Go Back   Viprasys - Your #1 source for freewares > PC Related > Tutorials

Tutorials Post All Your Custom Made Tutorials And Explanations here

Similar Threads
Thread Thread Starter Forum Replies Last Post
Norway mourns victims of anti-Islam "Crusader" -_- L.a.F.a.N.g.A -_- World News 1 07-26-2011 07:51 AM
Virus "Staksnt" pierce the six million computer China jara101 Technology and Software News 0 10-06-2010 03:25 PM
"READ""_qx4_ < is a hacker"programer"knows arabic" and he says he's allah))) [AK-SWAGGA] Trash Can [Archive] 1 01-22-2009 09:55 AM

Post New Thread  Reply
 
LinkBack Thread Tools Display Modes
Old 05-04-2010, 07:39 PM   #1 (permalink)
![***4326;Tragic.Figure*** 4326;]!
 
Join Date: Feb 2009
Location: Gooooogle
Posts: 10
VipraSys Cash: 1,206.35
Thanks (Given): 0
Thanks (Received): 0
Likes (Given): 0
Likes (Received): 0
xBlean is an unknown quantity at this point
Send a message via AIM to xBlean Send a message via MSN to xBlean Send a message via Yahoo to xBlean
Default [GUIDE] How to remove "ava.exe", the easy way (The rouge anti-virus software)

[GUIDE] How to remove "ava.exe", the easy way (The rouge anti-virus software)

Quote:
Well, let me get this out of the way, please pardon me before hand if:
  1. There is something like this (I searched, and didn't find anything)
  2. If I posted this in the wrong section. (I tried asking for help to make sure I was getting in the right spot, but I never got an answer)
  3. If for some reason, this post is against the forum rules of any sort. (As you can tell, I am still new and I am trying to contribute any way I can)
What should be known about this rouge virus

--Well, this would have to be one of most PAIN of "viruses" out there. It is obtain by just simply browsing websites, and once you hit the certain one that contains the form of "ava.exe", it automatically installs itself as an Automatic Update in an instant. Once it's installed itself, it will make it so if you try to launch any executable programs at all, it launches the "Rouge Virus Program" itself, rendering it useless to try to run any programs.

NOTE: If you have had this virus before, you know how much of a pain it is. IF you are the lucky ones who hasn't.... It is a paaaaaaaaaain!

Also, it will hijack your internet browser and state that the site is a security risk and not allow you to do anything.

What would be the most easiest way to get rid of it?\

Well, to put it simple, one of the EASIEST ways to get rid of it is with TWO simple text files that all you have to do is right click, then install/merge. I will begin telling you how to fix it, now.
-------------------------------------------------------------

Warning: This method is simple, but it consists of editing your regedit. There will be a download provided.

If you don't trust it, a simple way to check:
1) Download the file
2) Right click on the file (Fix.reg)
3) Click on the "Edit" open

This will bring up notepad containing the exact regedit entries that are edited.

I can vouch, and will put my word, user name, and rep that this IS a fix for ave.exe.

I've tested it MULTIPLE of times myself.
[Always make sure to back up your regedit]
-------------------------------------------------------------
Make sure your computer is rebooted in safe mode, with the two files saved to your desktop

How to use:
  1. Download fix.reg located [Only registered users can see links. ]
  2. Browse to the file location, double click, and press yes to edit the regedit data.
[Optional]
  1. Download fix2.inf located [Only registered users can see links. ] [If you want to see the contents of it, Right Click the file then click Open]
  2. Browse to the file location and Right Click, then click Install
    ----------------------------------------------------------------
After these steps are completed, you should be able to once again open Firefox, Internet Explorer, etc and get rid of all the annoying AVE.EXE type malware from popping up.
-----------------------------------------------------------------------
To make sure you are COMPLETELY SAFE, it is HIGHLY recommended to download, install, and run MalwareByte Anti-Malware to remove any more traces.
If you don't know where to find it, you can download it [Only registered users can see links. ]
------------------------------------------------------------------------
Additional/Important Information

What the
fix.reg should say when opened in notepad

Quote:
Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USERSoftwareClasses.exe]
[-HKEY_CURRENT_USERSoftwareClassessecfile]
[-HKEY_CLASSES_ROOTsecfile]
[-HKEY_CLASSES_ROOT.exeshellopencommand]

[HKEY_CLASSES_ROOTexefileshellopencommand]
@=""%1" %*"

[HKEY_CLASSES_ROOT.exe]
@="exefile"
"Content Type"="application/x-msdownload"
What the fix2.inf should say when opened in notepad
Quote:
[Version]
Signature="$"
Provider=Myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, SoftwareClasses.exe
HKCU, SoftwareClassessecfile
HKCR, secfile
HKCR, .exeshellopencommand

[regsec1]
HKCR, exefileshellopencommand,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"
Misc. Information
The different names of the Rouge Virus



__________________

To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
xBlean is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 08:10 AM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.1
vBCredits II Deluxe - vBulletin Mods & Addons Copyright © 2010-2014 DragonByte Technologies Ltd.
Feedback Buttons provided by Advanced Post Thanks / Like v3.1.6 (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
The logos and trademarks used on this site are the property of their respective owners.
We are not responsible for comments posted by our users, as they are the property of the poster.