Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

It all started with Antivirus Soft....


  • Please log in to reply
5 replies to this topic

#1 Onasi32

Onasi32

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:50 AM

Posted 29 May 2010 - 08:32 AM

So, I got the popup/malware Anivirus soft 3 days ago....I have spent the last 3 nights trying to repair/undo/fix my pc. I scoured the internet for a solution I found these forums and have done and redone every suggested fix for this I have found in the forums here. I have successfully removed Antivirus soft (I no longer get the popup or redirection) but now my pc restarts and my desktop is all screwed up and I get the message that 'cannot connect to window service service'.

DISCLAIMER!!....I understand and can follow instructions very well and I know my way around a pc very well.

Again I followed specific details I found in these forums and through different things like atf-cleaner and SAS I did a system restore and rolled back my pc to the day before this happened to get my desktop back to normal and my audio back.

After I did that I went through your set of instructions again...(just to be safe). rkill.com(even the alternative ones like ieplore.com, etc.) Atf-cleaner and SAS, redownloaded malware bytes..went through the whole proccess. Every thing seemed to be fixed....I shutdown and went to bed.....when I turned on my pc again the next day everything was screwed up again....no antivirus soft, but my desktop was messed up icons missing and oversized....got the mess. again 'cannot connect to window service service' 'audio service is not running' etc.

so I rolled back again to the day before and redownloaded all the removing/fixing/cleaning programs you suggested and again got everything back to what it was and restarted.....and it went right back to screwed up again.
So now I am posting everything that has happened I am at a loss....I have spent several hours over the past 3 days reading and being very meticulous in following the instructions and I can't figure it out. Thank you for this site and thanks ahead of time for any further help.

BC AdBot (Login to Remove)

 


#2 Onasi32

Onasi32
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:50 AM

Posted 29 May 2010 - 10:35 AM

Here is my malware log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4154

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

5/29/2010 10:16:59 AM
mbam-log-2010-05-29 (10-16-59).txt

Scan type: Quick scan
Objects scanned: 120556
Time elapsed: 3 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

And this is what is found with rkill

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Jessie on 05/29/2010 at 10:26:23.


Processes terminated by Rkill or while it was running:


C:\Windows\system32\conime.exe


Rkill completed on 05/29/2010 at 10:26:26.

#3 ron74

ron74

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 29 May 2010 - 11:01 AM

I just got the same virus last night. I believe I got it from my daughter using her myspace. Spent several hours and days last time getting rid of a malware virus I believed came from myspace. So after I got rid of the virus I blocked myspace and my son just told me my daughter went to Bing and typed in some code ending in 007 which allowed her to sneak onto myspace past our parental controls and now we have the antivrus soft infection. I cannot get online either on that computer. I recently installed ZoneAlarm security believing it would protect against this sort of thing but ZoneAlarm didnt even detect it. Unless maybe it warned her while she was on the site and she ignored it? But it did run a scan after it was infected and it still didnt detect it. Windows defender detected it and removed it supposedly but theres still somethig on the screen that wont go away. Need help please

#4 littleprincess

littleprincess

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:florida
  • Local time:11:50 AM

Posted 29 May 2010 - 12:04 PM

I have the same thing on my computer I believe from my son going on myspace. How did you get the virus off? I can't get any of my antivirus programs to work. I can't get into anything. Thanks for any help

#5 ron74

ron74

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 31 May 2010 - 01:27 PM

I havent got rid of it yet. Looking for some help also. Im going to attempt to deal with the problem today. If I have any success I'll post again. Wish me luck!

#6 coxchris

coxchris

  • Members
  • 1,151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atwater
  • Local time:08:50 AM

Posted 31 May 2010 - 02:38 PM

One of the things that virus like to hide in the restore points that why it it keeps coming back. Delete all Restore Points than go to through the cleaning steps

If it comes clean like it did

I would run Malwarebyes in safe mode in full system scan mode.

ron74: If are running a router and wireless you can go into your routers GUI and block myspace.com from the Access Restrictions tab scroll down to Block URL and insert my space.com and select save changes.

On that subject: I been blocking myspace.com

This is what i did from Internet Options
Under Secuirty Tab
I put Myspace.com under the Restricted Sites and under the Privacy settings seclect Sites than Per Site Privacy settings Insert myspace.com and click block and ok and ok or apply to close the windows

Myspace.com uses cookies to log in and what i did in that line was not accept cookies in that site

This can be bypass by a Proxy site to myspace.com

If you need any questions please reply back

AA in Computer Networking Technology

BS in Information Technology 

Comptia A+, Project+, L+

Renewable:  N+,S+

CIW Web Design Specialist, JavaScript Specialist,  Database Design Specialist 

LPIC-1, SUSE 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users