PDA

View Full Version : Vista OS 32bit BSOD



zburns
12-14-2008, 08:30 PM
This thread is for anyone who has experienced problems that occur while in the sleep mode or coming out of the sleep mode. Or also, problems when you just leave for a period of time with the "start background page with icons". Tonight I have experienced about 4 or 5 BSODs; however, for pupose of explanation, lets call it only two times. Twice when I left my computer to watch football and came back, and tried to use it, I got windows small dialogue boxes that said Windows had "stopped working" , then asked if I wanted to report it, clicked yes, etc., then I restarted.

Right now after five or six efforts to get back to what I call normal operation, I was able to log on to My Super PC and I am now typing this post. In the process I had multiple essentially back to back BSODs several times. Finally booted in Safe mode, looked around a little and then restarted, now here I am, seemingly ok, but I doubt it.

Since reporting that I had multiple experiences with Antivirus 2009 (which have continued intermittantly), actually parallel to AV 2009, I have had problems coming out of sleep mode. Also, have had "boot" failure when I walk away from the computer and leave it in sleep for about 3 hours.

My point in this post is not asking for help per se! But I am saying that I started having very minor inconvenient problems maybe last August and on a steady basis since then, they are getting "less inconvenient" and tonight very irritating, almost scary!

The only other coincidental occurences are a fair number of Windows updates over the last several weeks; this is a general statement, I would have to check the log to really know.

MY MAIN POINT. Wise Monkey has said he has had some problem coming out of sleep mode. Anyone else out there have anything like this? I seem to be working fine right now. Either I have a unique problem or maybe some of you
with Vista are seeing "little minor things that lead you to say as I have been saying" Vista runs fine for me! In fact I have been using the word "flawless"!

But my minor inconveniences look a lot more visible tonight! Anyway I just thought I would throw this out there for comment. It is a WIP for me right now. No longer a minor concern.

RickyTick
12-14-2008, 10:33 PM
Hey Z. I too use the word "flawless" to descibe my Vista experience. Since Vista SP1, my system has been tremendous. However, I did make a couple of changes around the same time that SP1 came out.

1. I changed my psu from an Antec True Power Trio 650 to a Corsair HX620. I wanted the modular psu design anyway.

2. I changed my ram from 4gb (4x1gb) Corsair XMS2 DDR800 to 4gb (2x2gb) of G.Skill DDR2 1000.

3. SP1

So, I can't say with certainty which one fixed my BSOD problem, but I can say that it has definately been fixed entirely.

Here's something that I've used recently that I thought was helpful. It takes a couple of hours to run, but it seemed worth it. Its from Microsoft, so I trust it. It's still in Beta status.

http://onecare.live.com/site/en-us/default.htm?redir=true

I'm curious to see how this comes out.

The Wise Monkey
12-15-2008, 05:16 AM
That seems like a pretty good piece of software, Ricky - might try it out.

As for your insomnia problem zburns ("lack of sleep" :P), I've just found this immensely detailed article that offers loads of potential solutions:

http://www.vistax64.com/tutorials/63567-power-options-sleep-mode-problems.html

As for Antivirus 2009, try this:

http://www.2-spyware.com/remove-antivirus-2009.html

EDIT: I've just downloaded, installed and paid for Spyware Doctor, and it has completely cleaned up my laptop (running XP 32-bit) - it found 58 occurences of Antivirus 2009... :O
There are probably free anti-spyware programs that will do the job, but it's worth it for the peace of mind. The only problem is that Spyware Doctor doesn't work on Vista 64.

RickyTick
12-15-2008, 06:58 AM
I had been using AVG on PC's for my Son, Wife, and Mom, but I recently changed them all to Avast. Since AVG was having some problems (as reported somewhere, but I can't find it now), I made the change, and I'm liking it much better.

zburns
12-15-2008, 07:14 AM
Hey guys and thanks for the quick replies. I will check it all out. For others who may think I am knocking Vista, I am not doing that. On days that I use "my super PC", more or less all day with breaks of no longer than an hour, everything works fine; it is when it puts itself (or I do it) into sleep mode for several hours that something weird happens.

It's like being "shot at" first thing in the morning and the rest of the day everything is perfect. Does not make sense yet, but at least it is "isolated" (and interesting) as to the nature of the problem.

Perhaps
12-15-2008, 03:45 PM
Vista and sleep mode have been causing issues for many people. It's quite common. My personal experience,
has been issues with what 'activity' will wake the PC. Also the mouse stops working. After the first couple times,
I started googling the problem and found lots of possible solutions. Nothing has worked for me thus far but thankfully
I've never had a blue screen of death.

Let's see if service pack 2 does anything.

zburns
12-16-2008, 04:04 PM
"Perhaps", my experience seems to be like yours; nothing I can pin down, but once I am running, everything ok except for one special case. Under "advanced tools" , "performance details in event log" -- this has stopped working for me as of Nov 24th, and I just saw it yesterday.

Another point, ESET Nod 32 anti virus, I found yesterday was running non stop any time I was turned on. After several hours, about 4 million objects scanned (just repeats scanning). Took out the Nod 32 today and put Kapersky in its place.

Before I buy Spydoctor, I wanted to ask Wise Monkey about Spydoctor; I used it to scan and it found a lot of infection (I think over a 100 events) but it did not name AV 2009 specifically, as best I can tell. You purchased the "removal" software. Did this removal software specifically name Antivirus 2009 as an "infection removed" or are you getting that impression from the "download link" description. . . "antivirus - 2009". Thanks.

A couple of other points: (1) on my new Kapersky anti virus, it also has a firewall; in their install guide, they say turn off Windows Firewall (if that is what you have, which is always the case if you have Vista). Are those of you with Vista and "another firewall" doing this?, Even Microsoft says it is not a good idea to run two firewalls. Anyone know if I would be better off turning off Kapersky firewall and running the Vista firewall? Pros and cons? Thanks to all!

(2) I have been using Task Manager a lot; almost the first thing I look at when I go to T/M is CPU usage; was about 4%, the last several days, 50, 60 sometimes 100%; Nero, which I never use, was using anywhere from 60k memory bytes to over one million bytes today at one time. On Fox news today a "bottom of the screen" warning to the effect: "IE alert, your computer may have a problem." Lot of funny stuff the last few days (but it is in the background -- not affecting my using the computer).

The Wise Monkey
12-16-2008, 06:44 PM
There is a major security flaw that has been discovered in IE that could allow someone to gain control of your PC:

http://news.bbc.co.uk/1/hi/technology/7784908.stm

Antivirus 2009 is a type of Vundo trojan virus that sits on your computer. The Spydoctor scan may have come up with several objects called Vundo or something similar - this is the Antivirus 2009 problem.

If you don't want to commit to buying the software, then I would also recommend Spybot Search and Destroy, as this is free and also very good at detecting these kind of spyware.

The firewall that comes with an Antivirus/Internet Security package is always much more effective than the standard Windows Firewall, so you should always turn that inbuilt protection off. Most pieces of software will do that for you, so you don't need to worry about that.

As for the issue with Nero, if you press the Windows key and R at the same time, you should come up with a box that says "Run...". Type msconfig into here and press enter. This should bring up a new window with several tabs across the top. Click on the Startup tab and untick anything that relates to Nero.

Msconfig is the tool that governs which programs and services run at startup. If you hardly ever use Nero, then you don't need it to be sitting in the background all the time, and so it can be safely removed. Be careful when using this tool though - don't prevent any Microsoft services from running at startup by accident, as it could be harmful to your PC.

zburns
12-17-2008, 11:13 AM
Wise Monkey: I installed the free download of Spydoctor. The first quick scan showed some infections and the second "full" scan showed about 100 infections (really not sure which scan the big number occurred on). Either after the first scan or the second (cannot remember), Spydoc told me and asked if I wanted to buy the "removal tool" for $24. Also said that I had to purchase in order to remove the infections, etc.. No problem doing this but I was sceptical for some reason.

So I ran three or four "subsequent" full scans and they all showed "0" infections and no threats. Then I methodically went thru the history of "all the infections", one by one, clicking to see what they were. All but two were either "Application.Tracking Cookies" or "Adware.Advertising". The other two were the same "RogueAntiSpyware.winSpywareProtect".

My problem was that if Spydoctor said I had to buy and download "the removal tool", why have the "infections" from the first one or two scans not showed up on subsequent scans. The wording says that ". . . have been cleaned". Do you think this means that the "infections" were removed but are still stored in a "Spydoctor file" awaiting the "removal tool" to put them in the Recycle bin or what ever it does with them when removed?

According to Threat Expert, see link, the above rogue is also known as:Mal/EncPk-CZ, Mal/EncPk-EI [Sophos] 1
Trojan.Win32.FraudPack.gen [Kaspersky Lab] 1
Trojan:Win32/FakeXPA [Microsoft] 1
WinSpywareProtect [Symantec] 1

so maybe these are aliases for AV2009? Link to ThreatExpert: http://www.threatexpert.com/threats/rogueantispyware-winspywareprotect.html

My question is what happen within Spydoctor "to hide" the 100 or so infections that included the two rogues? I hate all this "detailed minutia" but I am just trying to understand it all. I do not mind buying the Spydoctor removal tool; it is just "what happened to the first set of infections on the first quick scan or the second full scan? I will ask Spydoctor but it may take several days. Thanks.

zburns
12-17-2008, 11:40 AM
If you google "Trojan:Win32/FakeXPA [Microsoft] 1", you will get to several choices that give you various Microsoft pages that talk about "rogues". One such page is Ricky Ticks "Microsoft Live One. . " link above.

At any rate Microsoft describes the aliases for the above trojan as: --Everything next in parenthesis is copied from Microsoft --(Virus Encyclopedia: Trojan:Win32/FakeXPA
Name: Trojan:Win32/FakeXPA

Threat: Low
What threat level means: Low
"No vulnerabilities related to Microsoft software have been found.
There is only one known way for the infection to spread, and the potential for the infection to find new ways to spread is low.
Therefore, the risk of this threat spreading far and wide is relatively low.
There's no sign that unique data destruction has happened or could happen.
No significant disruption of local network or Internet service has occurred."

Please note: Some threat information may be available in English only.
Aliases:
Win-Trojan/Downloader.56320.M (AhnLab)
Win32/Adware.XPAntivirus (ESET)
not-a-virus:Downloader.Win32XpAntivirus.b (Kaspersky)
FakeAlert-AB.dldr (McAfee)
W32/DLoader.FKAI (Norman)
Mal/Generic-A (Sophos)
XPAntivirus (Sunbelt Software)
Downloader.MisleadApp (Symantec)
XP Antivirus (other)
Antivirus 2009 (other)


Trojan:Win32/FakeXPA is a family of programs that claim to scan for malware and display fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.)

zburns again: I have had a lot of experience with AV2009 and I agree with the low threat level assessment by Microsoft on the one hand, but if all this mess is part of it, then it is much more of a threat. Sorry for the length!!

zburns
12-17-2008, 03:19 PM
W/Monkey: On the NERO prob., there were two Nero entries in the start up menu, "unticked" both at the same time (may have been a mistake). Nero disappeared, ok, but six services at the top lost there "Group" names and 33 other services lost their "Group" names (if they had them in the first place) and were replaced with the abbrev. "N/A". Most of them say they are stopped!

I googled one of the names and saw reference to the fact that it(the service)would "stop" if there was a sudden multiple "shut down" (my words) of several apps simultaneously.

I took turns turning on, then off, one Nero app at a time and rebooted, to see if the services came alive, but they did not. Is going back to a "restore point" the next best thing?

EDIT: Little later. Some of above that I say is stopped may be running. I only "ticked" the two NERO items; if stuff shut down as a safety measure, it makes sense they would restart when called upon, RIGHT?

The Wise Monkey
12-17-2008, 07:41 PM
Nero tends to install a lot of non-essential services that run in the background. However, if you stop Nero from running, these services never get the wake-up call to start. You really don't need them, but they should come back when needed - perhaps you never got to a stage where they were required?

My advice for Nero is to see how your system runs now that it has been disabled at startup, and to try and use Nero to burn a CD or something to check that it all still works correctly.

As for Antivirus 2009, it isn't a major threat, but it is just a real pain. On my laptop, it opened a new browser window every so often with an advertisement for a fake antivirus product.

Regarding SpyDoctor, I think that it probably just quarantined the offending items as opposed to removing them completely. Try uninstalling SpyDoctor and doing a full scan using the SpyBot program I suggested; this is free and has also got a good reputation for finding and removing spyware.

I just hope you manage to sort out your problems soon - I know how much of a pain this stupid virus can be!

zburns
12-17-2008, 08:14 PM
It all sounds good. Thanks a lot. I have never used Nero, but your idea to burn the CD is good. Thanks again.