Solved

hdav.exe and file.exe

Posted on 2009-05-14
2
692 Views
Last Modified: 2013-12-09
Does anyone know anything about the virus that resides in the above files ?

I looks like once infected the PC creates an autorun.inf on the root of any connected drive, and also on the root of the same drive creates recycle bin folder named "drive"  containing file.exe which the autorun launches once initiated. Once run file.exe creates a new recycle bin folder named as a random SID  in c:recycler\ containing hdav.exe

Mcafee does not detect a virus after a full scan. There are lots of hits on google from companies selling other anti-virus or spyware products which I'd rather avoid.

Can anyone advise if they know this virus and how to clear it?
0
Comment
Question by:king_sguk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 8

Accepted Solution

by:
skywalker39 earned 500 total points
ID: 24389276
Try using Spyware Doctor with AntiVirus http://www.pctools.com/spyware-doctor-antivirus/
Also try using Malwarebytes' Anti-Malware http://www.malwarebytes.org/mbam.php
Another is SuperAntiSpyware http://www.superantispyware.com/
Also try Combofix http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Try running all of them in Safe Mode as well in Normal Mode except Combofix.
0
 
LVL 8

Expert Comment

by:skywalker39
ID: 24389285
Run Combofix only in Normal Mode not in Safe Mode.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Work with App store 7 122
Is there a removal tool and a decryption tool for Osiris ransomware 6 442
MS Endpoint Protection 2 105
global cyber attack of may 2017 2 59
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question