urlap.exe

does anyone know what "urlap.exe" is? i've searched and searched and i'm only getting hungarian...which is a little scary. appreciate the help!

 

thanks for your reply.

my cpu was whirring and couldn't get anything done, so i followed the most excellent instructions in "READ ME FIRST...". although i was not able to run the online scanners in safe mode with networking the situation is much improved and stuff like logs.exe, bkinst.exe, and others are gone.

except for one...urlap.exe (not to be confused with urlmap.exe).

according to the "processes" tab in task manager it consistently takes over 20,000k of memory, won't go away when asked to end the process.

the mcaffee firewall i installed yesterday announced that "urlap.exe is trying to access the internet." i've blocked it, but am not sure how much good that's doing.

microsoft doesn't know what it is, http://www.2-spyware.com (which has been helpful in identifying the good, bad, normal, and not so normal) don't identify it. when i google it, it only gives me references to hungarian websites.

can you help?

thanks very much for helping me and so many others. you have positively impacted so many lives.

 

Hi Guys,

I've run across bkinst.exe a number of times in conjunction with StopGuard. I think it might be a master .exe associated with that particular malware. Chances are good that it is still on revets2's computer in some form. Perhaps a HijackThis Log is in order?

NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Best
PP

 

thanks for your response. fortunately, bkinst.exe is gone! but if you have any info on urlap.exe let me know!

 

Hi revets2,

What I am saying is that bkinst.exe is a sign of bigger problems, such as a Stopguard infection. Just getting rid of it does not always solve your problem.
Take a look at these threads:

Morphing malware

Could use some help.

urlap.exe is probably one of a few randomly generated .exes as a result of a Stopguard mutation. Of course, I could be wrong - But we cannot know that without a HJT log. I'm just speaking from what I've seen before

If you decide to attach a log, I'd be happy to look at it - I usually check back in the wee hours of the night.

Best,
PP

 

hi phillie phan...

thanks for your patience and advice.

can you tell me how to access the "hjt" log?

sorry for my ignorance.

thanks!

 

Hi revets2,

You caught me right as I was calling it a night! Did you see any similarities in the links I gave you?

For HijackThis, please read this:
NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Note that your HijackThis should be up-to-date (v1.98.2) and MUST be extracted to its own safe folder - C:\Program Files\HijackThis

If you need a Fresh Download of HJT, get it HERE: HijackThis 1.98.2

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log as a .txt file and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

Send us a log & I'll check back when I get a chance - probably the wee hours tomorrow.

Best
PP

 

hey pp...

here's the log and once again, thanks again.

revets

 

thanks for your reply. attached is the log, and, yes, i don't feel confident...i hope you don't mind lending a hand.

only problem experienced was it didn't initially find urlap and bkinst. i had to really, really dig.

thanks so much, and btw, i'm one of the ones that "don't"! couldn't you tell?!?

 

Hi revets2,

Looks like my suspicions were on target

It looks like your new log didn't attach - please try again.
I'm just popping in and out so I won't be able to look at it until later. Chas will probably beat me to it.

We are happy to talk you through all of the steps - StopGuard can be a real pain!
After we get you all fixed up, we'll give you some pointers on how to better protect your computer from Malware.

Best,
PP

 

oops! sorry, here's the log!

 

Hi Revets2,

Your HJT Log looks good! It looks like you and Chas got it all How are things running now??

Did you have any trouble running my removal steps? What sort of difficulties did you have finding urlap & bkinst? I could really use any feedback you might have - It'll help us help the next person down the line with the same problem.

You should also take a look at Chas' recommendations HERE:How to protect yourself from malware!

I definitely recommend that you use the following tools:
Ad-Aware SE Personal

SpyBot-Search & Destroy - Remember to use the "Immunize" feature

SpywareBlaster

These are all FREE! Just remember to Internet Update them regurlarly! They, along with a good Anti-Virus and Firewall & keeping your Windows up-to-date will do wonders in helping to keep Malware off your computer!

Best
PP

 

I finally realized that you were referring to Chaslang's signature - - - All that really means is that he is a fan of the 11 Stooges and his favorite movie is Disney's Five Dalmatians.

 

pp & chaslang...

how can i thank you both for saving my computer, our not-for-profit work and lots of disadvantaged children? i hope you know what an impact you've had on so many lives this last week and into the future.

you both are the greatest!

thanks a million!!!!

 

You're welcome! A nice message like that is thanks enough! I can probably speak for Chas when I say that we are happy to help

Best Regards,
PP