Windows Serices Keep Stopping

[videodood]

Hi there! I've noticed on my computer that several windows services seems to be stopping. First I noticed the "Themes", then Windows Audio, then Firewall, and I think it was called DNS Internet service.

Anyways, I keep restarting them after they crash, however, I can't usually restart the firewall. I may fixed that one, which is critical. But whatever bug it is I'm experiencing, it's still influencing my computer.

Does this sound like a known virus. Is there any fix it tool? I get nothing when I scan with AVG and SuperAntiSpyWare.

Thanks

 

[videodood]

Actually the windows firewall is still turning off. Definitely sounds like a virus to me. I'm sure someone has heard of this before.

 

[videodood]

Lastly....when I try to restart the firewall service, it won't work!

 

[blackhawk1928]

Uh...yeah it definatly looks like a virus. AVG and SuperAntiSpyWare aren't exactly the best in the business...I recommend the freeware version of "Malwarebytes Anti-Malware" and "a-squared" ,both are very good, they pretty much demolish any infection in your computer, they dont give realtime protection, they are just scanners.

 

[videodood]

Thanks very kindly.. I will try and find them. do you have download links?

 

[blackhawk1928]

And here is a link to download malwarebytes:
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

Here is a link for a-squared:
http://download.cnet.com/A-squared-Free/3000-2239_4-10262215.html

-here is what i recommend, download them, install them, update them. Once done, go into safe mode and scan, do it one at a time, first malwarebytes and then a-squared, whichever one you want. If nothing helps, then we still have a last line of defense, but i will tell you about it later if this does not work

-best of luck

 

[videodood]

Thanks buddy! I quite appreciate it. I downloaded zonealarm for the meantime as well, because whatever virus or malware on my computer was knocking out the windows firewall 5 minutes after loading windows. It ran through it's set up and pointed out a number of internal processes that were doing weird things!! (of course they try and scare you into buying their program). I got the first malwarebytes program going. I'll scan in safemode too at night.

I really appreciate the advice. It's a cool website.

thanks,

Jamz

 

[blackhawk1928]

Good, make sure to scan with malwarebytes and a-squared as they are big very similar/competitive and one of them might catch something what the other might not. Make sure to update before the scan also. And again if you still feel you need to then we have TWO more solid lines of defense against the virus that we can do So good luck. Message back if you need anything.

-And if this virus turns out to be a root-kit which i am thinking it might just be, but i am not sure yet until you finish the scans and give me the results, then i know some good anti-rootkit removal tools that specialize in just that

-Best of luck

 

[aford10]

The best method is to boot into safe mode with networking, download the programs, update them, and do comprehensive scans. If your computer is infected, anything you install or update in normal windows also can be infected, specially AV's.

Malwarebytes is real good. NOD32 is another good program that has a 30 day full version trial.

 

[tosh9i]

Does Event Viewer say anything about what's happening?

 

[videodood]

Hi...here's an update: I did a safemode Malwarebytes scan. It caught 15 different items and cleaned them. I rebooted to windows and yet my Windows Services (themes and firewall) continue to turn off. The firewall I can't restart either.

I will try that other scanner and virus scan as well. I've got enormous drives, though, so it takes a very long time!!

I'm not sure want the even viewer is. But I'm willing to try all things. Man...I can't believe how many cool people are on this site willing to help.

 

[aford10]

The event viewer is a tool to see any logs and notes being logged.
Start-->control panel-->administrative tools-->event viewer-->you can view different component logs by time and date. The errors are in red.

The problem with viruses and malware is, once they've done damage, even if you clean them up, the damage can still be there.

 

[JAYDEEJOHN]

Conficker messes with the services. Check out the different AV sites, they have free tools to use as well.Macafee, etc

 

[blackhawk1928]

^Yes, good points, a bad part of about viruses is that the best way to protect is to prevent them from infecting, once they have infected and been removed there could still be some damage. You said that you scanned with malwarebytes, now scan with that other program i told you "A-Squared". Then after that try Microsoft Malicious Software Removal Tool, it specifically has anti-confikerr databases in it.
-By the way, when scanning, if you open task manager, right click on the scanning application, then click go to process. After that right click on the processes, click priority and make realtime or high. This gives it more processor cycles improving speed

-Best of Luck. If Still nothing then we have two options, either a system restore or something called a rescue system. This is basically a really good virus scanner. What you do is you put it onto a CD, then reboot and boot into the CD. It is kind of like reinstalling windows, you boot into it. Once there, you update it and scan it. The scan is way more thorough since windows is dormant during the scan and it can scan much more files and that can't be scanned when windows is in use. I think thats the best option if a-squared doesn't work. I will give you further instructions on which program to get and how to use it
-If nothing absolutely helps, its no big deal, a system rebuild doesn't hurt once in a while.

-Best of Luck
-If you need anything just message back

 

[videodood]

Man i'm enjoying the advice here. Do you blackhawk work at this website? Or is it just made up a cool tech savvy volutenteers?

I tried the conflicker removal tool by symantic to see if it was the cause, but it said it wasn't on the computer. I"ll do a-squared.

thanks

 

[tosh9i]

If you had conflicker, you wouldn't be able to access websites such as www.norton.com or www.kaspersky.com because conflicker is known to block access to antivirus websites.

"Variant C of the worm resets System Restore points and disables a number of system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting.[44] Processes matching a predefined list of antiviral, diagnostic or system patching tools are watched for and terminated.[45] An in-memory patch is also applied to the system resolver DLL to block lookups of hostnames related to antivirus software vendors and the Windows Update service."

http://en.wikipedia.org/wiki/Conficker#Self-defense

 

[blackhawk1928]

No,i don't work here on this website. Just pretty good with computers i guess
-BTW Tosh9i is right, you most likely don't have conflicker...unless you are experiencing the problems he described.

-Good Luck

 

[videodood]

I don't want to jump the gun or anything, but I downloaded and updated Asquared and did a quick scan involving windows components and it found about 15 things I believe 3 or 4 were alleged serious trojan type items I think it said. After rebooting and quarantining, my computer services haven't failed yet. Usually they were failing within five minutes and it's been about 15 already!! So I'll update after a while.

thanks

 

[blackhawk1928]

nice...thats a good sign, it doesn't meaning much yet but its a good sign. I would (at night) do the "Thorough Scan" of your entire system. Just incase anything happens to be lurking there.

-BTW...before you do any kind of scan with malwarebytes or A-squared always be sure to update it just incase, because they have an update at least once a day and sometimes 2-3 times a day (its what makes these two programs good). So update and do a thorough scan with a-squared. Then if you feel you want which i would recommend you, then make the bootable CD anti-virus to finish the job

 

[JAYDEEJOHN]

Pure awsomeness. It seems its time to redownload a squared, still on their mailing list, but dumped it awhile ago, but since moving off McAfee and going free AV to AVG, looks like the plan

 

[videodood]

Hi...just an update. I had gone out for 3 hours last night and came home and apparently the computer's services had turned off again. So it may be very deep in fact it may even be inside some of the windows system files. I'm guessing it may have overwritten a windows system file. But what the heck do I know? Hahha.

I set up a full scan with Asquared last night, but my computer is so huge, it only completed 4% in the morning and found nothing. I think I'll just do one drive at a time.

Another idea is, is it possible that there are some device conflicts on my computer and that could be causing the window services to fail? At first I was using two sound cards, one internal and the other external for music recording. I've disconnect the external and stopped using it for a long time. It used to be that the windows audio service failed, then the themes. I had reinstalled sounds drivers and uninstalled and reinstalled a number of things in case there were those IRQ Resource conflicts. Sound is working fine now. But the other services firewall, themes and who knows what else still shut down, though it does seem to be happening later than before. Mind you last night I rebooted once and the windows firewall was already disabled.

One question, if this is some malicious code on my computer, is it most likely residing in my windows folder somewhere or could just be sitting anywhere?

Should I do one of those "system loading capture" things that I see people do a lot..which I kinda show what's happening on the computer. I think Hijack this does something like that. I don't know what all the files are related to and what are natural and which are malicious.

 

[aford10]

Have you checked the event viewer to see if there are some errors being logged?

 

[videodood]

Tell me how to do the even viewer and I will do it!

 

[aford10]

Start-->control panel-->administrative tools-->event viewer-->you can view different component logs by time and date. The errors are in red.

 

[videodood]

Yes..I'm seeing quite a few errors in the system category. Still i'm not sure what to do about it.