Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Possible virus?

  • Please log in to reply
1 reply to this topic

#1 Usko_Detra


  • Members
  • 37 posts
  • Local time:08:05 PM

Posted 22 September 2012 - 01:52 AM

Hey, so yesterday before I shut down My computer, I found a program running in the task manager, it was at the top of the list called aae.exe I googled what I could and couldn't find much information about this program. I scanned with Norton and uploaded to Virustotal, both didn't detect anything. But one thing I did find was it's a possible variation of Win32/Kryptik.PAC, and I noticed someone elses Combofix logged quarantined a file: C:\Qoobox\Quarantine\C\Users\tcarlson\AppData\Local\aae.exe.vir a variant of Win32/Kryptik.PAC trojan After doing a file insight, I got this:

Full Path: C:\Users\Matt\AppData\Local\Temp\aae.exe
Developers Not Available
Version Not Available
Identified 20/09/2012 at 9:22:48 PM
Last Used 21/09/2012 at 5:19:16 AM
Startup Item No
With typical use this program crashes very infrequently.
Many Users
Hundreds of thousands of users in the Norton Community have used this file.
This file was released 3 years 1 month ago.
Norton has given this file a trusted rating.
Source File:

Avg. Resource Usage:Low
Avg. CPU Usage:Low
Avg. Memory Usage:Low
Performance Alert
21/09/2012 5:19:16 AM

Process ID 3972
CPU Normal
Memory Normal
Handles Count Normal
Disk Read Activity Normal
Disk Write Activity Normal
File Thumbprint - SHA:
File Thumbprint - MD5:

Some sites say this file is dangerous, others say it's fine. Oddly enough it only appeared in the running processes once.
So, My question is, is this file dangerous and a virus lurking on My system? and if it's not a virus, what does this file do?

I use Norton for My anti-virus software.

Edited by Usko_Detra, 22 September 2012 - 05:41 PM.

BC AdBot (Login to Remove)


#2 InadequateInfirmity


    I Gots Me A Certified Edumication

  • Banned
  • 5,180 posts
  • Gender:Male
  • Local time:08:05 PM

Posted 22 September 2012 - 08:35 AM

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.


Download update and do a quick scan with malwarebytes and superantispyware



REmove all that each of the programs above find and reboot.
Post the logs.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users