You are here:
- Home
- Computing/Technology
- Internet/Network Security
- Computer Security & Viruses
- "Auto start" for fixed drives starts real.exe
Computer Security & Viruses/"Auto start" for fixed drives starts real.exe
Advertisement
Question
Dear Doug,
Since a few days I reckon when I click any (fixed HDD) drive @ "my computer" nothing happened. Usually it will open the drive and show the content. Next was that I heard a noise from the floppy drive. Opening the task manager showed that a unknown application was running, name consist out of some strange ascci code. I changed to the process linked and found a progress "real.exe" running. After terminating that, the noise stopped and the application was gone in the task list. However, a right click at the drive in "my computer" shows that the default setting is changed from "Open" to "Auto" - and this is starting only a.m. task.
I am using WinXP Pro SP2, Avast Home virus scanner and spybot could not found the virus. My wife's Notebook (also XP Pro SP2) has the same problem, but the AVIRA software actually found a "CC/1033" virus in c:\real.exe and deleted it. After that, left click onto the drive in "my computer" will open a window to choose the application I would like to run since "real.exe" is not anymore found.
I tried to look for that cc/1033 virus and get some information, but nothing could be found at the internet so far.
Now comes the question: How to set the default action back to "Open" for that drive, and do you have any idea what that virus is doing besides change the default action for fixed drives and try to access the floppy drive.
I believe there is somewhere in the registry an entry to determine what default action will be executed when clicking on a drive.
Thanks in advance,
Andreas
Hello Andreas,
There is a Real.exe that is in the Lovgate Worm. Avast shoud have alerted you to it.
Heres the info on Real.exe
http://www.bleepingcomputer.com/startups/real.exe-4619.html
Is Avast registered? I used it for years and never had any Lovgates install.
Do you get the Updates for Avast?
You should report your problem to Avast here.
http://avast.com/i_kat_72.php
CC/1033 could be the run command for the Lovate Worm. Its not known yet what the run command is.
How to get it fixed?
Unsure until youve had the system diagnosed.
Have you done any MS Updates lately?
And since both of your puters have this problem, what internet connection service are you using?
I would recommend Major Geeks Forum for extensive help.
http://forums.majorgeeks.com/index.php?
You will have to register and log in to the Malware Removal section.
Dnload Hijack this will be advised and then after running it you will upload the logs to the forum.
Some great knowledgeable people will help you.
Its a lil time consuming, but it will be worth it.
You'll learn a lot too.
Other than using your restore CD, its the best I can advise.
Hope this helps.
- Add to this Answer
- Ask a Question
Questioner's Rating
| Rating(1-10) | Knowledgeability = 8 | Clarity of Response = 10 | Politeness = 10 |
| Comment | OK, I found what I needed @ the Majorgeeks site, they are really good for virus & malware issues. Thanks for the link! | ||
Related Articles
Computer Security & Viruses
Answers by Expert:
Doug Woodall
Expertise
I can answer questions pertaining to threats to Online Security. I cant answer questions as to when, if ever IE will ever be secure.
Experience
I have 20+ years of experience learning the intricaticies of online safety.
Education/Credentials
Self taught
©2012 About.com, a part of The New York Times Company. All rights reserved.