Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

B.h.o.


  • Please log in to reply
3 replies to this topic

#1 NoRoaches

NoRoaches

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 13 April 2007 - 02:17 AM

Could someone please tell how get rid of this.
Iv'e tried alot of different delete on reboot, and just can't shake this one.
Even used a stratup disk and tried to sneak up on it that way.
Any suggestion.

:thumbsup:

Attached Files


Edited by NoRoaches, 13 April 2007 - 02:19 AM.


BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:34 PM

Posted 13 April 2007 - 07:04 AM

Welcome to the BleepingComputer HijackThis forum NoRoaches :thumbsup:

You've used Trend Micro HijackThis v2.0.0 (BETA) to post your log,as with any Beta software it's not reliable.
Please uninstall/delete it.

Download and install Hijackthis.
This is a self-extracting version which will automatically install HJT to C:\Program Files\Hijackthis by default,a desktop shortcut will also be created.
Launch Hijack This and press:'Do a system scan and save a logfile'.
Notepad will pop up showing the Hijack This log.
Copy and paste the whole contents of that log into your next reply directly into this topic,please don't use attachments.

*Note*
You'll also find the 'hijackthis' logfile in C:\Program Files\Hijackthis.
Posted Image
Posted Image

#3 NoRoaches

NoRoaches
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 13 April 2007 - 12:18 PM

Ok Sorry for the attachment




Logfile of HijackThis v1.99.1
Scan saved at 10:13:19 AM, on 4/13/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ISS\BlackICE\blackd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ISS\BlackICE\blackice.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: (no name) - {E44527F6-1296-4A84-B67D-A6CEA6ED4B69} - C:\WINDOWS\system32\awttuur.dll
O20 - Winlogon Notify: awttuur - C:\WINDOWS\SYSTEM32\awttuur.dll
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll
O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\ISS\BlackICE\blackd.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\ISS\BlackICE\rapapp.exe

#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:34 PM

Posted 13 April 2007 - 12:51 PM

Before we can provide you with any further assistance,you first need to go here and install Service Pack 1a;
http://www.microsoft.com/windowsxp/downloa...p1/default.mspx
This will patch numerous security vulnerabilities in Internet Explorer and the Windows operating system.
As your machine stands right now it's exremely vulnerable to infection.
You need to get these updates installed first before we can proceed or we’ll both be wasting our time.

Note:
Do not install Service pack 2.
If you install SP 2 on an infected machine it will cause serious problems within the operating system.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users