ave.exe virus?, how to get rid of it? |
 Mar 18 2010, 10:15 AM
Post
#1
|
|
 Senior Member  Group: Staff Alumni Posts: 4,665 Joined: Aug 2008 Member No: 676,364  |
this worm/virus thing came out of NOWHERE when i was surfing through firefox.
i looked through google to see how to remove it. I LOOKED at this: QUOTE Changing .exe file associations: Because you're having trouble running exe files (due to associations in the registry) you might actually have trouble accessing the registry to change the associations. TRY: 1. start > run > c:\windows\ 2. right click regedit.exe > start (NOT OPEN) 3. In the registry go to HKEY_CLASSES_ROOT\.exe 4. Right Click (default) , modify 5. value = "exefile" (without the quotes & equal sign) 6. Reboot As previously mentioned, this might not work because of permissions you've changed. You may want to restore permissions and follow the instructions below. Identifying the rootkit, then rebooting, then removing file associations is advisable. Removing the Virus: ave.exe is rootkit worm. It changes the association of exefiles within the registry and hijack all the programs. The first step is to remove the rootkit. If you download PREV free version and run it (I know you don't want to download - but this will at least confirm where the rootkit is AND ave.exe will NOT stop you from installing, like it does malware bytes). Subsequently, you will at least be able to find out where that rootkit file is. Likely it is c:\windows\DCEboot.exe. 1. Remove rootkit (c:\windows\DECBoot.exe) 2. Reboot 3. Open up the registry (start > run > regedit) 4. Search for ave.exe 5. Remove any entries for ave.exe (ave.exe ONLY) 6. In the registry go to HKEY_CLASSES_ROOT\.exe 7. Right Click (default) , modify 8. value = "exefile" (without the quotes & equal sign) 9. Reboot This should give you control back over your machine. Then, if you can, install malware bytes (which you can't install while this virus is operating), and clean up anything remaining. A registry cleaner, might also be advisable. ave.exe, will no longer run. I suspect, because you've changed permission on ave.exe, the association of .exe (step 7) which is likely executing ave.exe is causing the issue. Change that registry issue and your problems should go away. Source(s): Completed the above yesterday (hopefully, we're talking about the same virus). In my research, it looks like this virus has become more prevalent since March 15, so likely we're talking about the same thing. What should I do? |
|
|
|
Posts in this topic
Beenly ave.exe virus? Mar 18 2010, 10:15 AM
Maccabee What? Mar 18 2010, 11:32 AM Beenly =/
so far the virus hasn't been acting up or ... Mar 18 2010, 02:40 PM Maccabee What? How do you know you got it? Just follow the ... Mar 18 2010, 03:11 PM itanium That one has been infecting a ton of Vista systems... Mar 18 2010, 05:29 PM Beenly QUOTE(Maccabee @ Mar 18 2010, 12:11 PM) W... Mar 18 2010, 07:52 PM
Maccabee QUOTE(Beenly @ Mar 18 2010, 07:52 PM) I k... Mar 18 2010, 09:52 PM Beenly QUOTEthis worm/virus thing came out of NOWHERE whe... Mar 19 2010, 09:51 AM Maccabee How did you know it was there all of a sudden? Mar 19 2010, 12:31 PM synapse QUOTE(Maccabee @ Mar 19 2010, 01:31 PM) H... Mar 19 2010, 12:48 PM Beenly nope. there was just 2 popups that showed and clo... Mar 19 2010, 03:35 PM -Jon- well if this virus becomes harmful, then you will ... Mar 21 2010, 12:19 AM Cum QUOTE(-Jon- @ Mar 20 2010, 09:1... Mar 22 2010, 10:15 AM itanium System restore only gets rid of the most primitive... Mar 22 2010, 03:36 PM Cum QUOTE(itanium @ Mar 22 2010, 12:36 PM) If... Mar 22 2010, 09:13 PM  |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members: