7 Replies Latest reply on Apr 24, 2010 9:16 AM by k3tg

    AVE.EXE won't go away tried stingers still...

      I am running windows XP SP3.  Everything was fine until a week ago.  Have all these fake alerts.  I dowloaded the stingers onto a USB drive and ran them at home, after I disabled system restore. That seemed to do the trick for a week.  Now it is back.  Stingers don't work. - tried both. Have them set at HIGH sensitivity.  Now I can't get onto the internet.  I did manage to download McAfee Total Protection 2010 Trial Version.  Ran a full scan and that found a couple of items, but the problem is still there.  Now when I open McAfee it says I am at risk because active scan is off I try to turn it on but it just keeps reverting to off. Since I can't access the internet consistently I am not sure what to do.  Any suggestions?

       

       

      Message was edited by: tkdmom on 4/7/10 12:56:38 PM CDT
        • 1. Re: AVE.EXE won't go away tried stingers still...
          k3tg

          Try running Superantispyware www.superantispyware.com and Malwarebytes www.malwarebytes.org both of which are free and are excellent programs to have in addition to McAfee.

          • 2. Re: AVE.EXE won't go away tried stingers still...

            Not to put down McAfee recommended additional software, but Microsoft has a wonderful tool that is free and doesn't download EXE's.  Go to ONECARE.LIVE.COM/SCAN and follow the directions for a full scan. It works under IE. When it asks if you want to buy the product, just say no.


            I have found that even with McAfee running on my computers, occasionally something starts to act oddly, like you are describing, and the Onecare.Live scan finds it and removes it.

             

            Good Luck

            • 3. Re: AVE.EXE won't go away tried stingers still...
              k3tg

              If you haven't already seen this link, I will post it for you.Required Reading - Home User Assistance Malware Troubleshooting

               

               

              From what I find researching this virus, this is pretty difficult to remove. You might want to run a online virus scan from Eset and is another good program to try http://www.eset.com/onlinescan

               

               

              Message was edited by: k3tg on 4/14/10 4:17:28 PM CDT
              • 4. Re: AVE.EXE won't go away tried stingers still...

                I have just finished recovering from ave.exe after two days trying to sort it (between work and real life).

                McAfee online chat didn't help at all - just suggested I could use the "for a £60 fee" service.

                Tried the mcafee article on malware - stinger ran fine but found nothing wrong (while ave.exe was actually runnning).

                Stopzilla found lots of issues but I'm reluctant to pay the fee as I'm dubious about the product.

                The mcafee forum didn't give solid answers anywhere - and this for one of the most respected AV firms!

                 

                Searched loads of other "buy me to cure your spyware" sites.

                Finally found the answers on answers.yahoo.com.

                 

                http://answers.yahoo.com/question/index?qid=20100315232027AACgAjz

                 

                In vista the key thing is to get to command mode to delete the file which is marked as hidden.

                START+R > RUN > type COMMAND and press enter

                this gives an old fashioned DOS prompt which is great if you know how to use it!

                get to the correct drive  type C: <return>

                move to the right folder CD \USERS\(your name)\AppData\Local <return>

                now to delete the file DEL /AH AVE.EXE <return>

                if you need to see what else is there then DIR /AH /X which shows both the long filename with spaces and the short filename of files.

                (for help on DIR or DEL just add /? )

                 

                The other key tip in the thread above is to get regedit to run to fix the registry. It will not work if you run the exe as the virus has caught it.

                START+R > RUN > c:\windows\

                find REGEDIT and RIGHT-CLICK then START (not open!!)

                then find ave.exe - remaining instructions are in the above mentioned thread.....

                 

                Good luck

                Once I found the info it took about an hour to sort with various reboots, and install of windows updates.

                 

                That would not be so difficult for Mcafee to document professionally would it?  (I'm not a modern techie as you can tell from the DOS knowledge!)

                Mcafee lose my renewal fee next time I'm afraid as this is the second time this sort of thing has got past them and they have been no help at all.

                 

                Mark

                • 5. Re: AVE.EXE won't go away tried stingers still...
                  Peter M

                  Moved to  Malware Discussion > Home User Assistance > Discussions where hopefully someone form Malware Removal/Antivirus developement will notice.

                  • 6. Re: AVE.EXE won't go away tried stingers still...

                    Sorry I didn't post this sooner - I downloaded both items listed above by k3tg - ran the first one and that seemed to do the trick.  It was free.

                    My system is still running a little slower than normal - doesn't need defragged - got rid of all temporary files.  I am sure there is alot of stuff on there that could be removed - just don't know how to begin.

                     

                    Thank you very much.

                     

                     

                     

                     

                     

                     

                    on 4/16/10 8:23:54 AM CDT
                    • 7. Re: AVE.EXE won't go away tried stingers still...
                      k3tg

                      tkdmom

                       

                      I'm glad your running ok now

                       

                      Tom K3TG