Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows Live safety center - new virus found

Status
Not open for further replies.
nightrax

nightrax

IS-IT--Management
Dec 29, 2005
46
GB
The WLSC has found a virus called: Win32/NewMalware.E - l have tryed to search for info, but found none. The Microsoft info is as usefull as a chocolate oven.

It is in a dir called: postoobe and the file is called favtool2.exe

Just wondering if anyone else has this problem or has found a solution.

Thanks in advanced,

AnDy
 
Sort by date Sort by votes

Is favtool2.exe a program you are familiar with? There is no mention of it when searching Google.

I thought it might be a false alarm, but "no hits" makes me more suspicios.

Have you tried a second and third opinion with different scanners?

Removing adware & spyware
faq608-4650

Microsoft (GIANT Antispyware) Beta available
Thread779-979113

Try the free version of "Ewido"

HijackThis log file analysis
 
Upvote 0 Downvote
Thanks for the reply, l have checked the hijackthis log and run two spyware removing programs and found nothing in relation to this file.

l found the file in a dir called system.sav, which seems to house a lot of the XP restore info. There is a text file called favtool so l include it here -

Started

Read LCID of ->0809

Which is ->English (United Kingdom)

Using LCID Alias of ->0409

Which is ->English (United States)

CreateDirectory ->C:\Documents and Settings\All Users\Favorites\HEWLETT-PACKARD Recommended Sites

CreateDirectory ->c:\documents and settings\Default User\favorites\HEWLETT-PACKARD Recommended Sites

CreateDirectory ->C:\Documents and Settings\Administrator\Favorites\HEWLETT-PACKARD Recommended Sites

CreateDirectory ->C:\Documents and Settings\Administrator\Favorites\HEWLETT-PACKARD Recommended Sites

CreateDirectory ->FAILED -->Cannot create a file when that file already exists.

RemoveDir() - RemoveDir() - Invalid File Handle - C:\Documents and Settings\LocalService\Favorites\*.*

RemoveDir() - FindFirstFile(C:\Documents and Settings\LocalService\Favorites\*.*) 3-The system cannot find the path specified.

CreateDirectory ->C:\Documents and Settings\LocalService\Favorites\HEWLETT-PACKARD Recommended Sites

CreateDirectory ->FAILED -->The system cannot find the path specified.

RemoveDir() - RemoveDir() - Invalid File Handle - C:\Documents and Settings\NetworkService\Favorites\*.*

RemoveDir() - FindFirstFile(C:\Documents and Settings\NetworkService\Favorites\*.*) 3-The system cannot find the path specified.

CreateDirectory ->C:\Documents and Settings\NetworkService\Favorites\HEWLETT-PACKARD Recommended Sites

CreateDirectory ->FAILED -->The system cannot find the path specified.


l think it is to do with the OEM, so when there is a full restore of the system there website is always in the fav-toolbar as the startup page, checky little so and so's!!

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question
Virus
Replies
15
Views
716
dik
dik
K
  • Locked
  • Question
Recover Data Windows 10 1
Replies
2
Views
4K
Rick998
Rick998
pjw001
  • Locked
  • Question
Latest Windows Update - End of Service
Replies
2
Views
3K
pjw001
pjw001
VicM
  • Locked
  • Question
Problem updating Windows Explorer
Replies
1
Views
864
Nancycaf
Nancycaf
pjw001
  • Locked
  • Question
Windows 11 Screen Colours have changed (slightly) 3
Replies
14
Views
7K
pjw001
pjw001

Part and Inventory Search

Sponsor

Back
Top