HijackThis shows Antivirus8 infection:
O4 – HKCU\..\Run: [AV8] C:\Program Files\AV8\av8.exeWhat Antivirus 8 does
Antivirus8 look is such a normal antivirus/antispyware tool, but in reality, this program is not able to perform any type of security related functions when installed on a computer. This program created with one purpose to trick you into purchasing its full version.Antivirus 8 is distributed via trojans that come from various misleading websites. When the trojan is started, it will download and install the rogue onto your computer without your permission and knowledge.
Screen shoot of Antivirus8
When running, Antivirus8 will configure itself to run automatically every time when your computer starts. After that, it will perform a fake system scan and list a variety of infections or potentially dangerous files. It states that your computer is infected with adware, trojans, worms or malware and that you should purchase Antivirus 8 to remove these infections. Obviously, such results are a fraud, the program want to scare you into thinking that your computer is infected with malicious software.
While Antivirus8 is running, it will flood your computer with fake security alert and notifications from Windows task bar. Furthermore, the rogue may disable Task Manager and hijack Internet Explorer so, that it will display various misleading notifications while browsing the web.
As you can see, Antivirus 8 is absolutely useless and what is more, even dangerous software. Most importantly, do not purchase it. Instead, please use the Antivirus8 removal guide here or the instructions below in order to remove this malware from your computer for free.
How to remove Antivirus8
1. Download Malwarebytes Anti-malware. Before saving, in the Save dialog, rename mbam-setup.exe to explorer.exe and save it to your desktop.
2. Double click explorer.exe to install the application. When installation is complete, make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version.
3. Antivirus8 may block Malwarebytes Anti-malware, from running. So, you should rename the core Malwarebytes Anti-Malware executable before running it. Click Start and type in Search field (if you using Windows 2000/XP, Click Start, Run and type in Open field):
%ProgramFiles%\Malwarebytes` Anti-Malware
4. Next, press Enter. It will open the Malwarebytes` Anti-Malware folder. Right click to a file named mbam.exe (or mbam) and select rename. Type explorer.exe (or explorer) and press Enter. Double click to this file to run Malwarebytes` Anti-malware.
5. Once the program has loaded you will see a screen like below.
Malwarebytes' Anti-Malware
6. Select "Perform Quick Scan", then click Scan. When the scan is done, click OK, then Show Results to view the results. You will see a list of malware that Malwarebytes' Anti-Malware found on your computer. Note: list of malware may be different than what is shown in the screen below.
Malwarebytes' Anti-Malware - lists of malicious software
7. Make sure that everything is checked, and click Remove Selected. Once disinfection is finished, a log will open in Notepad and you may be prompted to Restart.
8. Your computer should now be free of the Antivirus 8. If the instructions does not help you, then ask for help in the Spyware removal forum.
Note: if you can`t download or run these suggested program above, boot your computer in Safe mode with networking and repeat the above steps once again.
Antivirus8 associated files and folders:
%UserProfile%\Desktop\Antivirus8.lnk%ProgramFiles%\AV8\
%ProgramFiles%\AV8\av8.exe
C:\Documents and Settings\All Users\Start Menu\AV8\C:\Documents and Settings\All Users\Start Menu\AV8\Antivirus8.lnk
C:\Documents and Settings\All Users\Start Menu\AV8\Uninstall.lnk
Antivirus8 associated registry keys and values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV8"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe "Debugger" = “C:\Program Files\AV8\av8.exe -d”
No comments:
Post a Comment