Home Malware Programs Browser Hijackers Malwareurl-check.com

Malwareurl-check.com

Posted: November 11, 2010

Malwareurl-check.com is a rogue website which works for Antivirus 8. The website will run a fake scan which produces bogus results claiming the system is infected with malware. This trickery deceives unwary computer users and promotes the sale of Antivirus 8, which is in fact a rogue program. Do not become another hapless victim of computer fraud and have all threats removed from your PC using a reliable malware remover.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Documents and Settings%\[UserName]\Desktop\Antivirus8.lnk
    2 %Documents and Settings%\All Users\Start Menu\AV\Antivirus8.lnk
    3 %Documents and Settings%\All Users\Start Menu\AV\Uninstall.lnk
    4 %Program Files%\AV
    5 %Program Files%\AV8
    6 %Program Files%\AV\Antivirus8.exe
    7 %Program Files%\AV\Av8.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\A88246HKEY_CURRENT_USER\Software\Antivirus8HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV8"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV8"="C:\Program Files\AV8\av8.exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Antivirus8"HKEY_CURRENT_USER\Software\WinFDHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe "Debugger" = "C:\Program Files\AV8\av8.exe -d"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "WinNT-A8I 23.09.2010"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antivirus8
Loading...