« previous next »
Pages: [1]   Go Down

Author Topic: malware shut down ashserv.exe  (Read 2055 times)

0 Members and 1 Guest are viewing this topic.

Bob Anderson

  • Guest
malware shut down ashserv.exe
« on: March 06, 2009, 07:42:08 PM »
Twice in the last week I have noticed that something is shutting down ashserv.exe. I can't be certain but I think it is one of those bogus online AV sites. When it is shut down a red mark appears on the 'a' ball. I am not personally concerned about this because I do daily True Image backups, so when I notice ashserv.exe has been shut down I get a clean image. I will try and keep my eye open for the malware culprit. 

Once the service has been shut down, it cannot be restarted without rebooting.

-Bob
« Last Edit: March 06, 2009, 07:43:45 PM by Bob Anderson »
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: malware shut down ashserv.exe
« Reply #1 on: March 06, 2009, 07:47:55 PM »
Act quickly...
There is a similar topic http://forum.avast.com/index.php?topic=25822.0
Use this tool to scan your PC - http://www.f-secure.com/blacklight

You probably still have an infection, probably a rootkit on your system that is killing avast.

I suggest you visit this page http://www.antirootkit.com/software/index.htm for antirootkit detection, removal & protection.
Logged
The best things in life are free.

Bob Anderson

  • Guest
Re: malware shut down ashserv.exe
« Reply #2 on: March 06, 2009, 08:26:24 PM »
Oh, I am quite certain I do not have any malware on this machine, and never have since I built it 5 years ago. However, since you took the time and trouble to provide links I did the F-Secure Blacklight scan and then I ran the Avast! scan, all clean. I was surfing when I was redirected to 'Anti Virus' (something) and it wanted to start a scan. Then I noticed ashserv.exe was missing from Task Manager. I killed ieexplor.exe and loaded a backup TI. 
The F-Secure scan was extremely fast, a couple minutes at most. I'll keep it and thanks. :)

-Bob
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: malware shut down ashserv.exe
« Reply #3 on: March 06, 2009, 08:47:03 PM »
I suggest the general cleaning procedure to be sure you're clean:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.
Logged
The best things in life are free.
Pages: [1]   Go Up
« previous next »