Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Is axel.dav a virus?

52 views
Skip to first unread message

Steve

unread,
Feb 27, 2007, 8:39:36 PM2/27/07
to
Hello,
I was trying to help my mother get her computer running and
came across a file called axel.dav on the desktop (2 copies). I then
noticed it in several folders on her computer (XP OS). The original
problem she described to me was he computer would not boot. Once I
did a Recovery Restore (HP machine) I was able to boot, but it would
shut down randomly or sometimes just rebbot during the original boot.
Tried save mode and normal.

Any idea if this is a virus, very little info on axel.dav.

webster72n

unread,
Feb 27, 2007, 9:08:51 PM2/27/07
to

"Steve" <noe...@verizon.invalid> wrote in message
news:21n9u293pkqq5o2fu...@4ax.com...

A bit of "googling" produced these results:
It seems to be a virus and the writer is from Europe.
The leftover files are hard to get rid of, not even with a reinstall.
Only Fdisk and Format will do the trick.
Good luck.

Harry.


David H. Lipman

unread,
Feb 27, 2007, 9:23:15 PM2/27/07
to
From: "Steve" <noe...@verizon.invalid>

I don't think this is a Virus. All references tie axel.dav to HP computers so it may very
well be HP software realted.

I dealt with theis a while back and I think there was a false positive for the VBS:Redlof on
that file.

Just to be sure...


Please submit a sample of "axel.dav" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:sc...@virustotal.com?subject=SCAN

When you get the report, please post back the exact results.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


Bill

unread,
Feb 27, 2007, 9:54:28 PM2/27/07
to
On Feb 27, 7:39 pm, Steve <noem...@verizon.invalid> wrote:
> Hello,
> I was trying to help my mother get her computer running and
> came across a file called axel.dav on the desktop

Yeah, he's the lead singer for Guns n' Roses.


Ragdollbaby1208

unread,
Jan 28, 2008, 4:07:04 PM1/28/08
to

::I also was having problems booting my computer up which was only 3
months, I called tech support with HP and did all of the stupid little
things they told me to do, this has been going on now for 10 months
now, finally I did what hp's site said if none of the other stuff
helped to reformat my computer which that is when matters got worse, on
the Recovery disc's from HP is the axel.dav virus over 3000 files, it
has trashed my computer, porgrams and alot of my files, still HP don't
hold themselves responsible for this problem and basically called me a
liar. I am going to file a class action lawsuit against HP. They
refuse to take care of the problem and the virsus comes from their
recovery discs. If anyone else has had this problem and would like to
be included in the suit you can get in contact with me::


--
Ragdollbaby1208
------------------------------------------------------------------------
Ragdollbaby1208's Profile: http://forums.techarena.in/member.php?userid=40562
View this thread: http://forums.techarena.in/showthread.php?t=694144

http://forums.techarena.in

David W. Hodgins

unread,
Jan 28, 2008, 8:27:35 PM1/28/08
to
On Mon, 28 Jan 2008 16:07:04 -0500, Ragdollbaby1208 <Ragdollbaby...@donotspam.com> wrote:

> the Recovery disc's from HP is the axel.dav virus over 3000 files, it
> has trashed my computer, porgrams and alot of my files, still HP don't
> hold themselves responsible for this problem and basically called me a

Did it ever occur to you, that the recovery partition may have been fine,
until your computer became infected? Just because the recovery partition
is not normally made visible to regular applications, does not mean it can
not be written to, and infected. If you're running xp, as an administrator,
the virus doesn't even need to escalate privleges, to write to the recovery
partition. If you are running as an unpriveledged user, it can still be
done, by a variety of priveledge escalation methods.

Format & re-install, requires installing from known clean media. It does
not mean re-install, from a writable hard drive, on the already infected
computer.

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Ragdollbaby1208

unread,
Jan 28, 2008, 10:46:26 PM1/28/08
to

Normally that would be the case, except, the recovery disks were made
immediately upon the arrival of the computer, the computer was pulled
out of the box, plugged into the wall outlet and then the recovery
disks were made before even hooking up to the internet.

Therefore, either it came with the recovery partition already infected
from the factory, ups pulled the computer in the warehouse, opened it
up and infected the recovery partitition, or the blank cds were
infected from the store, now with that said what would be the most
likely case scenerio.

> Format & re-install, requires installing from known clean media. It
> does
> not mean re-install, from a writable hard drive, on the already
> infected
> computer.
>

Exactly and that is how it was discovered, the system was being
formated and re-installed from the initial recovery disks not the
harddrive itself, that were made up receiving the computer. This was
full format not just a partition format. Therefore the computer had to
been infected prior to arrival.

Buzzard

unread,
Jan 28, 2008, 11:37:04 PM1/28/08
to
You're saying, then, that the recovery discs
are CD's?

Ragdollbaby1208

unread,
Jan 29, 2008, 10:55:51 AM1/29/08
to

Yes they are Brand New CD-R not CD-RW right out of the box.

Buzzard

unread,
Jan 29, 2008, 7:22:47 PM1/29/08
to
Ragdollbaby1208 wrote:
> Yes they are Brand New CD-R not CD-RW right out of the box.

When you restored, did you boot windows from the HD and
then insert the recovery CD's, or did you coldboot the
computer *from* the first recovery CD?

--
Buzzard

kkaionsg

unread,
Dec 2, 2009, 5:31:01 AM12/2/09
to

if you're really worried about it, theres a relatively easy way to
delete all instances of it. go to command prompt, and type in:


del C:\axel.dav /s /q


and let it run till it stops. if it says the command in the titlebar,
its still running. it'll delete most of the axel.dav files in ur system,
which could take a while to find and get rid of. once its done that,
type in:


del C:\axel.dav /s /q /a:h


and that will delete the rest. both things can(and probably will) take
a while, while it searches


PS: if you're wondering, /s means delete specified file in all
sub-directories, /q tells it not come up with a confirmation box, and
/a:h tells it to delete hidden files. the command you put in first only
deleted ones that werent hidden, and the second one would only delete
ones that are (leaving the ones that arent)


--
kkaionsg
------------------------------------------------------------------------
kkaionsg's Profile: http://forums.techarena.in/members/160205.htm
View this thread: http://forums.techarena.in/security-systems/694144.htm

http://forums.techarena.in

0 new messages