Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: bill
Also, when I check msconfig options, I see that it is set to start at startup and when I disable it, it enable itself again during the next restart. In addition, even under msconfig or regedit it does not show the path for it or what it is suppose to do. Now to make thing worse, when I do search for fylj.exe on google, yahoo, msn, .. etc I don't find any results. Does anyone have any idea what is going on?
Thanks for the help.
Try this search [google.com] for some background info.
I'd recommend running Ad-Aware, Spybot Search & Destroy, Ewido Anti-Spyware (now owned by AVG), Microsoft Anti-Spyware, and any other *reputable* freeware programs you can find to see if they can identify it by signature. If none of these turn up anything, then the next step is to run Hijack This! and post the results for analysis on one of the Hijack This! help forums.
If it's being reenabled, there must be something else wrong too.
Send the file to your antivirus company. I've only ever done that once (an attachment that didn't trigger an alarm) and received a reply a couple of hours later confirming it was a virus (I wasn't the first to send them a copy) and it was added on the next update.
Grab a copy of StartupMonitor [mlin.net] to prevent programs from registering to run at your system start-up without your knowledge.
After your spyware scans and virus checks get yourself a good registry monitor. The free RegistryProt is a good place to start.
File Name ...................... Path
FYLJ.EXE-121FE169.PF ...................... C:\WINDOWS\Prefetch\
fylj.exe ...................... C:\WINDOWS\system32\
Norton don't seem to be scanning it as anything wrong, however I still plan to shut it down from starting automatically.
Normally before I delete any doubtful file, I prefer to copy the file and place it under other folder after zipping it with different name & see if how system works after restart. In addition, I also write notes about the process, just in case if I encounter any error because of this deletion.