is aovoiido.exe a virus

Hewlett-packard / Hp compaq dc7100 sff(pk86...
July 5, 2015 at 05:39:20
Specs: w 8, 2.793 GHz / 503 MB
I have aovoiido.exe in my running processes and I dont know what it is ? how do I remove ? or is it part of a program ?



See More: is aovoiido.exe a virus

Report •


#1
July 5, 2015 at 05:59:35
Are you sure you've spelled it correctly? No hits in Google.

Report •

#2
July 5, 2015 at 06:03:45
yes, copied and pasted



Report •

#3
July 5, 2015 at 06:13:13
Copied & pasted from where?

Press Crtl-Alt-Del, click Start Task Manager, click the Processes tab, find aovoiido.exe on the list, then look to the right column under Description. What's listed?

BTW, how about updating your specs? I doubt you're running Win8 with just 503MB RAM.

message edited by riider


Report •

Related Solutions

#4
July 5, 2015 at 13:47:09
lots of hits for avocado though...?

Report •

#5
July 5, 2015 at 15:18:57
If you run these three they will give good indication about any malware around. They often find and fix what an anti-virus can miss, so most likely something will be unearthed even if that exe should be valid:

AdwCleaner:
http://www.bleepingcomputer.com/dow...
(blue Download button near top - not anything else on the page).
Download and "Save" the file somewhere. Go to the saved file then double click it to run the program. Use the "Scan" button, followed by the "Cleaning" button.

Junkware Removal Tool (JRT)
http://www.bleepingcomputer.com/dow...
(blue Download button near top - not anything else on the page).
Download and "Save" the file somewhere. Go to the saved file then double click it to run JRT. It might appear to have stopped at times or flash the screen but sit tight until it has finished.

MalwareBytes:
http://filehippo.com/download_malwa...
(green Download button top right - not anything else on the page)
Install and Run the program but before doing its Scan go to "Settings > Detection and Protection" and put a checkmark in "Scan for rootkits". Quarantine anything it finds.

If any of them find anything please copy/paste the logs on here. Also let us know if that running process is removed.

Always pop back and let us know the outcome - thanks


Report •

#6
July 5, 2015 at 16:26:54
description says the same without the exe - ' aovoiido '



Report •

#7
July 5, 2015 at 16:48:22
thank you very much the file is gone now , Jrt found that file - Adwcleaner -
# AdwCleaner v3.308 - Report created 06/07/2015 at 09:31:08
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : xxxx
# Running from : C:\anti-virus\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\budda\AppData\Roaming\Mozilla\Firefox\Profiles\0egts14d.default-1392157018852\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E23FE9C6-778E-49D4-B537-38FCDE4887D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v11.0 (en-US)

[ File : C:\Users\budda\AppData\Roaming\Mozilla\Firefox\Profiles\0egts14d.default-1392157018852\prefs.js ]


*************************

AdwCleaner[R0].txt - [14699 octets] - [12/02/2014 16:10:23]
AdwCleaner[R1].txt - [22637 octets] - [27/08/2014 09:09:36]
AdwCleaner[R2].txt - [1152 octets] - [28/08/2014 17:47:06]
AdwCleaner[R3].txt - [5680 octets] - [27/02/2015 12:46:34]
AdwCleaner[R4].txt - [2115 octets] - [25/04/2015 13:09:31]
AdwCleaner[R5].txt - [2629 octets] - [06/07/2015 09:29:10]
AdwCleaner[S0].txt - [13387 octets] - [12/02/2014 16:40:13]
AdwCleaner[S1].txt - [20866 octets] - [27/08/2014 09:17:39]
AdwCleaner[S2].txt - [1214 octets] - [28/08/2014 18:04:03]
AdwCleaner[S3].txt - [5682 octets] - [27/02/2015 12:48:32]
AdwCleaner[S4].txt - [2166 octets] - [25/04/2015 13:15:44]
AdwCleaner[S5].txt - [2453 octets] - [06/07/2015 09:31:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2513 octets] ##########



message edited by auto7890


Report •

#8
July 5, 2015 at 16:51:37
Weird or what...,doesn't make sense?

Report •

#9
July 5, 2015 at 16:59:36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.1 (07.05.2015:1)
OS: Windows 8 x64
Ran by budda on Mon 07/06/2015 at 9:39:27.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\LaunchPreSignup
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask
Successfully deleted: [Task] Ojoulerp

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\itibiti.exe
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\outfoxtv

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\ProgramData\Ojoulerp\1.0.1.0\aovoiido.exe
Successfully deleted: [File] C:\Users\budda\AppData\Roaming\microsoft\internet explorer\quick launch\play games.lnk

~~~ Folders

Successfully deleted: [Folder] C:\Program Files\driverassist
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\Users\budda\AppData\Roaming\pcdr
Successfully deleted: [Folder] C:\ProgramData\988c9f5000007cda

~~~ FireFox

Successfully deleted the following from C:\Users\budda\AppData\Roaming\mozilla\firefox\profiles\0egts14d.default-1392157018852\prefs.js

user_pref(browser.search.searchengine.alias, oursurfing);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.oursurfing.com/web/favicon.ico);
user_pref(browser.search.searchengine.name, oursurfing);
user_pref(browser.search.searchengine.ptid, smt);
user_pref(browser.search.searchengine.uid, ST500LT012-9WS142_W0V1AB99XXXXW0V1AB99);
user_pref(browser.search.searchengine.url, hxxp://www.oursurfing.com/web/?type=dspp&ts=1434347777&z=aed8480b6c838b2315a3accgfzdcczbcfzfmfm1o0z&from=smt&uid=ST500LT012-9WS14
Emptied folder: C:\Users\budda\AppData\Roaming\mozilla\firefox\profiles\0egts14d.default-1392157018852\minidumps [62 files]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/06/2015 at 9:41:49.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Report •

#10
July 5, 2015 at 17:55:52
Glad to hear that the offender has been removed. Those programs do not always find everything that is lurking. A certain Johnw on here is expert at cleaning malware and viruses. He will most likely suggest you run further checks.

Always pop back and let us know the outcome - thanks


Report •

#11
July 5, 2015 at 17:57:41
Your system is loaded with malware. That might explain some of the other problems you've posted about lately.

Report •

#12
July 5, 2015 at 19:13:19
Thanks Derek.

auto7890, I helped you twice earlier this year & I was not finished getting you properly clean.

Stay with me until I let you know you are clean.

Please download Farbar Recovery Scan Tool and save it onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
http://www.bleepingcomputer.com/dow...
If we have to run Farbar more than once, refer this SS.
http://i.imgur.com/yUxNw0j.gif
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the Desktop.
The first time the tool is run, it makes also another log (Addition.txt).
The logs are large, upload them using Zippy ( No account/registration needed ) or upload to a site of your choosing. Give us the links please.
http://www.zippyshare.com/
Instructions on how to use ZippyShare.
http://i.imgur.com/naG6t2T.gif
http://i.imgur.com/Vi9ZdIh.gif
http://i.imgur.com/1IZu5kP.gif


Report •


Ask Question