| View previous topic :: View next topic |
| Author |
Message |
the the the
Master Cheater
![]() Reputation: 46
Joined: 15 Jun 2008
Posts: 429
|
 Posted: Fri Feb 19, 2010 10:27 pm Post subject: av.exe virus |
 |
|
I have a virus 
It is called av.exe and I have googled it plenty of times, I'm no fool.
I cannot install anything, my current Trend Micro antivirus software FINDS NOTHING.
And stuff I copypastad from another site I posted this:
There is NOTHING in the registry editor that has to do with the antispyware and there is NO AV.EXE (which constantly pops up) IN MY HARDDRIVE (I used search). I have shown hiddenfiles. There is NOTHING in my program files that has antispyware.
Help, anyone?
|
|
| Back to top |
|
 |
Zarr
Grandmaster Cheater
![]() Reputation: 0
Joined: 11 Jan 2008
Posts: 915
Location: localhost
|
| Posted: Fri Feb 19, 2010 10:38 pm Post subject: |
|
|
Try removing the file with HijackThis
_________________
|
|
| Back to top |
|
|
xiGh0stx
Expert Cheater
![]() Reputation: -1
Joined: 20 Dec 2009
Posts: 157
|
| Posted: Fri Feb 19, 2010 10:39 pm Post subject: |
|
|
| Yeah im gonna go with that too.. Sorry but i dont think theres much you can do if you screwed windows up =/. IF it is resent enough, you can do a system restore do maybe a day before all this started happening. Try it =]
|
|
| Back to top |
|
|
the the the
Master Cheater
![]() Reputation: 46
Joined: 15 Jun 2008
Posts: 429
|
| Posted: Sat Feb 20, 2010 8:15 pm Post subject: |
|
|
| This happens when I try to do a system restore.
|
|
| Back to top |
|
|
(\/)_(;,,;)_(\/)
Grandmaster Cheater Supreme
 Reputation: 3
Joined: 07 Apr 2008
Posts: 1610
|
| Posted: Sat Feb 20, 2010 8:23 pm Post subject: |
|
|
| xiGh0stx wrote: | | Yeah im gonna go with that too.. Sorry but i dont think theres much you can do if you screwed windows up =/. IF it is resent enough, you can do a system restore do maybe a day before all this started happening. Try it =] |
If it's a virus a system restore won't do anything.
|
|
| Back to top |
|
|
the the the
Master Cheater
![]() Reputation: 46
Joined: 15 Jun 2008
Posts: 429
|
| Posted: Sat Feb 20, 2010 8:24 pm Post subject: |
|
|
| x2Girls1Andrew wrote: | | xiGh0stx wrote: | | Yeah im gonna go with that too.. Sorry but i dont think theres much you can do if you screwed windows up =/. IF it is resent enough, you can do a system restore do maybe a day before all this started happening. Try it =] |
If it's a virus a system restore won't do anything. |
So what is your solution?
The only one I see is reformat.
|
|
| Back to top |
|
|
Notepad
Grandmaster Cheater
![]() Reputation: 9
Joined: 26 Dec 2007
Posts: 722
Location: New Zealand
|
| Posted: Sun Feb 21, 2010 4:22 am Post subject: |
|
|
I suggest you make a UBCD4Win CD and then boot with it then run some of the AntiSpyware/AntiVirus/AntiMalware etc programs and scan the infected drive.
This is very useful as virus' cannot hide (Rootkits will also be detected).
|
|
| Back to top |
|
|
Hero
I'm a spammer
 Reputation: 79
Joined: 16 Sep 2006
Posts: 7154
|
| Posted: Sun Feb 21, 2010 12:28 pm Post subject: |
 |
|
| If you can boot safemode with networking, you shouldnt have an issue installing/downloading.
|
|
| Back to top |
|
|
capuchino
Advanced Cheater
![]() Reputation: 0
Joined: 10 Jul 2007
Posts: 77
Location: in a cup being drinked by someone who is enyoning me
|
| Posted: Sat Mar 27, 2010 1:39 am Post subject: |
|
|
i had that nasty little boy to but my search also didnt find anything but its inside c:/[or whatever this is]documents and settings/yournamehere/[now is there the part u must turn on hidden folders its in extra then folderoptions then turn on hidden folders show or something like that then there is an folder]Application Data/av.exe and then u must kill that bitch then remove it and its done but my account on xp was ruined
_________________
Proud to be an CEF member
capuchino the hottest sensation on CheatEngineForums |
|
| Back to top |
|
|
bfsdbsdfbdsfb
Grandmaster Cheater
![]() Reputation: 54
Joined: 06 Sep 2007
Posts: 702
Location: Oh noez.
|
| Posted: Sat Mar 27, 2010 6:16 am Post subject: |
|
|
| capuchino wrote: | | i had that nasty little boy to but my search also didnt find anything but its inside c:/[or whatever this is]documents and settings/yournamehere/[now is there the part u must turn on hidden folders its in extra then folderoptions then turn on hidden folders show or something like that then there is an folder]Application Data/av.exe and then u must kill that bitch then remove it and its done but my account on xp was ruined |
You mean C:\Users\Akaecius\AppData ?(Ofc. replace Akaecius with your name)
_________________
bsdfbdsfb |
|
| Back to top |
|
|
masterzero
Expert Cheater
 Reputation: 1
Joined: 09 Nov 2008
Posts: 137
|
|
| Back to top |
|
|
Fap2Admin
Master Cheater
 Reputation: -1
Joined: 10 Feb 2008
Posts: 483
Location: Somewhere down the Road
|
| Posted: Sun Mar 28, 2010 4:34 am Post subject: |
|
|
| Akaecius the Leapfrog wrote: | | capuchino wrote: | | i had that nasty little boy to but my search also didnt find anything but its inside c:/[or whatever this is]documents and settings/yournamehere/[now is there the part u must turn on hidden folders its in extra then folderoptions then turn on hidden folders show or something like that then there is an folder]Application Data/av.exe and then u must kill that bitch then remove it and its done but my account on xp was ruined |
You mean C:\Users\Akaecius\AppData ?(Ofc. replace Akaecius with your name) |
He is using XP, so it's C:\Documents and Settings\<name>\
_________________
Best AR-TITS on CEF |
|
| Back to top |
|
|
capuchino
Advanced Cheater
![]() Reputation: 0
Joined: 10 Jul 2007
Posts: 77
Location: in a cup being drinked by someone who is enyoning me
|
| Posted: Sun Mar 28, 2010 8:49 am Post subject: |
|
|
| Akaecius the Leapfrog wrote: | | capuchino wrote: | | i had that nasty little boy to but my search also didnt find anything but its inside c:/[or whatever this is]documents and settings/yournamehere/[now is there the part u must turn on hidden folders its in extra then folderoptions then turn on hidden folders show or something like that then there is an folder]Application Data/av.exe and then u must kill that bitch then remove it and its done but my account on xp was ruined |
You mean C:\Users\Akaecius\AppData ?(Ofc. replace Akaecius with your name) |
yes,
like the guy said i am using xp
_________________
Proud to be an CEF member
capuchino the hottest sensation on CheatEngineForums |
|
| Back to top |
|
|
Burningmace
Grandmaster Cheater
![]() Reputation: 5
Joined: 17 Feb 2008
Posts: 520
Location: Inside the Intel CET shadow stack
|
| Posted: Sun Mar 28, 2010 9:38 am Post subject: |
|
|
Dump the AV.exe file onto VirusTotal (it's a website, in case you don't know it) and see what it throws up. Paste the link to the analysis here, and I'll see if I can come up with some manual disinfection steps.
In the meantime, get Process Explorer from sysinternals and use it to kill the av.exe process. If it restarts, it'll show the process that started it. That's the process that's performing the keep alive. However, some malware injects code into existing and legitimate processes, so you might be screwed on that front.
Safe mode might not be an option, since it's relatively easy to make malware startup keys persist in safe mode, or just to disable safe mode entirely by screwing up (or deleting) the safeboot key in the registry.
The only guaranteed solution is a complete wipe and re-install. I very much doubt we're dealing with anything like an MBR resident virus or a BIOS infection.
_________________
It's not fun unless every exploit mitigation is enabled. |
|
| Back to top |
|
|
Karakawe
I post too much
 Reputation: 3
Joined: 17 Apr 2007
Posts: 3899
|
| Posted: Sun Mar 28, 2010 2:56 pm Post subject: |
|
|
| yarr
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
