Open task manager in your computer by hitting Ctrl+Alt+Del or Shift+Ctrl+Esc or by typing taskmgr.exe in command prompt or run. Now look into the processes running in your computer. If you see commgr.exe there (Not conmgr.exe, which is an important service), you are really in trouble. Today morning I saw that in my task manager. I felt something unwanted happening in my computer. Because I didn't install any new software. So how its been added. I asked my brother. He told he copied some songs form my computer to his friend's pen drive. Now a bulb glowing above my head, that it might be a virus.
I immediately googled about it. Google always has answers. I found 26,200 results from Google and also a suggestion for conmgr.exe. I moved to the first link Google present. It said commgr.exe is a malware program, and first detected ............. a lots of information. Thats not important to me. Its a virus. Its enough. I simply select the process and give end process. But what a ****, its appeared again. Now I tried end the whole process tree. But still. I tried with process explorer. But I can't do anything. Actually it was started by explore.exe. I felt that was really a bad time for me.
I restarted my computer in safe mode. Fortunately it was not running. I opened msconfig ( by typing msconfig in run). And searched for commgr.exe in the start-ups. It was there. I went to its location and deleted the source file.I searched in my registry for commgr.exe. Yes there was an entry in the run. I deleted that also. Now I searched Internet for the additional files added by that program. It told me some files would be created inside your C:\Recycler. I deleted that files. And restarted my computer in normal mode.
Now in the task manager I can't find the process commgr.exe. But now another process named csrss.exe running, that has no description. I googled. The first result came as "It is process registered as a torjan" :-( But now I gotta go. So I let that to run for some time...
Location for commgr.exe is
C:\Users\[username]\appdata\temp\commgr.exe
You better run a search in your full hard disk for this program.
The files added by commgr.exe are
c:\recycler\[some directory] sorry i forgot it. :-/
No comments:
Post a Comment