asked on
Hi,
Don't know how, but I got infected w/ a malware program masquerading as an antivirus program. It's called Antivirus XP and mimics the native Windows Security center, and AVG. I probably have the newest version of this malicious crap.
I couldn't launch any apps because it would always bring up that stupid app. I looked in my registry and there was were two entries in
HKEY_CURRENT_USER\Software
(Default) "C:\Documents and Settings\Gene\Local Settings\Application Data\ave.exe" /START "%1" %*
IsolatedCommand "%1" %*
I didn't know whether the .exe entry was changed or added, so I renamed it to ".exeX". After that I was able to launch applications. However, the bad entry remains in my registry, just renamed.
I did some searching and a program called MalwareBytes was recommended. However, when launched it doesn't update properly, just hanging. I do have internet access on this machine, so that's not the problem. So the program didn't work for me.
My concern is that if I reboot, it could start up again. I don't know which files to delete, or which entries in msconfig or whereever. Before deleting the registry entry, I searched for ave.exe and could only find it as ave.exe****.pf (the **** were some numbers). However, the program still launched.
How can I delete this crap for good??
Thanks!
Don't know how, but I got infected w/ a malware program masquerading as an antivirus program. It's called Antivirus XP and mimics the native Windows Security center, and AVG. I probably have the newest version of this malicious crap.
I couldn't launch any apps because it would always bring up that stupid app. I looked in my registry and there was were two entries in
HKEY_CURRENT_USER\Software
(Default) "C:\Documents and Settings\Gene\Local Settings\Application Data\ave.exe" /START "%1" %*
IsolatedCommand "%1" %*
I didn't know whether the .exe entry was changed or added, so I renamed it to ".exeX". After that I was able to launch applications. However, the bad entry remains in my registry, just renamed.
I did some searching and a program called MalwareBytes was recommended. However, when launched it doesn't update properly, just hanging. I do have internet access on this machine, so that's not the problem. So the program didn't work for me.
My concern is that if I reboot, it could start up again. I don't know which files to delete, or which entries in msconfig or whereever. Before deleting the registry entry, I searched for ave.exe and could only find it as ave.exe****.pf (the **** were some numbers). However, the program still launched.
How can I delete this crap for good??
Thanks!
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 18 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.