1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Au_.exe Problem

Discussion in 'Windows - Virus and spyware problems' started by Lp531, Feb 8, 2007.

  1. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    I removed Au_.exe from registry...I did a restore...still could not get firewall or AV up...
    Did uninstall of firewall and AV...every thing is back-up right now...

    I take that back...AV is NOW...NO WHERE TO BE SEEN...AAAHHHH...going to pop a blood vessel..:(
    Time to take a deep breath...

    I did restart after reinstalling firewall...did not do a restart after AV reinstall...I am thinking I should do another restart to lock in AV...AV is still there now...What do you think?..
    Earlier AV just disappeared from start-up tray...it showed still active when I clicked desktop Icon...but was not in start-up tray...


    I am running Avira and Comodo...
     
    Last edited: Feb 8, 2007
  2. Pop_Smith

    Pop_Smith Regular member

    Joined:
    Nov 26, 2003
    Messages:
    970
    Likes Received:
    0
    Trophy Points:
    26
    If you can't get AV to install you could trying installing one in Safe Mode. If you have a Flash Drive handy I would recommend installing ClamWin to it.

    I would recommend you go into Safe Mode and scan your entire computer (all your hard drives if you have more then one) with ClamWin and you could delete what it finds.

    If you don't have a Flash Drive you could try installing an AV in Windows and then running it in Safe Mode after you have updated the definitions.

    ClamWin does not have a real-time scan engine but once you get your system cleaned you can install one with a real-time engine if you wish.

    Do you have any AV program on a CD/DVD?

    EDIT: Arrg, I forgot about how the site takes over specific words and re-routes them to Softpedia or the Glossary. You can pick up a Flash-capable copy of ClamWin here.
     
    Last edited: Feb 8, 2007
  3. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,011
    Likes Received:
    77
    Trophy Points:
    128
  4. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    AV is still up...
    Au_.exe is a trojan...
    Still have not done restart after AV reinstall...
    I think I will restart to lock in AV...What do you think?..

    And Yes...I have a flash drive...

    I have ccleaner...Adaware...and Spybot...have not ran them yet...

    I did do a sweep of my operating drive with AVIRA...it did not find any thing...
     
    Last edited: Feb 8, 2007
  5. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,011
    Likes Received:
    77
    Trophy Points:
    128
    update them all. also run the issuses in ccleaner as it goes thru the registry for you.
     
  6. Pop_Smith

    Pop_Smith Regular member

    Joined:
    Nov 26, 2003
    Messages:
    970
    Likes Received:
    0
    Trophy Points:
    26
    Good points ddp.

    If you have an AV program up then you should be ok without using ClamWin. If you want you can try running it off a flash drive. The Portable version (can run entirely off a flash drive) is available here.

    However, run those things ddp said. If you cant get them to run (or if they freeze while running) then make sure they are up-to-date and run them (in the order ddp said) in Safe Mode.
     
  7. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,011
    Likes Received:
    77
    Trophy Points:
    128
    run them 1st in safemode than normal mode but run ccleaner 1st
     
  8. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    Just Downloaded them in Safe Mode with Networking...going to install them...then do a restart in Safe Mode only...then run them...

    Do I need to uninstall Avira AV before I install AVG...I am assuming so...
     
  9. Pop_Smith

    Pop_Smith Regular member

    Joined:
    Nov 26, 2003
    Messages:
    970
    Likes Received:
    0
    Trophy Points:
    26
    Yes, I would uninstall Avira first. After you uninstall Avira I would reboot again then install AVG.

    I am going to bed now as its 1 am here.

    I will try and help you more when I get up tomorrow if you need it.
     
  10. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    Everyone...Thanks...For Everything...Will do...
     
  11. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,011
    Likes Received:
    77
    Trophy Points:
    128
    status?
     
  12. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    Had to give deposition today...

    Things seem fine now...maybe AV disappearing was due to non restart...

    Down loaded everything in Safe Mode with networking...in order...Ran in Safe Mode nothing detected...Have not had time to run them in order again in normal start up...will do...

    Will watch closely...
    @ddp
    Dr1 photos up in profile...
     
    Last edited: Feb 10, 2007
  13. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    Something new I am seeing on above computer...

    Is open office part of the preview option in AD posts?..

    When ever I preview...Komodo is warning me about a supposed open office program that is wanting to connect to internet...when I deny it permission...it prevents me from making post...or connecting to internet until I open a new browser...First time this has happened...

    This is the Komodo warning I am getting...

     
    Last edited: Feb 12, 2007
  14. Pop_Smith

    Pop_Smith Regular member

    Joined:
    Nov 26, 2003
    Messages:
    970
    Likes Received:
    0
    Trophy Points:
    26
    You might want to run a virus scan, just on that file, but everything checks out correctly from what I can see.

    IP:70.85.60.100 Port:http(80)-TCP is an AfterDawn server.

    soffice.bin is just part of Open Office and is in the proper directory so it should be ok.

    You could upload soffice.bin to http://virusscan.jotti.org/ which scans it with 15 different AntiVirus applications that are updated hourly.

    I don't use Open Office but it seems strange that you can't post without allowing it.
     
  15. Lp531

    Lp531 Regular member

    Joined:
    Sep 23, 2005
    Messages:
    906
    Likes Received:
    0
    Trophy Points:
    26
    Right now I am on one of my other computers...it has open office...it has Norton...not Komodo...never had to allow open office access to make a post...

    Never had to before the Au_.exe incident...on the old system...to my knowledge...don't fully trust old system yet...
     
  16. Pop_Smith

    Pop_Smith Regular member

    Joined:
    Nov 26, 2003
    Messages:
    970
    Likes Received:
    0
    Trophy Points:
    26
    Huh, thats weird. I am not sure what to tell you as I don't have a personal firewall or use a Real-Time AV engine.

    It is possible that a program could be "piggybacking" on soffice.bin but it sounds unlikely. If I dig anything up I will let you know.

    Peace
     

Share This Page