Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

blue screen on startup


  • This topic is locked This topic is locked
20 replies to this topic

#1 Destrus2

Destrus2

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 03 October 2012 - 05:35 AM

Essentially my task mangers usage %'s were seeming suspicious so I downloaded a free antivirus called Immunet and ran a flash scan.It promptly detected services.exe as malware and automatically quarantined it after which the computer automatically shut it self down citing some error at which point the computer doesn't reach the login screen even in safe mode before it blue screen saying some thing similar to "a critical process failed to start or was terminated" I understand this means I probably have a fairly serious virus problem but getting the computer to start up is my main priority.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:48 AM

Posted 03 October 2012 - 07:41 AM

You might scroll down to some of the comments by users concerning this product.

http://download.cnet.com/Immunet-Protect/3000-2239_4-10965674.html

Seems more likely a software problem than a malware situation, IMO.

System manufacturer and model?

Do you have any disks which came with the system?

What circumstances led to your desire to use this product?

Louis

Edited by hamluis, 03 October 2012 - 07:42 AM.


#3 Destrus2

Destrus2
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 03 October 2012 - 08:14 AM

It seems more as if services.exe was important but I have no way to restore it now because I can't even get it to start in safe mode. I will take your statement to imply your suggestion is that I reinstall my operating system. If I'm wrong on that let me know.

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:48 AM

Posted 03 October 2012 - 01:53 PM

My "statement"...had more questions than opinions :).

If you answer those...I can give you opinions that are more than just dust in the wind/idle speculation.

Louis

#5 MDTechService

MDTechService

  • Members
  • 303 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:02:48 AM

Posted 03 October 2012 - 02:19 PM

This program has a significant track record of generating false positives to make itself look better.

My first recommendation? Uninstall immunet, delete it, and forget everything it told you.

Second - open the task manager (CTRL+Shift+Esc) and click on the processes tab.

Reply with the following information:
  • CPU usage % and memory usage % (bottom bar)
  • Any processes using over 100,000K of memory
  • Any processes using over 5% CPU

If I am helping you and I haven't replied to your thread in 3 days, please PM me or bump it

Mike D, BS, A+, HPSP, MCTS
I <3 Linux
The Airline Open source airline simulation game
Check the power cable to the wall first!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 AM

Posted 03 October 2012 - 09:07 PM

Essentially my task mangers usage %'s were seeming suspicious so I downloaded a free antivirus called Immunet and ran a flash scan.It promptly detected services.exe


You may be infected by zero access.

Restart the PC

Press F8 on bootup

Select REPAIR YOUR COMPUTER

Click on REPAIR

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Can you get to this screen?

If yes

Select System restore

If you have restore point before you installed immunet ,go ahead and restore

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:48 AM

Posted 03 October 2012 - 09:22 PM

Moved from Vista to the Am I Infected forum.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Destrus2

Destrus2
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 04 October 2012 - 08:05 AM

OK, to answer multiple responses at once, I didn't post this to "Am I Infected?" because I was almost certain I was infected and this was about an issue getting the computer to start after a problem removing a process not about the more than likely infection that lead to it. The computer is a Gateway DX441S, I no longer have the one CD that came with it years ago, I grabbed Immunet because I remembered it from a recommendation I got an a seperate virus forum years ago. I cant get the computer to start to try to uninstall Immunet or to report any task manager %'s. I'll try the F8 recommendations now and if they work I'll make it known here.Thank you all regardless of how this works out. I appreciate you all choosing to try and help.

Ah and I almost forgot to mention in response to someone mentioning it might be zero access, I'll say now incase it becomes relevant later I had quarantined a handful of files in the past that ended in a .0access.

Edited by Destrus2, 04 October 2012 - 08:08 AM.


#9 Destrus2

Destrus2
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 04 October 2012 - 08:18 AM

I'll have to assume that recommendation was based on a different machine but, F8 does nothing, F10 opens a boot menu that just gives me a couple of options comprised of strings of letters and numbers I don't recognize, and F2 brings me to my bios options wherein I found nothing similar to "Repair Computer". Notably however, when I start it normally it lists me a number of options because it failed to start <among which is safe mode which wont boot either> it is at the top of this screen that I notice it making a recommendation suggesting, if I'm not mistaken, that I can get that "Repair Computer" option only if I have my operating system disk in.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 AM

Posted 04 October 2012 - 09:45 AM

If you have another PC,create a repair disc using the following guide

http://www.howtogeek.com/howto/5409/create-a-system-repair-disc-in-windows-7/

Insert into infected PC and press F2 and select REPAIR YOUR COMPUTER

Can you get to the screen now?

#11 Destrus2

Destrus2
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 04 October 2012 - 12:00 PM

This netbook is the only other computer available to me at the moment. As a netbook a repair disk isout of the question. I haven't checked the site yet because I don't have time just this second but I'll certainly give it a look over in a bit and see if it can be performed with an SD card. Thanks again.

#12 Destrus2

Destrus2
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 04 October 2012 - 04:57 PM

I did look over that page now but I notice this is a direct windows process, the page says windows 7, I'd wager it can be performed on other versions, but my PC is Vista and this netbook is XP. Even if I could write the repair disk to an SD card <which still seems possible from what I read> I doubt I could repair my Vista PC with an XP repair disk. If that is not true just let me know and I'll give it a shot.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 AM

Posted 04 October 2012 - 08:42 PM

Ok that wont work.

Let me ask a malware response team member to help you.

#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:48 AM

Posted 04 October 2012 - 10:16 PM

:welcome:

Lets give it a try. You will need a USB Flash drive.

Download the appropriate version for your system of the Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

Run FRST once again. Type the following in the edit box after "Search:".

services.exe

It then should look like:

Search: services.exe

Click Search button and post the log (Search.txt) it makes in the USB drive to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 Destrus2

Destrus2
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 05 October 2012 - 05:05 AM

I would just like to make sure in advance, this would work with an SD card instead of a flash drive right? Also, is the F8 option one that would be created by having said flash drive in? As it stands the only options it gives me on startup are F2 and F10 and I just want to be sure there isn't any confusion.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users