Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: av.exe

  1. #1
    lcsm1 Guest

    Angry av.exe

    For the past 48 hours I've been sitting here trying to find and detroy this virus. Some much fun working in "safe mode". Searched the web, download 3 different "spybot" programs that said they could get rid of it. I bought one. None worked.

    Now I wonder, how did ZA let this in, and now thats it's here, why can't it get rid of it. I've used ZA for years and have never been bitten. But this little bugger has just got me pi__ed off. My updates are current, I've done a "deep" scan with no luck.

    Mu subscription is up for renwal in 8 days. But I'm seriously thinking of changing to something else.

    Sory but I needed to vent. I'm so mad with ZA right now.

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: av.exe

    Hi!
    never ever beleive any pop-up saying that you are infected. They are actually fake antivirus to trick you to buy them (as apparently you did).
    No panic, no rush. Follow ALL the steps detailed here below to clean your system. Malware Clean-up Guidance

    See below how to properly use ZA and ensure it's protecting you:
    xyz was not detected. What I should do?

    Cheers,
    Fax
    Last edited by fax; February 17th, 2010 at 06:18 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    lcsm1 Guest

    Default Re: av.exe

    Hi Fax and thanks,
    I'm not trying to be argumentative, but.
    The first hint of a problem was the alert from ZA saying the "AV.exe" was trying to start. Not knowing what it was, I denied it. Thats when the phoney Microsoft security messages started to appear. I never opened any of the messages nor was I redirected.

    I immediately had ZA do a scan with no luck.

    I went into "safe Mode" and serched the web and found some solutions. The first being MBAM. I downloaded it, scanned and repaired. It didn't work.
    Another solution given was "Spybot". I tried that. No luck, AV still there. Finally I found "Uniblue" malware. I bought that one, with no luck.

    I did the deep scan. No luck.

    Any program that tries to access the internet does not start.

    After reading your comments, I'll try it again. When I went to update the antivirus, it came back saying and error occured. I am only running Ver. 8. My license says I still have 10 days til renewal.

    I'm running the "Internet Security Suite". Should I upgrade to another ZA program? I like ZA , but as I said, I'm PO'ed.

    I'm running Superantispyware as I write this, and it says it's already found 108 problems and still scanning. Where does it end! ARGGGGGGG. I have never had this kind of problem before, I am so careful.





  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: av.exe

    Hi!
    First of all remove all the other tools you have installed (spybot, uniblue, etc..) they are useless. Please follow the steps in the guidance document instead.

    With a valid license you can update to the latest ZA Suite version 9. But, in your case its too late! Its like putting armoured fences with the thiefs still in the house

    Better you clean the PC with all tools suggested including get specialized help at bleepingcomputer or spywarehammer if all the rest fails.

    Once you have finished cleaning, read the other article about how to keep your PC safe with ZA.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    martinb0820 Guest

    Default Re: av.exe

    BTW, does anyone know where this virus is coming from?

  6. #6
    courdar Guest

    Question Re: av.exe

    I got hit with XP Security 2010, (the temp file was av.exe) today while hanging around the 4chans or some similar site.

    I got the double pop-up warnings: one from MSE and one from the fake... maybe I clicked the right one this time.

    I couldn't do anything without getting innundated with fake security warnings especially when I tried any security measure ...but I didn't turn off my computer instead I did a restore after deleting ALL temp files, booted into safe mode and the only thing MBAM can now find was some popcap game adware. MSE is NOW working properly, was able to restore Win firewall and everything is working FINE now with NO BS security popups.

    Did MSE isolate it to temp - I couldn't even run Security Essentials without a zillion popups before the deletions and safe-mode reboot??

    Am I safe or is this and every other keystroke now being logged by the 4 chans????

    EDIT:
    Forgot to mention at least Bing only gives me legit search results now - Zone Alarm Free came up HERE first and brought me to you..... Unless this is all part of the 4chan's plot ;-)
    Last edited by courdar; February 22nd, 2010 at 11:39 PM.

  7. #7
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Default Re: av.exe

    Quote Originally Posted by courdar View Post
    I got hit with XP Security 2010, (the temp file was av.exe) today while hanging around the 4chans or some similar site.

    ~~Snip~~
    Did MSE isolate it to temp - I couldn't even run Security Essentials without a zillion popups before the deletions and safe-mode reboot??

    Am I safe or is this and every other keystroke now being logged by the 4 chans????

    EDIT:
    Forgot to mention at least Bing only gives me legit search results now - Zone Alarm Free came up HERE first and brought me to you..... Unless this is all part of the 4chan's plot ;-)

    Please do not "HI-Jack" another Users request for help instead of starting a New post for you specific problem?

    Please try the following Instructions..
    Malware Clean-up Guidance
    NOTE: the steps below works only if you are on the latest versions of ZA (version 9). If you are not, please update.

    Try to perform a full Antivirus/Antispyware scan but in SAFE MODE WITH NETWORKING.

    1. Set ZA Antivirus/antispyware to "Ultra Deep Scan" under the advanced options of the ZA antivirus/antispyware tab (scan modes);
    2. Reboot in SAFE MODE WITH NETWORKING;
    3. Manual run ZA (ZA firewall will be OFF but Antivirus/Antispyware will be functional);
    4. Run a full ZA AV/AS scan;
    5. Reboot in Normal Mode
    6. Set ZA Antivirus/Antispyware back to Normal

    How to start in SAFE MODE WITH NETWORKING

    If the above fails try to clean your system with:

    A. Download update and scan with MBAM
    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running
    B. Use the superantispyware online cleaning tool --> Here or download, update and scan with superantispyware FREE
    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running
    C. Download update and scan with A2 free

    Still Problems? Try the bootable CD fromDrWeb

    For a final check that your PC is clean run Hitman Pro cloud scanning (the scanner is free not the cleaning)

    if ALL the above fails please post your Hijackthis log to BleepingComputer or SpywareHammer

    Once you have cleaned the system please remember to purge the windows system restore points. You may be reinfected otherwise.
    - Disable system restore (How to disable windows SYSTEM RESTORE);
    - Reboot the PC
    - Re-ensable system restore
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  8. #8
    pcisamess Guest

    Default av.exe

    Hi, I have a virus which has taken over the PC. It is av.exe I can not open ZA or any of my programs under the preferred user account. I have shut the process av.exe off from the task manager. I try to open ZA and av.exe will open again. I am not able to use firefox to gain access to the internet. I can through the Adim account and have already scan the PC from the Rootkit setting. Any suggestions would be appreciated. Thanks , JW

  9. #9
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Default Re: av.exe

    Quote Originally Posted by pcisamess View Post
    Hi, I have a virus which has taken over the PC. It is av.exe I can not open ZA or any of my programs under the preferred user account. I have shut the process av.exe off from the task manager. I try to open ZA and av.exe will open again. I am not able to use firefox to gain access to the internet. I can through the Adim account and have already scan the PC from the Rootkit setting. Any suggestions would be appreciated. Thanks , JW

    Please Read this link..



    http://forums.zonealarm.com/showthread.php?t=73167
    Last edited by GeorgeV; February 25th, 2010 at 03:42 PM. Reason: typo
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  10. #10
    pcisamess Guest

    Default Re: av.exe

    Not able to do anything from safe mode with networking.( this is in preferred user account) Everytime I try to use ZA. AV.exe takes over. Mozilla will not open. It is blocked by a B.S. windows xp internet security, then goes into a scan. I am not sure what to do now. I saw the link and thank you but I cannot reach the internet under the preferred user account. Adim works and have run a scan. Deleted three items. Switch users and the same with not being able to open ZA or mozilla.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. multiple cmd.exe net.exe net1.exe in task manager
    By mommapuff in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 2
    Last Post: January 16th, 2010, 07:42 AM
  2. Replies: 1
    Last Post: November 28th, 2007, 05:04 AM
  3. Replies: 5
    Last Post: April 17th, 2006, 04:01 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •