The following is a RapidBlaster Infection: O4 - HKLM\..\Run: [rb32 ml710e] "C:\Program Files\RapidBlaster\rb32.exe" Download RapidBlaser Killer her http://www.wilderssecurity.net/downloads/rbkiller.exe to fix that.
Delete the following entries in HijackThis: O4 - HKCU\..\Run: [Microsoft IIS] C:\WINDOWS\system32\syshost.exe O4 - HKCU\..\Run: [Microsoft IIS] C:\WINDOWS\system32\syshost.exe O4 - HKLM\..\Run: [rb32 ml710e] "C:\Program Files\RapidBlaster\rb32.exe"
Optionally delete the following entries as they are resource hogs - NOT Spyware: O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
Please repost a new log after you have cleaned this up and rebooted your computer.
PGPhantom
76 Posts
0
April 8th, 2004 21:00
The following is an indication of a virus
O4 - HKLM\..\Run: [Microsoft IIS] C:\WINDOWS\system32\syshost.exe
Click on the following link for repair details:
http://securityresponse.symantec.com/avcenter/venc/data/w32.francette.worm.html
The following is a RapidBlaster Infection:
O4 - HKLM\..\Run: [rb32 ml710e] "C:\Program Files\RapidBlaster\rb32.exe"
Download RapidBlaser Killer her http://www.wilderssecurity.net/downloads/rbkiller.exe to fix that.
Delete the following entries in HijackThis:
O4 - HKCU\..\Run: [Microsoft IIS] C:\WINDOWS\system32\syshost.exe
O4 - HKCU\..\Run: [Microsoft IIS] C:\WINDOWS\system32\syshost.exe
O4 - HKLM\..\Run: [rb32 ml710e] "C:\Program Files\RapidBlaster\rb32.exe"
Optionally delete the following entries as they are resource hogs - NOT Spyware:
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
Please repost a new log after you have cleaned this up and rebooted your computer.
PGoody
46 Posts
0
April 9th, 2004 00:00
ChrisRLG
3.9K Posts
0
April 9th, 2004 07:00