Why do I seem to always find things not to many know about? Just got my cumputer out of the closet after 5yrs, and finally getting net service I went thru and updated most of my programs and getting avast (the free one) and going thru its veeeeerrrrryyyy slow scanning it came up with 7 viruses. OK I kinda figured that as normal, and promptly got rid of them. Since that time I run it on the faster scan ever 2 days or so and the same thing happens NO VIRUSES, YEAH ME!!. But ever since I updated and added numerious files when I boot up (turn on the computer) alomost all of my icons took at least 1 1/2 min to appear, seemed rather odd to me. So off to the search engines I went (all day ordeal) and came across 1 that got my attention. Go into safe mode and run Avast and find out what happens. So I did and guess what? It found 2 viruses that it identified and I never heard of. After getting rid of them my computer boots right up, just like I remember. This was found in my windows\sys32 folder only in safe mode and NOT in normal operating mode. OK now what is your best guess on this one yqdhjfa.sys their were 2 of them named the same. ??? Running Windows xp
I also did a scan and i don’t have that virus. Did you submit that file to avast for analysis?
Well to make the answer direct NO!!! I sometimes regret my decisions after the fact. And this is one of those times. I refrain from doing things like that, with the mindset that I will never hear from anyone after making the effort to notify the company about something odd. In the past I did that alot (sending in little bits of info to companies) and never hearing so much as a whisper back. Maybe I might have to change the way I think I don’t know.
I did a Google search, but it came up with only your post. So let’s just hope that those viruses won’t come back again! Anyway, which anti spyware software did you use? A fake anti spyware or antivirus can cause this problem.
Well the only Spy-ware thats on this computer is Avast, and nothing more. Like as was stated before those 2 annoying files Avast picked up (yqdhjfa.sys) in my Windows\system 32 folder where a pain in my side. Not only (at the time) would my windows icons not load up right away but even trying to turn off my computer would be an ordeal. Most of the time I would need to turn it off at the tower, it would’nt do it by myself. I was just hoping that since this was the site for my Anti-Spyware program it would have some sort knowledge base on viruses, I’m sure it does but I keep coming up rather short in the answer dept. Seems to be the way my luck runs, to find something nobody knows about. :o
yqdhjfa is a common enough looking name for malware. mostly you would pick that out in log. what is often referred to as an alias
Even though names themselves are not that important, you are right that as a keyword the name should generate malware reports of some kind. And being a sys file looks like the attack is intended to divert control of the system to the malware. There would usually be more detections, but you removed instances of the virus (7 files) with yr very first scan. This could more or less have included the virus itself. Doesn’t matter too much that the trace is gone, as long as the malware is removed from yr system. Thats the main thing.
I used to delete my obvious viruses, but since I have been with the webforum I have chosen to move them to the chest, where they are no longer danger to the system. And I keep rough note of what I find.
Safe Mode is diagnostic mode so only software necessary for information retrieval and return and read/write facility is loaded atop the minimum running gear. So, ideal environment for scan if able to run. I prefer boot-time scan where software load is absolute minimal and basic options are provided for detections. http://www.schmahl.net/avastbootscan.php
avast has a anti-spyware component, but is first an antivirus program. The security of system is largely handed over to avast to scan in realtime (the whole time while you using it). It does this with the File System Shield, and while you on the internet, it constantly scans connnections with the Web Shield. Many forum members use Malwarebytes (mbam) and Superantispyware (SAS) as their specialist anti-spyware applications. I use mbam and I run it ‘on demand’, which means I call it when I want to use it Unlike avast which is always running (‘resident’) and can be scanning from when the system software starts, mbam can be started by the system when you want to run a scan. As a specialist utility, mbam will find spyware that avast does not find. So mbam is ideal to have as complement to avast.
Randomly created file names like this are highly unlikely to return any useful information on a search of the file name.
unless absolute random, the name of a bad file sometimes will pop up on the search engine because it has been listed often enough in logs (like Hjt, mbam)and posts, or in publication of virus definitions, and search lead will sometimes direct to the actual package. But you do need to know ways of cutting down yr workload when you search names because as David says there can be lot of work for nothing.