1 2 3 Previous Next 45 Replies Latest reply: Mar 17, 2010 9:29 AM by secured2k RSS

    Help: how do I remove "XP Antivirus pro 2010"

      Hi i am a newbie to all this virus stuff   (but forced to learn!)

       

      What is the process for removing a virus that McAfee cannot find?

       

      I've just bought this Software on Sunday in the hope it would remove the Virus but still no luck?

      I know that the program name in taskmanager is av.exe! but cannot find it on my computer?

       

      So, What do I do now?

       

      steve

       

      PS. On Sunday I also downloaded Microsoft's Virus Removal software which failed. I already had AVG Virus protection Software which did not work.

      last night:  I downloaded "Malwarebytes'  Anti-Malware" and managed to get it running from MSDOS but it did not find the problem.

      I also ran a stinger in report mode only (was mentioned on this forum)  but it did not find the virus (attached) ?

        • 1. Re: Help: how do I remove "XP Antivirus pro 2010"

          last night I managed to find the virus by clicking the button Start-> Run ->

          then entering CMD    (into MSDOS)

          C:

          CD C:\

          dir *AV*.EXE /AH /S

           

          I've then copied and PKZIPPED the file and then sent it to McAfee's Avert(r) Labs... and I've now been waiting for a few hours (my helpdesk ID:5780169)!

           

          PS. I also added to the PKZIP file an unhidden av.exe verison into a separate sub-directory.  MSDOS command to unhide [attrib *AV*.EXE  -S -H ]

           

          I then deleted it! and rebooted Windows,probably a bad idea!  

          Windows opened-up (no virus can be seen(Great!) and Word-Documents are working(WooHoo!)

          .... BUT.... many other applications will not start anymore (eg McAfee/MSDOS/RegEdit)!

           

          Unsure what to do now?

          • 2. Re: Help: how do I remove "XP Antivirus pro 2010"
            SamSwift

            Hi,

             

            I've checked the notes on the submissions and can see that an extra.dat file was sent out last night - please could you confirm you have received this?

             

            Thanks,

             

            Sam

            • 3. Re: Help: how do I remove "XP Antivirus pro 2010"

              thanks Sam

               

              I doubt it will work!

              but will confirm tonight when I will try and update the virus DAT library  (although most Executables are now disabled by me deleting the virus file)

               

              The reason I say it will not work is that your Avert(r) Labs WebImmune did not find the virus this morning when they processed my pkzip file 57800169.

               

               

              thanks for your help

              Steve

              • 4. Re: Help: how do I remove "XP Antivirus pro 2010"
                SamSwift

                Patty's looking at the files for you at the moment. Two came back clean but the other looks very much liek a fakealert.

                 

                Sam

                • 5. Re: Help: how do I remove "XP Antivirus pro 2010"

                  it is great to know you've found the Virus...thank Patty for me..

                   

                  I guess the hard job now will be removing it!

                  How long do I have to wait for updated DAT virus file?

                  I am willing to take any Beta-software and test it on my machine. I was getting close to re-installing the whole of Windoz!

                   

                  Steve

                  • 6. Re: Help: how do I remove "XP Antivirus pro 2010"

                    Sam, thanks for your update on this !

                     

                    Hello Steve, we analysed the files you submitted and a detection for the file AV.EXE has been added, as follows:

                     

                    Apoint.exe ... is OK.
                    atiptaxx.exe ... is OK.
                    av.exe ... Found the FakeAlert-LV trojan !!!

                     

                    A response has been sent to your email address, according to the Analysis ID 5780169.

                     

                    Best Regards,

                     

                    Patty Ammirabile
                    McAfee Labs

                    • 7. Re: Help: how do I remove "XP Antivirus pro 2010"

                      Hi Patty

                       

                      Thanks for the information, I will report back tomorrow:

                      I just want to clarify that tonight (I should reconnect to vil.mcafeesecurity.com) and download the file "win_betaengdat.zip" on a safe computer.

                      then I should run the MSDOS program called CLEAN.

                       

                      I only ask this because I tried it last night (using the zipfile generated on 02/03/2010) and my screen results showed that there was no virus!

                      Apoint.exe ... is OK.
                      atiptaxx.exe ... is OK.
                      av.exe ... is OK!

                       

                      Thanks again for you help.

                      Steve

                      • 8. Re: Help: how do I remove "XP Antivirus pro 2010"

                        Thanks you  Patty and Sam

                         

                        last nights new beta software found the virus and removed it! 

                        Its been a hard five days but at least now the virus has gone.


                        I can now breath a sigh of relief..

                         

                        Steve

                        • 9. Re: Help: how do I remove "XP Antivirus pro 2010"

                          Hey guys, I had this problem today myself.

                           

                          A window popped up and proceeded to run a "scan" of my drive and showed me about 4 dozen infections, which are no doubt bogus.

                           

                          Regrettably I had McAfee disabled for the last few days ( I write online games and every new exe compile causes McAfee to complain ).   I re-enabled it and it killed the process av.exe, but it left my system in a hosed state where none of my desktop shortcuts worked.  I found the fix ( apparently the trojan turns EXE into an unassociated file type )

                           

                          What I'm wondering here, if McAfee could give me some feedback here, is whether they know what the trojan DOES.  Is this a key-logger, password stealer or simply an extortion racket designed to get people to pay for bogus virus removal?

                           

                          - Bob

                          1 2 3 Previous Next