| Author |
Message |
lozliz
Guest
|
 Posted:
Thu Jan 13, 2005 6:17 pm Post subject:
nt authority system |
|
|
I have installed lavasoft adware. Wwhen I run for the first time the
computer then shuts down, which has been authorised by NT authority system.
The actual error message is:
WINDOWS MUST NOW RESTART BECAUSE THE DCOM SERVER PROCESS LAUNCHER SERVICE
TERMINATED UNEXPECTEDLY.
Everthing else appears to be okay. |
|
| Back to top |
|
 |
Carey Frisch [MVP]
Guest
|
|
| Back to top |
|
|
David H. Lipman
Guest
|
| Posted:
Thu Jan 13, 2005 7:46 pm Post subject:
Re: nt authority system |
|
|
That means you are infected with non-viral malware. It is a self preservation scheme that
when you execute Adaware, the malware will shutdown the PC such that you don't get a chance
to remove it. I think that is pretty smart and I have run accross it a couple of times it
is certainly PITA !
However, you CAN overcome this self preservation attempt.
When you execute Adaware and you get the shutdown message, go to..
Start --> run
and type
shutdown -a
then hit the enter key. That should stop the shutdown sequence and allow you to clean the
system. The following is a set of instructions I suggest to help make that cleaning process
be effective as possible. Ignore the section about downloading Adaware unless you don't
have Adaware SE v1.05.
1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt345.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point
* * * Please report your results ! * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html |
|
| Back to top |
|
|
lozliz
Guest
|
| Posted:
Fri Jan 21, 2005 12:45 am Post subject:
Re: nt authority system |
|
|
David,
i have follwed points 1-3 below; however have stumbled at point 4.
How do you reboot the computer into safe mode.
Also once i run the various programmes how do i know what to delete and what
not to delete ?
Any advice would be appreciated.
thanks
lozliz |
|
| Back to top |
|
|
David H. Lipman
Guest
|
|
| Back to top |
|
|
lozliz
Guest
|
| Posted:
Fri Jan 21, 2005 8:01 pm Post subject:
Re: nt authority system |
|
|
Dave,
I have completed 2 runs of trends sysclean, ad-ware & McAfee stinger twice
in safe mode. I have then run all three once in normal mode.
Ad Aware now runs without shutting down XP. It does identify about 200
items, which fall into the following categories.
Windupdates: 5 objects
Bargin Buddy: 90 objects
BlazeFind: 1 object
SahAgent: 30 objects
Search Relevancy: 13 objects
180 solutions: 45 objects
Radsol.Quadrogram: 1 object
Other: 7 objects
Are they all safe to delete? Any help would be appreciated.
Thanks
Lozliz |
|
| Back to top |
|
|
Bruce Chambers
Guest
|
| Posted:
Fri Jan 21, 2005 8:43 pm Post subject:
Re: nt authority system |
|
|
lozliz wrote:
| Quote: | Dave,
I have completed 2 runs of trends sysclean, ad-ware & McAfee stinger twice
in safe mode. I have then run all three once in normal mode.
Ad Aware now runs without shutting down XP. It does identify about 200
items, which fall into the following categories.
Windupdates: 5 objects
|
Sunbelt Spyware Research Center
http://research.sunbelt-software.com/threat_display.cfm?name=WindUpdates
| Quote: | Bargin Buddy: 90 objects
|
Symantec Security Response - Adware.BargainBuddy
http://sarc.com/avcenter/venc/data/adware.bargainbuddy.html
| Quote: | BlazeFind: 1 object
|
Symantec Security Response - Adware.BlazeFind
http://sarc.com/avcenter/venc/data/adware.blazefind.html
| Quote: | SahAgent: 30 objects
|
Symantec Security Response - Adware.SAHAgent
http://sarc.com/avcenter/venc/data/adware.sahagent.html
| Quote: | Search Relevancy: 13 objects
|
Symantec Security Response - Spyware.Relevancy
http://securityresponse.symantec.com/avcenter/venc/data/spyware.relevancy.html
| Quote: | 180 solutions: 45 objects
|
PC Hell: How to Remove Ncase from 180 Solutions
http://www.pchell.com/support/ncase.shtml
| Quote: | Radsol.Quadrogram: 1 object
|
eTrust PestPatrol Pest Encyclopedia - Rads01.Quadrogram
http://www.pestpatrol.com/PestInfo/r/rads01_quadrogram.asp
| Quote: | Other: 7 objects
Are they all safe to delete? Any help would be appreciated.
|
Wow! Do you collect spyware for a hobby? ;-} Yes, it's not only
safe, but highly advisable, for you to delete most of those. The "other"
category is too vague and a bit puzzling, though; leave those alone and
provide some specific details about them, if you can.
Then, you might want to learn a little bit about practicing "safe hex."
Neither adware nor spyware, collectively known as scumware,
magically install themselves on anyone's computer. They are almost
always deliberately installed by the computer's user, as part of some
allegedly "free" service or product.
While there are some unscrupulous malware distributors out there,
who do attempt to install and exploit malware without consent, the
majority of them simply rely upon the intellectual laziness and
gullibility of the average consumer, counting on them to quickly click
past the EULA in his/her haste to get the latest in "free" cutesy
cursors, screensavers, "utilities," and/or wallpapers.
If you were to read the EULAs that accompany, and to which the
computer user must agree before the download/installation of the
"screensaver" continues, most adware and spyware, you'll find that
they _do_ have the consumer's permission to do exactly what they're
doing. In the overwhelming majority of cases, computer users have no
one to blame but themselves.
There are several essential components to computer security: a
knowledgeable and pro-active user, a properly configured firewall,
reliable and up-to-date antivirus software, and the prompt repair (via
patches, hotfixes, or service packs) of any known vulnerabilities.
The weakest link in this "equation" is, all-too-often, the computer
user. No software manufacturer can -- nor should they be expected to --
protect the computer user from him/herself. All too many people have
bought into the various PC/software manufacturers marketing claims of
easy computing. They believe that their computer should be no harder to
use than a toaster oven; they have neither the inclination or desire to
learn how to safely use their computer. All too few people keep their
antivirus software current, install patches in a timely manner, or stop
to really think about that cutesy link they're about to click.
Firewalls and anti-virus applications, which should always be used
and should always be running, are important components of "safe hex,"
but they cannot, and should not be expected to, protect the computer
user from him/herself. Ultimately, it is incumbent upon each and every
computer user to learn how to secure his/her own computer.
To learn more about practicing "safe hex," start with these links:
Protect Your PC
http://www.microsoft.com/security/protect/default.asp
Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/
List of Antivirus Software Vendors
http://support.microsoft.com/default.aspx?scid=kb;en-us;49500
Home PC Firewall Guide
http://www.firewallguide.com/
Scumware.com
http://www.scumware.com/
The Parasite Fight
http://www.aumha.org/a/parasite.htm
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH |
|
| Back to top |
|
|
David H. Lipman
Guest
|
| Posted:
Fri Jan 21, 2005 9:03 pm Post subject:
Re: nt authority system |
|
|
Bruce has provided pertinent information.
All I can say is "dump them all !"
--
Dave |
|
| Back to top |
|
|
lozliz
Guest
|
| Posted:
Fri Jan 21, 2005 10:33 pm Post subject:
Re: nt authority system |
|
|
Bruce,
Thanks for the info all items now deleted. "others" disappeared when i
deleted the other items.
I will now spend time reading the additional links you sent.
Thank you.
lozliz |
|
| Back to top |
|
|
lozliz
Guest
|
| Posted:
Fri Jan 21, 2005 10:35 pm Post subject:
Re: nt authority system |
|
|
Dave,
All clean for the time being! Thanks for all your help.
Lozliz |
|
| Back to top |
|
|
lozliz
Guest
|
| Posted:
Fri Jan 21, 2005 10:37 pm Post subject:
Re: nt authority system |
|
|
Dave,
All clean for the time being!
Thanks for all your help.
lozliz |
|
| Back to top |
|
|
Bruce Chambers
Guest
|
|
| Back to top |
|
|
David H. Lipman
Guest
|
| Posted:
Sat Jan 22, 2005 1:28 am Post subject:
Re: nt authority system |
|
|
Anytime !
--
Dave |
|
| Back to top |
|
|
ufo3k
Joined: 19 Mar 2006
Posts: 1
|
| Posted:
Sun Mar 19, 2006 5:05 pm Post subject:
re:thks |
|
|
like to thks the person who gib the advice here, jus got the so call virus, n had it removed ,  |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in
