Virus activities in my pc

Hi experts,
Each time I open my internet explorer I see "god must be crazy" in my title. This is a headache to me. I have tired  with AVG full scan, kaspersky online scan but this thing is still in my system.
I am under impression that some virus activities are happening in my PC even I dont feel it by performance wise. I think this is started from my flash drive. Each time I open my flash drive  annoying 'exe'  files are creating but I cant remove those.  But when I plug the same pen into different PC then I am able to remove these files. It doesnt matter how much I clean and format that pen drive when I plug it into my troublesome PC, the abnormal exe files are creating again.
I would be appreciating if anyone can give me a sound solution. It would be highly appreciate if someone can clarify what is the underlying cause of these activities, if those are interrelated or just individual incidents.
Further I would be very much thankful if you can directly post your solution here rather than re directing to some other URLS.

LVL 10
Who is Participating?
r-kConnect With a Mentor Commented:
While you're trying to clean your PC, may I suggest not connecting your USB drive to prevent spread of the virus in either direction.

Did you note the names of the exe files that were created when you plugged in your flash drive? If so, post a few of those names here.

Next, run HijackThis on your PC and post the log here, as follows:

Download HijackThis from
(use the "direct download" link in the upper-right corner)
Unzip to any folder on your hard drive (other than the desktop)
Run the program by double-clicking on the HijackThis.exe file.
Click on "Do a System Scan.."
Copy-and-paste the resulting log here.
Optionally, you can post back to that same web page, and click "Analyze"
and note which entries are marked as nasty or unknown.
MaduKpAuthor Commented:
Hi r-k:
Thanks for the reply.
here are some names that are creating by virus like activity.
download.exe is a one of that sort of file creared by virus like activity. actualy this file display as a folder. i didint double click on these flder like things to see if those are realy folders. other than this autorun file also created. I couldnt just delete these files. but still i am able to format the drive.

I got the hijack tool and please find the log created below.
MaduKpAuthor Commented:
Please find the log file attached
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Mohammed HamadaConnect With a Mentor Senior IT ConsultantCommented:
Fix those items

F:\TestComplete 5\Bin\TestCompleteService5.exe
O4 - HKCU\..\Run: [crazy] C:\Documents and Settings\All Users\Application Data\crazya.exe
O4 - Global Startup: MSconfig.exe
O23 - Service: TestComplete 5 Service - AutomatedQA Corporation - F:\TestComplete 5\Bin\TestCompleteService5.exe

After u check and fix those items on hijackthis..... Disable Autorun for Removable Media devices..

How To Enable Autorun for Other Removable Media

Autorun can be enabled or disabled for all Removable media types, such as a floppy or Zip disk. Windows systems are configured to enable CD Notification, other removable media are by default disabled.

The System Properties User interface only exposes the CD Enable or Disable selection. The setting reflected in this dialog makes an entry in the System Registry. It is in this same location that other media types are configured.


   1. Modifiying the Registry is not for the inexperienced user. Anyone will tell you, be VERY careful.
   2. The modifications made in this case use Hex not Decimal numbers. If you are unfamiliar with the Registry or the characteristics of base numbering and Hex, studying these topics prior to making these modifications is advisable.

To Modify these Registry Settings, Use Regedit and navigate to the following Key:


The default value for the setting is 95 0 0 0. Change the first byte to 91. Restart the computer to make the new setting take effect. You may have to right-click on the floppy and choose AutoPlay from the menu to see the AutoPlay behavior.


Then download Flash disinfector after you hook up your usb flash to the infected PC.

Download Combofix to your desktop

Disable your Realtime Antivirus temporarily while combofix scan your pc.
Then Explorer.exe will restart, a log in a notepad file will pop up.
Attach the log here to let us see the result.

Mohammed HamadaConnect With a Mentor Senior IT ConsultantCommented:
OPPS sorry wrong one.... follow this instructions to disable autorun forget about the "How To Enable Autorun for Other Removable Media" Part..

How To Enable/Disable Autorun (Windows XP)

   1. Open Windows Explorer by pressing the Windows + "e" key.

   2. Right-click the desired CD-ROM and select Properties from the menu.

   3. Select the AutoPlay tab.

   4. Select each item from the pulldown list and for the Action to perform, select "Take no action" to disable autorun, or pick the apporpriate action to take if enabling autorun.

   5. Select OK.
phototropicConnect With a Mentor Commented:
You are running AVG 8.0 and you still have Symantec entries from a previous Norton install. You should run the Norton Removal Tool to clear these conflicts:

In addition to Combofix, I would also suggest running MalwareByte's Antimalware:

Make sure it is updated, then select "Perform quick scan". When the scan is complete, click "OK", then "Show Results". Make sure that everything detected is checked, then click "Remove Selected".
Post the log with the Combofix log.
MaduKpAuthor Commented:
Thanks Guys. Sorry for the late respond.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.