Suspicious DLL files
Posted 11 April 2009 - 09:07 PM
a photographer friend asked me to check their website for anything abnormal - she is using a Mac and got no problems, other people said they would get strange error messages with Windows machines. My anti virus software promptly announced that the site was up to no good which I told her.
However, I noticed that my Firefox slowed down massively and did some digging in my PC's registry and found that a file called
was in the run section. I was able to rename it and thought of nothing bad when today I noticed another file with a strange title:
being called from a run section process named ilatoqa (!).
I tried to delete the registry entry and the file to no avail - registry entry re-appears, file is in use. Now I'm going to get after it with professional tools but wanted to report this strange files and their behaviour.
Anything else you need to know? Should I upload the file somewhere?
Posted 11 April 2009 - 09:36 PM
If you want to check the files: Please go to Jotti's malware scan at http://virusscan.jotti.org/ and upload the file for scanning and post the results in the topic you start in Malware Removal.
Helpful link: SpywareBlaster...
MS MVP 2006 and ASAP Member since 2004
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
Posted 11 April 2009 - 09:55 PM
That site appears to be infected. Send me the site name via PM please so I may investigate it.
a photographer friend asked me to check their website for anything abnormal
Please consider donating to help support the continued prompt and excellent services of this site.