1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Win32 Bl Application

Discussion in 'Virus & Other Malware Removal' started by sinsation, Sep 17, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    I recently came across a Win32 Bl Application in my add/remove programs. I did a little researching about it and saw it was spyware assocated free trial versions of software I'd never heard of before.. and the files, reg entries, and class id's that it says are supposed to be there arent.

    I don't see anything in my hjt log, but I'm not the expert.
    Any help would be appreciated.

    *edit*
    A few things regarding my zipcd, mcafee, easy access button support, backweb, taskmon, and a quicktime task (whatever the hell that is) was unchecked in startup.
     
  2. Topkat

    Topkat

    Joined:
    Aug 10, 2003
    Messages:
    401
    By 'Win32 Bl' do you mean Win32 Blaster? If so then you have the Blaster worm. Follow these instructions to remove the Blaster worm.

    Here's info on QuickTime Task/qttask for you:
    Qttask.exe , System Tray access to Apple's "Quick Time" viewer from version 5 onwards.
     
  3. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    I have no idea to be honest, in add/remove it just has win32 Bl application.. I don't know if it's a lowercase L or an uppercase i.
     
  4. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Well, I don't think it's blaster, the tool didn't find any trace of it.
    I was able to find it in my registry though.

    Location:
    The variables in there are:
    Judging by the contents of bi2.inf it is the Win32 BI Application, which I guess is a transponder variant? I didn't catch it earlier because the values it put on my computer is different than the values I've found on sites about this.
    I'm downloading a spyware program now called Bazooka that's said to detect this little demon.


    I did find something else too that struck me as odd.
    HKEY_LOCAL_MACHINE\Software\Microsoft\G<2<::99;
    Contents:
    (Default) (no value set)
    ¸¬º¹ 25 cd a5 a5

    Any ideas?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/165449

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice