Av-best.info
Av-best.info is a fake security website that tricks computer users into purchasing the rogue anti-spyware program Anti-Virus-1. Av-best.info is also related to Scanner.av.best.info/a>, which is another malicious website created to promote unwanted programs such as Anti-Virus-1 and System Security.
If your default home page redirects to Av-best.info, it is possible that you have a computer infection that needs to be removed immediately. It is best to perform a scan using a reliable anti-spyware program to detect and safely remove Av-best.info and Anti-Virus-1 files from your computer. Av-best.info is not a good site to visit and will only expose your computer to additional malware infections.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Virus Doctor.lnk 2 %UserProfile%\Application Data\Virus Doctor 3 %UserProfile%\Application Data\Virus Doctor\settings.ini 4 %UserProfile%\Application Data\Virus Doctor\uill.ini 5 %UserProfile%\Desktop\Virus Doctor.lnk 6 %UserProfile%\Start Menu\Programs\Virus Doctor.lnk 7 %UserProfile%\Start Menu\Virus Doctor.lnk 8 c:\Documents and Settings\All Users\Application Data\927e 9 c:\Documents and Settings\All Users\Application Data\927e\Languages 10 c:\Documents and Settings\All Users\Application Data\927e\Languages\VDDe.lng 11 c:\Documents and Settings\All Users\Application Data\927e\Languages\VDFr.lng 12 c:\Documents and Settings\All Users\Application Data\927e\Languages\VDIt.lng 13 c:\Documents and Settings\All Users\Application Data\927e\mozcrt19.dll 14 c:\Documents and Settings\All Users\Application Data\927e\sqlite3.dll 15 c:\Documents and Settings\All Users\Application Data\927e\System Data Configuration 16 c:\Documents and Settings\All Users\Application Data\927e\System Data Configuration\DBInfo.ver 17 c:\Documents and Settings\All Users\Application Data\927e\System Data Configuration\vd952342.bd 18 c:\Documents and Settings\All Users\Application Data\927e\unins000.dat 19 c:\Documents and Settings\All Users\Application Data\927e\unins000.exe 20 c:\Documents and Settings\All Users\Application Data\927e\VDoca582.exe 21 c:\Documents and Settings\All Users\Application Data\System Data Configuration 22 c:\Documents and Settings\All Users\Application Data\System Data Configuration\config.cfg 23 c:\Documents and Settings\All Users\Application Data\System Data Configuration\DB.ini 24 c:\Documents and Settings\All Users\Application Data\System Data Configuration\fsvd6398.db 25 VDoctor.exe 26 Virus Doctor.lnk 27 VirusDoctor[1].exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Virus Doctor"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "URVDoc[]"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Virus Doctor_is1
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.