Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Where to find av.exe?


  • Please log in to reply
5 replies to this topic

#1 Rassaru

Rassaru

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 30 January 2010 - 07:02 AM

Hi all ,new here. Having problems with XP Internet Security. Got the damn thing last night somehow. Have run MBAM and spybot which picked out a few registry issues and got rid of those and both are now saying they can find nothing anymore. Thought I had rid of it, even tried rebooting and all was fine but when I started up this morning it was back. I've been through the manual removal process and half of the registry entries it says I should delete don't appear to be there. Most annoying is not being able to find the av.exe file. It's not in application data where the guide says it should be, I went into start>search to try to find it and found a file called av.exe-02B27A26.pf and deleted that but still cant find the actual executable, any ideas where it could be hiding?

BC AdBot (Login to Remove)

 


#2 Baker Comp

Baker Comp

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 30 January 2010 - 07:27 AM

I am also looking for this :thumbsup:

#3 bhu

bhu

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 31 January 2010 - 10:30 AM

I got the Same yesterday, i was able to fix it.

These are the steps i did .

1. disabled my Network card.
2. ran procexp which is like task manager where you will see av.exe runing in
C:\Documents and Settings\ USERNANAME \Local Settings\Application Data\
it is a hidden file.
kill the process and go that dir and delete it.
follow instruction on this site http://www.bleepingcomputer.com/virus-remo...irus-vista-2010
and you should be good.

#4 the_surgeon

the_surgeon

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 31 January 2010 - 11:24 AM

OK for what it's worth here's my experiance of it in simple terms, and also how I got rid of it.

Firstly I have norton 360 and it did nothing to prevent infection (it may have warned me at download but as I don't know when I was infected who knows).

As well as being a nasty little bugger it also slippery, it knows when ou are running antimalware programs etc (malwarebytes) and hides itself accordingly. There a few programs whch will stop the virus long enogh to run scans and claean ups ,etc however I had no success with these so heres what I did.

Generally the av.exe lives in the application leveland below of user accounts, when you log on with that user it boots up and your pretty screwed, and no antivirus see it. What I did was create another user account (vista by the way), and when I logged on with that the program never started, now you could leave it there but the next step can get rid, because the program never starts it doesn't hode it self from the malware scans, i.e on the new user account malwarebytes found the av.exe file, it was where I though in the prvious user profile. not saying this is a panacea but it worked for me.

#5 ComputerProbs101

ComputerProbs101

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 31 January 2010 - 05:26 PM

I don't know how I got the AV.exe virus & saw it coming onto my computer (running Win XP) last night but my AV (AVG9 - paid version) didn't detect or stop it. I thought I'd caught it & quarantined it but I now think that was the virus itself tricking me with a false message.

Most of the removal instructions I found said I'd need a different computer to download the anti-malware software. I don't have another computer. I got rid of it by rebooting my computer in 'Safe mode with networking' (hit F8 as soon as the computer starts to boot up). Then I did a 'System Restore' to the day before the virus installed itself. The restore restarted the computer. I updated Malwarebytes' Anti-Malware (which I already had on my computer but the AV.exe virus wouldn't let me open anything). Then ran a full scan & it detected 2 Rogue.Installer on my system. (BTW, it didn't show up on my computer as av.exe, it showed up as setup.exe). I removed them & my computer is running fine now. :thumbsup:

See the http://www.bleepingcomputer.com/virus-remo...irus-vista-2010 post for a visual on the malware part.

Hope this helps someone else. It was a pain!

Edited by ComputerProbs101, 31 January 2010 - 06:57 PM.


#6 Chenbipan

Chenbipan

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 11 February 2010 - 02:34 PM

If you want to see the AV file you need to make sure that you have gone into control panel and opened folder options, view, and then checked/unchecked the box letting you see important system files. Then AV will be visible and you can choose to delete it for a manual uninstall.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users