vista.

About 3 weeks ago my browser quit saving the sites I would usually drop down and click on to go to, along with my usernames and password were no longer being saved, so if i go to a site i go to everyday.....i have to treat it as if i have never been there before!!
I am so ready to throw this thing out the door, I have a Compaq v5000 series laptop that came with a upgrade to vista I bought it Jan 2007. Looking at your sight I downloaded and ran AVG and Malwarebytes but I still have these probs, any suggestions will be helpful, I can't afford a new computer yet!!

Have you tried a different browser? Firefox or Opera, for example. Also, did AVG and Malwarebytes find anything? If so, I would scan with them again and make sure it is clean. If you scan again and either of them find anything, can you please post a log of the results in your next reply. (MBAM saves a copy of each scan log results under the LOG tab in the main screen of MalwareBytes' Anti-Malware. I'm not sure how AVG logs are kept but there should be a log somewhere within the program.
What's more irrational--a guy who believes in a God he cannot see or a guy who is offended by a God he doesn't believe in?

#3 smarts

smarts
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 13 September 2009 - 08:53 PM

Can you hear the music playing or does it go to the blue screen and just freeze? Is this blue screen a Blue Screen of Death, as in do you have to reboot the computer to clear the blue screen. Is there anything besides white zeros all over it? Any kind of Stop Error code or anything else? If so, you may want to click here and see if this applies to you.

No music, just blue screen and 0's everywhere, the computer tries to reboot but can't i actually forget the error code displayed on reboot, then i have to turn it completely off and back on. I will click the link and see.

How much memory is installed? You can quickly check this by right-clicking My Computer (or Computer under the START menu in Vista) and clicking on Properties. The amount of installed RAM you have will be displayed in the Window that opens. With Vista, anything less than 1 gb of RAM will cause the system to be slow. I would recommend at least 2 gb of RAM for Vista.

Ok I do only have 1gb, the slowness just started in the last 6 mnths. do i need to get rid of Vista? Now the browser being slower and not saving pass words or usernames or sites just happened in the last week or so, I downloaded the newest explorer and it happened. I first got on this site when a Personal antivirus thing hit my pc, I got the AVG and Malwarebytes and got rid of it.

Have you tried a different browser? Firefox or Opera, for example. Also, did AVG and Malwarebytes find anything? If so, I would scan with them again and make sure it is clean. If you scan again and either of them find anything, can you please post a log of the results in your next reply. (MBAM saves a copy of each scan log results under the LOG tab in the main screen of MalwareBytes' Anti-Malware. I'm not sure how AVG logs are kept but there should be a log somewhere within the program.

I used firefox at one time but i think it did not do right so i went back. They both found a couple of viruses and some spyware, but i have run them since and they say there is nothing. I will try to add the last 2 MBAM and recent DDS logs. AVG was ran after MBAM and found 2 trojans and alot of tracking cookies.

Malwarebytes' Anti-Malware 1.40
Database version: 2754
Windows 6.0.6002 Service Pack 2

9/7/2009 11:59:25 PM
mbam-log-2009-09-07 (23-59-25).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 97046
Time elapsed: 1 hour(s), 22 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 37
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





Malwarebytes' Anti-Malware 1.40
Database version: 2754
Windows 6.0.6002 Service Pack 2

9/9/2009 5:29:18 PM
mbam-log-2009-09-09 (17-29-18).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 313576
Time elapsed: 5 hour(s), 36 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Mod Edit: DDS/HijackThis log removed; not permitted in this forum.

Edited by quietman7, 14 September 2009 - 08:25 AM.


#4 possumbarnes

possumbarnes

  • Members
  • 333 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tennessee, USA
  • Local time:07:12 PM

Posted 14 September 2009 - 08:17 AM

OK, we need that error code if you can write it down when it reboots. Also, you need to increase your memory. You can take the side of your computer off and pull your memory out to verify what type you have and how many slots you have available to put new memory in. (If you're unsure how to remove or install memory, you can click here for a short video showing how to do it). You say you bought it in Jan '07, so it most likely has DDR2 memory in it. However, it could have the slightly older DDR memory in it. Go here for a selection of 1 GB DDR PC3200 memory dimms or go here for a selection of 1 GB DDR2 PC4200 memory dimms. Memory is pretty cheap right now so its a good time to increase your memory to the maximum your PC will take.

Just to be sure your computer is clean of infection, let's run ATF and SAS:
Note.. SAS doesn't open the registry hives for other user accounts on the system, so scans should be done from each user account.

Note: With Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

From your regular user account..
Download Attribune's ATF Cleaner and then SUPERAntiSpyware. Save both to your desktop. DO NOT run yet.
Double click the SUPERAntiSpyware icon to install and update it. Be sure to update it during install.
Under Scanner Options make sure the following are checked:
  • Close browsers before scanning.
  • Scan for tracking cookies.
  • Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode using the F8 Method
Restart your computer. When the machine first starts, your keyboard lights will flash. At this point you should begin tapping the F8 key repeatedly until you are presented with a Windows start-up options menu. (If you see Windows begin to load, you missed when to press F8 and will need to do this again).
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.


NOW Scan with SUPERAntiSpyware.
Start SUPERAntiSpyware and at the main screen on the left, click the SCAN YOUR COMPUTER button. Put a check for all of your installed hard drives.
Perform a Complete scan. After scanning, verify everything found is checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
Select the current dated log and press View log.
A text file will open. Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.
What's more irrational--a guy who believes in a God he cannot see or a guy who is offended by a God he doesn't believe in?

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:12 PM

Posted 14 September 2009 - 08:27 AM

FYI: Your Malwarebytes Anti-Malware log indicates you are using an older version of MBAM (v1.40) with with an outdated database. Please download and install the most current version (1.41) from here.
You may have to reboot after updating in order to overwrite any "in use" protection module files.

The database shows 2754. Last I checked it was 2794.

Update the database through the program's interface (preferable method) or manually download the definition updates and just double-click on mbam-rules.exe to install.

Then perform a new Quick Scan in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.

Note: Mbam-rules.exe is not updated daily. Another way to get the most current database definitions if you're having problems updating through the program's interface or have already manually downloaded the latest definitions (mbam-rules.exe) shown on this page, is to do the following: Install MBAM on a clean computer, launch the program and update through MBAM's interface. Copy the definitions (rules.ref) to a USB stick or CD and transfer that file to the infected machine. Copy rules.ref to the location indicated for your operating system. If you cannot see the folder, then you may have to Reconfigure Windows to show it.
  • XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
  • Vista: C:\Documents and Settings\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware[/color]

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users