Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can I Remove Awtss.exe From Registry As Directed At Start Up?


  • This topic is locked This topic is locked
2 replies to this topic

#1 SConner

SConner

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 10 February 2008 - 11:40 AM

My son left me instructions to "take his laptop to the "shop" this weekend because it is acting up". Takes about 5 minutes, literaly, to start up, once it is up, opening programs is slow, and after awhile the desktop goes blank like it is sleeping, but it won't wake back up. Right after start up, I get a message that says:
"Windows cannot find c:\windows\system32\awtss.exe Make sure you typed the name correctly, and try again. To search for a file, click the start button and then click Search" Please go to start and search for the file".
When I click OK I get a second message: "Could not load or run' C:|WINDOWS\system32\awtss.exe' specified in the registry. Make sure the file exists on your computer or remove the reference to it in the registry.

I didn't go looking for the file, yet, was afraid the "search" process might make the problem worse. When I googled awtss it brought me to forums-- it looks like it is a problem, but...

In Norton, I saw that on 1/29/08 Vundo was blocked, which is about when the problem started. In safe mode, I Ran SpyBot and found Vundo.generic and Vundo, and used S&D to delete them.

I rebooted in normal mode and it is still as slow, Spybot came up and checked the system at start up (this was the first time it auto ran since I started playing with this) and deleted the same Vundo file as normal user.
The speed is better (3 minutes for start up) . But I still get the error message at: "Can't find c:\windows\system32\awtss.exe . Please go to start and search for the file".

Should I search for the awtss.exe and remove from the registry using HJT?

Also when I try to close down I get Svchost is not responding,
The HJT (Crusty) log is attached

Any help is appreciated.

Attached Files



BC AdBot (Login to Remove)

 


m

#2 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:05:58 PM

Posted 18 February 2008 - 04:33 PM

Hello SConner,

Welcome to the Bleeping Computer Malware Removal Forum, sorry about the delay, but the amount of people posting with infected computers is through the roof and sometimes we can't get to logs as fast as we would like to. Your infected with the Vundo trojan and a few other nasty programs, if you have not resolved your issue and still need assistance, post a new HJT log please.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#3 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:05:58 PM

Posted 27 February 2008 - 06:28 PM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter. Should you have a new issue, please start a New Topic.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users