Having problems with your ASUS Eee PC 900 Notebook ?

I have virus av.exe and cannot remove it

\015 I have virus av.exe and several antivirus attempts have failed, how can I remove it from my Asus? It's hard drive is not removable.\015

Answers :

This trojan runs as a rootkit, so you won't see it when it's running. It is a single file in C:\\Users\\username\\AppData\\Local (Vista), or C:\\Documents and Settings\\username\\Local Settings\\AppData (XP), It is marked as a system file, so you'll need to use the Folder Options in the control panel, to unhide hidden and system files and folders. As I said, with the rootkit loaded, you still won't see it there until you unload it. It runs by changing the registry so that any .exe run, will instead load the trojan. Attempts to run Internet Explorer or Mozilla Firefox will also instead run it. If you delete the file, or your antivirus finds it and deletes it, the changes to the registry will mean that from then on, whenever you try to run a program, you'll get a windows message asking you to select the file you want to use to open the .exe. (if this is the case, you'll need to use regedit in safe mode with command prompt, or rename regedit.exe to regedit.com).
\015\012
\015\012To defeat the trojan, you must undo the registry changes, then reboot to reveal the file, then delete it. Here's how.
\015\012
\015\012Run regedit. The trojan will load and give you all the fake warnings hassle. Do Ctrl-Alt_Del, and find the process 'av.exe'. End the process. Now in the registry editor, search for 'av.exe'. You should find a section HKEY_CLASSES_ROOT\\.exe, where the (Default) REG_SZ has been set to 'secfile'. Edit this back to 'exefile'. Keep searching and you'll find HKEY_CLASSES_ROOT\\secfile. Delete the whole secfile section. Keep searching - you'll find the odd line where it may be a recently 'searched for' item, where you can just delete the line, and you'll find it in a command line to run Internet Explorer. The full path to the trojan will be specified before the path to Internet Explorer. Edit this line to remove the path to the trojan, leaving just the path to Internet Explorer. A similar edit may be required for Mozilla Firefox. Find any other occurences of av.exe and deal with them in the same way.
\015\012
\015\012Now, reboot the PC, and the trojan will not start up. Display system and hidden files, then go to the location of the trojan. Now you can see the little swine. Delete it, and empty the recycle bin.
\015\012
\015\012Problem solved.
\015\012
\015\012Enjoy!
I managed to remove the virus by following the blog below. He made it really simple. Well worth a look. http://simontodd.com/2010/02/how-to-remove-xp-internet-security-2010-antivirus-vista-2010-or-win-7-antispyware-2010/
Repair Help & Product Troubleshooting for ASUS Eee PC 900 Notebook

Tips for a great answer:

- Provide details, support with references or personal experience .
- If you need clarification, ask it in the comment box .
- It's 100% free, no registration required.

Suggested Questions/Answers :

I have win32 virus in my pc...


The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.Disable System Restore (Windows Me/XP). Remove all the entries that ... Computer Utilities & Maintenance

Virus Attack I believe that my PC has been attacked by Virus and is infected for a longtime now. However any attempts that I make to remove the infection by tryin to install any AntiVirus package fails. The internet refuses to connect any Antivirus sites. All other sites are easily accessible. So even if I install an AntiVirus using a disc, it refuses to register inspite of the key and doesn't connect to the Antivirus Site for registration. Please HELP!


Just because an antivirus package cannot register during the installation doesn't mean it isn't going to work. For example, Norton Antivirus 2009 (even the downloadable trial version) will scan systems with its default set of virus definitions even ... Symantec Norton Internet Security 2009

Cannot get rid of an unwanted program .


Here's manual antivirus xp 2008 removal \015\012http://www.2-spyware.com/remove-antivirus-xp.html\015\012\015\012If you are having probl ... PC Desktops

I HAVE A VAROUIS AND CANNOT GET THE CD TO RUN SO I


Hi im Rain.\015\012You can clean your computer online without installing a disk. This is a Microsoft online virus remover. \015\012{ Click Here } to use the N0d ... Gateway GT5220 PC Desktop

I need to get rid of a virus. I don't seem to be able to get on to Maxpc


Let me make sure I understand what you mean by "maxpc". Are you talking about the product that promises to "unleash the power of your pc" via registry scrubbing, etc.? Everything I type from this point on will be assuming as much.First of ... PC Desktops

When booting up, when windows is finished I cannot work mouse


Dear sir \015\012\015\012As it happens I still need some clarification what you were doing just before this incident happened but i will provide you a solution which might help you \015\012\015\012\015\012ASSUMPTIO ... Toshiba Satellite A105 Notebook

I have a major virus and am wondering if eee pccan


I personally don't recommend wiping your whole computer unless its a last ditch effort. But wiping your computer and starting with a fresh install will always get rid of any virus you previously had.I suggest that you take a different app ... ASUS Eee PC 900 PC Notebook

Please completley remove the norton security from my computer...trying to run something comcst says you need to do something to rmove it...please do asap ...thank you


Go into Control Panel, then Add/Remove Programs. Wait for the list of all programs to load up.\015\012\015\012Go down through the list and look for Norton Internet Security. Remove it. It will take a very long time, sometimes 1/2 hour or ... PC Desktops

Which anti virus can i use for my laptop. i have used mcfee anti virsus but this is no useful for my laptop because laptop be come hang after installation. Presently i m using AVG but this anti virsus detect threat only but not remove. Can i use Quick heal for deleting virsus. plz help me. thank in advance


Hi, some anti-virus programs you want to try:Avira ProfessionalA-squared Freeto secure system use a seperate firewall :zonelabonline armourif you already have an infected sytem, ... HP Compaq Presario V6000T Notebook

When I turn on my laptop it goes directly to a password & I didnt turn on this password & it wont do anything until this password is solved & Ive tried everything


Hello and thank you for using Fixya's services.\015\012\015\012This is a brand new virus that is not even a month old. It gets in the system and takes over the "boot" procedure for computers. When you boot up, you are presented with a bla ... Toshiba Satellite 2455-S3001 Notebook

Slow computer HP Pavilion desktop computer is four years old. Computer can't run anti-virus or back-up to exterior hard drive. The internet works but outlook won't open. When I scan thru system folders some folder names are blue and other are black (usually they are all black). I have a few anti virus programs on the computer which probably need to be removed. I cannot remove Symantec stuff. My goal is to backup my material on my external hard drive so it is available for my new computer. The cu


Sounds like your hard drive is (almost) full. The first thing is to make some empty space on it. Right-Click on you Drive C icon, and select Properties from the menu. If you have less than 15% disc space free, you cannot run Defragmentation. You need ... HP Pavilion a1610n PC Desktop

Computer Keeps Shutting Down on its own - PC Desktops


This issue could be caused by any of the below possibilities. \015\012Heat related issue. Hardware issue or error. Computer virus. Issue with operating system. Other failing hardware \015\012\015\012Heat r ... PC Desktops

Lost all desktop icons, though they all all there in desktop folder. Computer ran slow with mouse sticking. Switch of and on all icons gone. Look in processes and a file SWDSVC.exe is switching on and off and moving around through the processes list. Cannot remove it. Methinks it is a virus, can you help please.I am running Norton internet security but cannot use it as the icons have gone


Greetings,\015\012Yes, that was infected by computer virus, use different anti-virus that will remove the virus from your computer.\015\012Thanks ... PC Desktops

Virus i recently found on my system something calling itself a 'sohanad worm' located under the filename isass.exe. i am currently running avast anti virus software which does not detect or remove this, is there any other free software i can use, without having to remove avast to delete this virus, as it does not actually appear in the folder it is situated in


Avast is one of the worst anti virus solutions you can use....easyly affected by virusses and it corrupts the search, restore and wep page settings so you cannot brows or see it.....take it off....the method in doings so is...before uninstall...right ... IBM ThinkPad T23 2647 Notebook

Recover from viral damage to IE, System Restore etc


First, the external drive. Sounds like the drive letter that is trying to be assigned to the external drive is already taken by something else. To resolve this, right click on My Computer and go to Manage. On the list, you will see disk management ... Dell Dimension 4600 PC Desktop

Instantaneous shutdown with no warnings!


Software issue or errorErrors generated by software programs can cause a computer to reboot unexpectedly or without warning. If you are running Windows XP see the below section "For Windows XP users" before continuing. \015\012If you are not ru ... Toshiba Satellite A105 Notebook

Funey UST scandle.avi.exe virus


It's hard to remove that said virus because you cannot install or update your anti virus even in the said mode because the virus is close the program quickly or disable it. I fixed my costumer computer last week with the same problem. I remove the ha ... Compaq Presario 5000 PC Desktop

Virus removal complete now cannot reboot


Well you would either need to do a system recovery, using the "Ctrl + F10" shortcut at the dell bios splash screen when you first turn on your machine, or you will have to call Dell and have them send you another copy of your OS (this may cost you so ... Dell Inspiron 531 Athlon 64 X2 4400+ 2.3GHz 1GB 500GB DVD RW Vista Home Premium PC Desktop

My CD/DVD drive no longer shows up in My Computer


Since you have tried most of the stuff (even registry editing o.O), If you be logic to take the next step of assuming there might a hardware fault. \015\012\015\012When the drive have power doesn't mean its working properly.\015\012 ... Dell Inspiron 6400 Notebook

Blank screen after boot up


This issue may occur if one of the following conditions is true: \015\012Cause 1\015\012\015\012 loadTOCNode(3, 'cause');\015\012 \015\012This issue may occur if you have a CD, a DVD or a floppy disk in your CD, DVD, or floppy drive ... Dell Dimension 3000 PC Desktop

I cannot boot my vgc-rc310g after removing trogan horse (2ea)


Your laptop still has a virus. From your description, you seem computer savy. What u need to do is you need to boot your system with UBCD ( can be downloaded at www.UBCD4win.com) ... Sony VAIO® VGC-RC310G PC Desktop

Hi masters: My computer go realy slow,when you stop using it for 10 min.I have installed a CA security anti virus,etc ,but still reporting one virus that the CA anti,hasent been able to clean so far.Sometimes it frees to the point that i need to reset to be able work again.What can i do,thanks


You need to find the path to where the virus file is located & delete it you're self. You're antivirus software should show you where it is located. Once you delete the virus file, shut down the PC. Unplug the power cord from the PC. Open you're ... PC Desktops

Cannot get the internet explorer to open. the screen was jumping and now I cannot open the internet. I have Norton antivirus, but cannot open that either. what can I do to fix this when I cannot open anything?


Possible Virus and Malware\015\012\015\012There is a good chance that you have a virus or malware that is keeping those programs from opening. It does not matter these days what security you have if the door to the web is opened. At the e ... PC Desktops

Cannot open C: drive by double click


You have a virus. i encountered the same problem on a HP Pavillion desktop, its a trojan type virus that hides in your recycler folder, you need to run Avira Anti Virus, its the only one ive found that can get rid of it, you can get it free at downlo ... ASUS PC Desktops

HP PAVILION LAPTOP SHUTS OFF AND REBOOTS AFTER A FEW MINUTES


This issue could be caused by any of the below possibilities\015\012 \015\012Software issue or error. Hardware issue or error. Heat related issue. Computer virus. Issue with operating system. ... PC Desktops
  • Start your question with What, Why, How, When, etc. and end with a "?"
  • Be clear and specific
  • Use proper spelling and grammar
all rights reserved to the respective owners || www.electronic-servicing.com || Terms of Use || Contact || Privacy Policy
Load time: 0.5601 seconds