Antimalwarelist.com
Antimalwarelist.com (aka Antimalwarelist.net) is a rogue website which advertises Antivirus 8 as a legitimate malware remover. Do not click anything on the page if your browser is redirected to antimalwarelist.com. Antimalwarelist.com will run a fake security scan which reports bogus malware on the system. This scare tactic is to confuse unwary computer users and urge them to purchase Antivirus 8, which is actually a useless product. Remove this antimalwarelist.net from your browser and use a reliable malware remover to make sure your PC is threat free.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Desktop\Antivirus8.lnk 2 %Documents and Settings%\All Users\Start Menu\AV\Antivirus8.lnk 3 %Documents and Settings%\All Users\Start Menu\AV\Uninstall.lnk 4 %Program Files%\AV\Antivirus8.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Antivirus8HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Antivirus8"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antivirus8
Manual removal instructions are incomplete. First of all, it adds itself as a "debugger" for explorer.exe, under HKLM\Software\Microsoft\Windows NT\Image File Execution Options, so if you delete av8.exe and reboot, you'll get a black screen where you can't get the login to show up. You **MUST** remove this registry key, or you will not be able to log in.
Secondly, it hijacks your DNS somehow, and any time you go to microsoft.com, it sends you to antimalwarelist.com.
Since you don't list removal instructions for these things, I have to assume you don't know how this virus works, and your software will be unable to remove it. I will warn people about your software in the future.