| View previous topic :: View next topic |
| Author |
Message |
IamShe
Cadet
Joined: Aug 21, 2008
Posts: 2
Location: Australia
|
 Posted: Thu Aug 21, 2008 7:16 am Post subject: NT Authority\System Error Message + asiuoqgusdbaksd.com |
|
|
I'm pretty much at my wits end with this issue.. My system keeps getting the dreaded NT Authority\System Error Message: "This system is shutting down. Windows must now restart because the Remote Procedure Call (RPC) service terminated unexpectedly."
To top it off I also seem to be hijacked with asiuoqgusdbaksd.com
I can't seem to get rid of EITHER! I've been to several sites with solutions and tried them all (Malwarebytes' Anti-Malware, Smithfraud and Windows Malicious Software Removal Tool), but nothing seems to work. It doesn't even detect the malware. According to sites I've been to these are symptoms of a Blaster worm.. How do I get rid of it????
This is my Hijack this log if that will help..
Logfile of HijackThis v1.99.1
Scan saved at 16:55:37, on 8/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\INTERN~2\mum.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\DNsoft.be\Shutdown Scheduler\PC Shutdown.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Opera\opera.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Hijackthis\HijackThis.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [InternodeUsage] C:\PROGRA~1\INTERN~2\mum.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKCU\..\Run: [Shutdown_Manager] C:\Program Files\DNsoft.be\Shutdown Scheduler\PC Shutdown.exe
O4 - Startup: Shortcut to BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Unknown owner - -C:\Program Files\HPQ\Shared\hpqwmi.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - -"C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)  [/b]
|
|
| Back to top |
|
 |
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7326
|
| Posted: Thu Aug 21, 2008 5:16 pm Post subject: |
|
|
Hi IamShe,
I have moved your thread to the HiJackThis forum. Only experts in the HJT forum can read your HJT log. Please read the Hijackthis Guidelines Read Before Posting
The HJT forum is very busy ... please be patient ... while waiting, follow the MRP to clean your system.
If you complete the MRP before one of the 1st Responders or Security Experts assists you, please post an after MRP HJT log in this same thread.
_________________
Never stop learning
|
|
| Back to top |
|
|
Prince_Serendip
Site Moderator
Joined: Sep 07, 2002
Posts: 17542
|
| Posted: Fri Aug 22, 2008 1:54 pm Post subject: |
|
|
Your version of HijackThis is out-of-date. Please uninstall your old copy of HJT with Add/Remove Programs.
Please follow the instructions >>>HERE<<< at #5. Thanks.
Note: The current version is HijackThis 2.0.2.
_________________
Microsoft MVP Consumer Security 2006, 2007 & 2008
|
|
| Back to top |
|
|
IamShe
Cadet
Joined: Aug 21, 2008
Posts: 2
Location: Australia
|
| Posted: Sun Aug 24, 2008 7:24 pm Post subject: |
|
|
Hi, I managed to solve the problem using Trojan Remover 6.7 .. Thanks for the help 
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
