Tech Support banner

Status
Not open for further replies.
1 - 7 of 7 Posts

·
Registered
Joined
·
3 Posts
Discussion Starter · #1 ·
Hi All,
Everytime i start my pc i get the error, " Windows cannot find C:\Documents and Settings\Administrator\duf.exe " (plz find image attached - e1).

This problem started after a virus attack "HEUR\Crypted" which was healed with my antivirus software AVIRA. (AVG didnt detect it !)

In Avira's quarantine i can see the file duf.exe listed (please find image attached -e2).

What is this duf.exe? is this a virus or a needed file? How can i safely get rid of the error that comes in every startup ?

Please help....

Thanks in advance...
 

Attachments

·
Registered
Joined
·
2,439 Posts
heur means heuristics. it means a set of rules (for detection of viruses in this case). it probably examined the file, found it didn't match any known virus signature, but certain portions of code looked suspicious according to its heuristic rules, so it quarantined it to be safe.
crypted possibly means the file was encrypted (it can be a way to obfuscate code to hide it from detection)

in a good case scenario it could be a false positive. if you know how, you could e-mail the file to AVG or AVIRA for further analysis

if it is a virus, then you'll have to find instances that make it start up in the registry using the registry editor (start, run, then type regedit)
in most cases, it'll be in either
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
or
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
The path and filename will be in the data field. All you have to do is right-click the name field and pick delete.

I will say though that the location of the executables is suspicious (user folder: C:\Documents and Settings\username)
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #3 ·
Thanks for the response.

As suggested i checked the registry files but i couldnt find any instances. please have a look at the attachments.
i dont know what to do again...

Looking forward to hearing from you....
[/ATTACH]
 

Attachments

·
Registered
Joined
·
3 Posts
Discussion Starter · #5 · (Edited)
Thank You. As suggested, i installed autoruns and unchecked the duf.exe. Now i dont get the " File Not Found" message. :smile:
Thanx again.
EE.jpg
But still i dont know what is this duf.exe ! :sigh:




I was just checking the most obvious location. I had to do a little homework on this. this page
http://windowsxp.mvps.org/Startup.htm
mentions of a utility that covers more startup locations called autoruns:
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Run it and see if it mentions of another key with said programs starting up
 

·
Registered
Joined
·
2,439 Posts
1 - 7 of 7 Posts
Status
Not open for further replies.
Top