Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infection in rpcss.dll..."windows must restart..."


  • This topic is locked This topic is locked
3 replies to this topic

#1 JamesRF

JamesRF

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 12 January 2014 - 10:25 AM

I need some help with this virus. It cause dcom and power make the computer restart "windows must restart because power/dcom process terminated unexpectedly"

 

So far I have tried running rkill but it gets to rpcss.dll and says it has no sig, but it crashes rkill...never happened before!

.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Adobe Shockwave Player 12.0
ATI Catalyst Install Manager
Bluetooth by hp
BufferChm
Buttons & OSDs control application gen3
C4700
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink DVD Suite Deluxe
Destinations
DeviceDiscovery
DirectX for Managed Code Update (Summer 2004)
ESET Online Scanner v3
Google Earth
Google Update Helper
GPBaseService2
HiJackThis
HP Customer Experience Enhancements
HP Desktop Keyboard
HP Games
HP MediaSmart DVD
HP Odometer
HP Photo Creations
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
HP Product Detection
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP TouchSmart Browser
HP TouchSmart Calendar
HP TouchSmart Canvas
HP TouchSmart Clock
HP TouchSmart Link
HP TouchSmart Live TV
HP TouchSmart Movie Themes
HP TouchSmart Music/Photo/Video
HP TouchSmart Netflix
HP TouchSmart Notes
HP TouchSmart RecipeBox
HP TouchSmart Twitter
HP TouchSmart Weather
HP TouchSmart Webcam
HP Update
HPAsset component for HP Active Support Library
HPPhotoGadget
HPProductAssistant
Java 7 Update 21 (64-bit)
Java 7 Update 25
Java Auto Updater
LabelPrint
LibreOffice 4.0.2.2
LightScribe System Software
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft Live Search Toolbar
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Silverlight
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Works
Microsoft XNA Framework Redistributable 3.0
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Network64
Oracle VM VirtualBox 4.3.2
Power2Go
PowerRecover
PS_AIO_06_C4700_SW_Min
QuickTransfer
Samsung Story Album Viewer
Scan
Skype™ 6.10
SmartWebPrinting
SolutionCenter
SoundMAX
Status
swMSM
Toolbox
TrayApp
VLC media player 2.1.2
WebReg
.
==== End Of File ===========================
 


Edited by JamesRF, 12 January 2014 - 10:33 AM.


BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:17 PM

Posted 16 January 2014 - 08:03 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Also

  • Please re-run FRST again and type the following in the edit box after Search: rpcss.dll
  • Click the Search button
  • It will make a log (Search.txt)- please post the log into your reply to me. (you can use pastebin as well).

 

 

Regards,

Georgi


cXfZ4wS.png


#3 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:17 PM

Posted 18 January 2014 - 06:14 AM

Hi,

 

Are you still there?

 

 

Regards,

Georgi


cXfZ4wS.png


#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:17 PM

Posted 30 January 2014 - 09:28 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users