1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Virus trouble partially resolved. (log included)

Discussion in 'Virus & Other Malware Removal' started by Grammar Gestapo, Mar 25, 2008.

Thread Status:
Not open for further replies.
  1. Grammar Gestapo

    Grammar Gestapo Thread Starter

    Joined:
    Mar 25, 2008
    Messages:
    2
    Copied from another message board:
    I turned it on the other day, Saturday I think, and noticed some phony "antiviirus" program installed called PC cleaner. Obviously not used for the advertised purposes, I uninstalled it (which only took half a second, and left me suspicious) and searched through a few folders for anything suspicious. Today I turned on the computer and AVG warned me of three threats, and the PC-cleaner warned of some threat, but of course clicking on the warning just brought up the purchase window. Realizing I hadn't completely deleted it, and that it was, in fact, intended as a Trojan, I attempted to open the task manager which gave me "Task Manager has been disabled by your administrator". I booted in safe mode, ran Ad-Aware, Spybot, and AVG free, only AVG detected anything which were all supposedly deleted, I manually deleted "antiviirus.exe" from Program files, and searched for any other files of similar names. I tried a system restore but apparently I can't restore to any of the available points.



    I ran an updated Spybot today and immunized which allowed me access to the task manager, but there's still some process called "crufyfut.exe".

    See anything suspicious?
    Thanks.
     

    Attached Files:

  2. Grammar Gestapo

    Grammar Gestapo Thread Starter

    Joined:
    Mar 25, 2008
    Messages:
    2
    Repairing via an XP disk asks for a password of which I'm not aware.

    The only detrimental effects seem to come from crufyfut.exe along with one or two other processes by names of random letters. Is there any way besides MSconfig to prevent certain processes from running at any time? There were two associated with the virus on the boot.ini list, but both were of different names than the processes that were actually causing the trouble.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/697055

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice