trojan horse virus in ausvc.exe

trojan horse virus in ausvc.exe

Post by georg » Wed, 19 Jun 2002 07:45:41



I ran my anti-virus program & it said I had a trojan horse
type virus in ausvc.exe & it could not fix it. Is it
possible to download a clean copy of ausvc.exe?

  thank you
   george

 
 
 

trojan horse virus in ausvc.exe

Post by Radis » Wed, 19 Jun 2002 08:01:54


What is ausvc.exe and why do you think you need it?  The likelihood is that
this file is the trojan and should be deleted rather than quarantined, and
definitely not reinstalled.


Quote:> I ran my anti-virus program & it said I had a trojan horse
> type virus in ausvc.exe & it could not fix it. Is it
> possible to download a clean copy of ausvc.exe?

>   thank you
>    george


 
 
 

trojan horse virus in ausvc.exe

Post by Rob » Wed, 19 Jun 2002 08:16:28


This is a shorten Google link with loads of info on
this trojan..........

http://tinyurl.com/epy

--
Rob
Supporting Member, Cascade Bicycle Club
P.O. Box 15165  Seattle, WA. 98115-0165
206-522-3222 and 24 hr hotline 206-522-BIKE
http://www.cascade.org


> I ran my anti-virus program & it said I had a trojan horse
> type virus in ausvc.exe & it could not fix it. Is it
> possible to download a clean copy of ausvc.exe?

>   thank you
>    george

 
 
 

trojan horse virus in ausvc.exe

Post by Nutcas » Wed, 19 Jun 2002 09:06:21


Hi George,

These sub-seven trojan removal steps should help. Ausvc.exe *is* the trojan, you don't want it back.

(replace randomname.exe with the name of the file giving you trouble)

Start/run system.ini and look for the string

shell=explorer.exe randomname.exe

in the [boot] section and edit it to read

shell=explorer.exe

removing the randomname.exe section, including the spaces

Also check the load= and run= lines of win.ini in (start/run win.ini) and edit it out of them as well (they are normally open ended)

Click file and save changes on both of these when you are done.

Then rename Regedit.exe (it is in Windows folder as well) to Regedit.com, run
(double click) it, and navigate to

HKEY_CLASSES_ROOT\exefile\shell\open\command

Replace the default value in the right pane (double click it to edit) with:

"%1" %*

you can copy/paste this value from here.

Then navigate here:

HKEY_CLASSES_ROOT\.exe (that's period - exe)

Replace the "default" value in the right pane (double click it to edit) with:

exefile

Also, make sure HKEY_CLASSES_ROOT\.exe is not an expandable branch, if there is a + sign in front of it, click the + and delete the subbranch below the .exe.

Close Regedit, rename Regedit.com back to Regedit.exe and restart the machine.

--
Best of Luck,

Rick Rogers aka "Nutcase" MS-MVP - Win9x
Associate Expert - Windows XP
Expert Zone - www.microsoft.com/windowsxp/expertzone
Please reply only to newsgroup...


> I ran my anti-virus program & it said I had a trojan horse
> type virus in ausvc.exe & it could not fix it. Is it
> possible to download a clean copy of ausvc.exe?

>   thank you
>    george