Results 1 to 5 of 5

Thread: [Solved] XP Security infection removing ave.exe infection.

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    hewitt Guest

    Default [Solved] XP Security infection removing ave.exe infection.

    On March 19, a faux anti-virus program calling itself "XP Security" installed itself on my Windows XP system, adding a four-color shield icon (Microsoft in appearance) to my system tray. ZoneAlarm Internet Security Suite did not stop it and does not detect it after a scan.

    XP Security pops up various hysterical virus warnings every 45 seconds, which must be manually closed, such as Privacy Threat!, System Hijack!, Virus Infection!, and so on. I can "recover from an infection right now, by performing a free system scan, click here." Every hour it pops up a full window, "XP Security - Unregistered version" pretends to do a scan, in 5 seconds, reports the details of 33 faux infections, and asks if I want to activate XP Security or stay unprotected. Activation costs $49.99. Every two hours it will also pop up a full window entitled "Windows Security Center" explaining that "Security Center helps you manage your windows security settings," and informing me that my Firewall is off (it isn't), Auto update is on, and virus protection is off (it isn't).

    On an irregular basis, it will try to run ave.exe and connect to various internet locations. ZoneAlarm anti-virus firewall catches such attempts, and I deny ave.exe access. When I open Firefox, I instead get an "XP Security Firewall Alert" informing me that "XP Security has blocked a program from accessing the internet," due to a changing roster of faux infections. I can either choose to "activate XP Security" or "continue unprotected;" the later choice gives me access to Firefox. XP Security completely blocks access to Control Center, Firewall.

    An internet search revealed a forum which advises of ways to kill "XP SecurityCenter." The screen shots looked identical to my "XP Security." So, I downloaded and tried to run Malwarebytes Anti-Malware (MBAM), but XP Security blocked MBAM from running. After some more research, I downloaded and ran RKill. It shuts down XP Security and any other malware it can find. Then I ran MBAM. It updated, then killed XP Security dead.
    Last edited by GeorgeV; April 11th, 2010 at 01:48 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. what to do after infection?
    By grandmere in forum Malware Discussion
    Replies: 1
    Last Post: November 29th, 2009, 10:09 AM
  2. Major infection?
    By layneh in forum Malware Discussion
    Replies: 1
    Last Post: December 17th, 2008, 11:32 PM
  3. Replies: 4
    Last Post: September 19th, 2007, 07:22 AM
  4. Help with infection
    By av_envy in forum Security Issues
    Replies: 7
    Last Post: June 20th, 2006, 05:06 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts