startup program

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

running XP pro

I have a startup program in msconfig
called: fyacfh.exe

can't find out what this is ??

( I have disabled it )


ken
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

"siggy" <this_is_me_sigma@accesscomm.ca> wrote in message
news:eOYwt8jjEHA.2324@TK2MSFTNGP10.phx.gbl
> running XP pro
>
> I have a startup program in msconfig
> called: fyacfh.exe
>
> can't find out what this is ??
>
> ( I have disabled it )
>
>
> ken

Not sure which it is, but it's probably either a virus or malware.
First eliminate any scumware.
See
Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
http://mvps.org/winhelp2002/unwanted.htm

Note that AdAware and SpyBot S & D will each catch some things the other
won't. Also, each needs to be updated with the program's update function
before every use, even when just downloaded. There's also a lot more to do
than just those two programs. CWShredder is also available here:
http://www.kellys-korner-xp.com/regs_edits/cwshredder.zip
**Post your HijackThis log to
http://forums.spywareinfo.com/ or the Spyware forum at
http://forum.aumha.org/ for expert analysis, not here.**
Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder
may be found on this page:
http://aumha.org/a/parasite.htm.

If nothing there helps, please post back to this thread.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

Hi Siggy,

It's a trojan (virus) file. Follow these "relatively" simple removal steps:

Restart in Safe mode by hitting F8 as Windows first begins to load on boot.
Logon as administrator.

Start/search/files and folders, look for <filename> and delete it wherever
it is found.

Start/run regedit, expand the + signs to look under these keys:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

Look in the right hand pane for the string or strings that load that file.
Delete just those strings that contain the reference. Do not delete other
strings or the keys from the left pane. Close the registry editor when
completed, make sure you check all strings.

Go to the Control Panel/System/System Restore tab. Check the box to "Turn
off system restore on all drives". Click apply/ok. This will remove all
restore points, however you don't want them back as some or all of them will
contain the virus depending upon how recently you got infected.

Restart the system normally. Go back to the Control Panel/System and restart
System Restore.

Update your antivirus software, run a full system scan.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Associate Expert - WindowsXP Expert Zone
www.microsoft.com/windowsxp/expertzone
Windows help - www.rickrogers.org

"siggy" <this_is_me_sigma@accesscomm.ca> wrote in message
news:eOYwt8jjEHA.2324@TK2MSFTNGP10.phx.gbl...
> running XP pro
>
> I have a startup program in msconfig
> called: fyacfh.exe
>
> can't find out what this is ??
>
> ( I have disabled it )
>
>
> ken
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

thanks..... muchly
** a project for tonight **


siggy




"Rick "Nutcase" Rogers" <rick@mvps.org> wrote in message
news:u$qQp%23njEHA.3604@TK2MSFTNGP10.phx.gbl...
> Hi Siggy,
>
> It's a trojan (virus) file. Follow these "relatively" simple removal
> steps:
>
> Restart in Safe mode by hitting F8 as Windows first begins to load on
> boot. Logon as administrator.
>
> Start/search/files and folders, look for <filename> and delete it wherever
> it is found.
>
> Start/run regedit, expand the + signs to look under these keys:
>
> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
>
> Look in the right hand pane for the string or strings that load that file.
> Delete just those strings that contain the reference. Do not delete other
> strings or the keys from the left pane. Close the registry editor when
> completed, make sure you check all strings.
>
> Go to the Control Panel/System/System Restore tab. Check the box to "Turn
> off system restore on all drives". Click apply/ok. This will remove all
> restore points, however you don't want them back as some or all of them
> will contain the virus depending upon how recently you got infected.
>
> Restart the system normally. Go back to the Control Panel/System and
> restart System Restore.
>
> Update your antivirus software, run a full system scan.
>
> --
> Best of Luck,
>
> Rick Rogers, aka "Nutcase" - Microsoft MVP
> http://mvp.support.microsoft.com/
> Associate Expert - WindowsXP Expert Zone
> www.microsoft.com/windowsxp/expertzone
> Windows help - www.rickrogers.org
>
> "siggy" <this_is_me_sigma@accesscomm.ca> wrote in message
> news:eOYwt8jjEHA.2324@TK2MSFTNGP10.phx.gbl...
>> running XP pro
>>
>> I have a startup program in msconfig
>> called: fyacfh.exe
>>
>> can't find out what this is ??
>>
>> ( I have disabled it )
>>
>>
>> ken
>>
>>
>>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom