CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| reply to eay9
Re: hijack this log...Winfixer, cws.qttask, Vx2.Lo
On this item noted by Trojan Hunter:
C:\WINDOWS\SYSTEM32\strings.exe (Suspicious: UPX-packed file in Windows System folder)
You can get a second (well actually 14) opinion here:
Jotti Malware Scan
»virusscan.jotti.org/
Let Jotti scan the file (just browse to it and submit) and wait while it finishes scanning. Copy the report when it's done and post the results back here 
If Jotti's Malware scan is busy, you can also use this one
Virus Total
»www.virustotal.com/
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2005
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
eay9
join:2001-08-03
Dixon, IL
| Thank you Calamity Jane.
I did as you suggested but the Vundi Fix will not work.
After I *cut and paste* the file path and do the "*enter,F6,enter*" it does not proceed to the next step.
I do not see the ""Please type in the second filepath as instructed by the forum staff
Then Press Enter, Then F6, Then Enter Again to continue with the fix.""
I am in safe mode. I'm XP SP2.
Any suggestions? |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
1 edit | Does Vundo fix say file not found? If so, something else may have already taken care of it and we can do some fixing of entries in HijackThis. |
|
eay9
join:2001-08-03
Dixon, IL | It doesn't say anything........just the file path and then nothing. My version of XP is an upgrade from WinME. Would that make a difference? |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| Hmmm, you're using this filename and path, right?:
C:\WINDOWS\system32\yabab.dll
Maybe try rebooting back into normal mode. Then try running the tool. I saw once instance where it wasn't working right in safe mode.
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2005
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
