I have this futus.exe running on my services and it eats up my CPU usage. It booms to 100% even if I have just turned on the computer and I haven't load any applications yet. I tried removing it in the startup (msconfig) but when it restarts, it creates another futus.exe that eats my CPU usage again.
I tried searching for this file (with "show hidden files/folder" enabled), but it does not show up in search.
I also have this Rgd.exe that is accompanying this futus.exe.
Very interesting indeed! I am curious to know as to where this futus.exe came from.
The rgd.exe file you have is a virus and has been known to show the following behaviour:
Added as a Registry auto start to load Program on Boot up
Executed as a Process
Copied to multiple locations on the system
Registered as a Dynamic Link Library File
Created as a process on disk
Deleted as a process from disk
Executed from Temporary Folders
Has code inserted into its Virtual Memory space by other programs
The origin is Spain and the UK.
For a start, I suggest you download, install and run a Full scan with Malwarebyte which you can download by following this link.
I am anxious to know if Malwarebyte did the tric, it usually does.
As far as I am concerned rgd.exe and futus.exe make a pair, as a matter of a fact it is the rgd.exe that created futus.
Yes, I noticed that, O4 - HKCU\..\Run: [futus] C:\Documents and Settings\Dyei\futus.exe was present. It was possoble to try to remove it with Hyjackthis although Hyjackthis is not omnipotent. Of course Futus is in the processes.
I have not noticed anything else peculiar in the log. Have you?
Deleting the key with HJT was the next step I was to suggest to you.
Here is my final recommendation:
Now that your computer seems to be clean, juust to be on the safe side,
•Turn off system restore and wait 30 seconds,
•Turn it back on and create a new restore point.
This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.