Infection

  Hetti 11:15 20 Jan 2011
Locked

My brother is infected with Antivirus 8, he got a message something like, he clicked to run software that appeared on his screen (cant believe it).
then he got message something like
When he trys to open browser he gets
"About IE Emegency mode, Malicous software Antivirus 8.
He cannot go online now, can someone advise please.

  bremner 11:28 20 Jan 2011

Try here click here

  robin_x 11:35 20 Jan 2011

Also AV boot CD .iso download here to make a boot CD/scanner.

click here

  Hetti 13:35 20 Jan 2011

bremmner
I did as the instrucions said, and managed to install malwarebytes/change its name, but then the antivirus 8 would not let me do enything else it was saying malwarebytes was dangerous software and it was blocking it.

He has phoned local Computer shop they want "abt £50" to fix it but it looks like he will have to let them fix it.

robinofloxley
That link wont work for me.Im not very PC literate will it be easy for me to do?

  Hetti 13:39 20 Jan 2011

robinofloxley

got that link now, does that mean the disk will clean the virus off, or would I still need Malwarebytes?

  Fruit Bat /\0/\ 14:49 20 Jan 2011

click here

# After you rename the mbam-setup.exe to iexplorer.exe, close all your programs and Windows on your computer, including this one.

# Now double-click on the file you renamed, which is now called iexplore.exe, and the installation of MBAM will start on your computer.

Antivirus 8 will not recognise the renamed file as Malwarebytes and so should allow it to run.

It is best to boot to safe mode to run the file iexplore.exe

  Hetti 17:34 20 Jan 2011

Friut Bat /0\

I did as you say, got as far as the step below




As this infection will not allow you run executables unless they have certain filenames, we need to rename the core MalwareBytes' Anti-Malware executable so that it can run. To do this open the C:\program files\Malwarebytes' Anti-Malware\ folder. To open this folder, click on the Start button and type in the search field:

C:\program files\Malwarebytes' Anti-Malware\

Then press the enter button on your keyboard.

Then I was getting Antivirus8 sayin it had blocked the file from running.

  Hetti 17:42 20 Jan 2011

Just to add, my brother phoned a local man who has an add in local shop to repair all PC problems, he says he wants £25 if its straightfoward which he says it should be. But it may need a rebuild,costing £60, what does a rebuild entail?

  hiwatt 17:43 20 Jan 2011

Rename the mbam.exe file before saving it.Rename it "Hetti.exe" and try running it again.If you can get into safe mode(by tapping f8 at boot up)do it there.

  Fruit Bat /\0/\ 17:54 20 Jan 2011

Ignore Antivirus8

All you need to do is RIGHT click mbam.exe
select rename from the menu type in any name you like with .exe at the end
(Hettie.exe)

when its renamed then double LEFT click and it will run the malwarebytes program and clean the infection.

When the PC is cleaned then rename the file back to mbam.exe

  Hetti 20:24 20 Jan 2011

Thanks all

I just went to brothers to try again and Lo and behold when I booted PC Avast reported the infection cleaned it, so I didnt have to do anything cant believe after all day Avast decides to do the job.
Im so happy, he has his PC working again.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 hack: How secure is your Wi-Fi?

Microsoft Surface Book 2 hands-on review – bigger and 5x faster

Best kids apps for iPhone & iPad

Que faire si son iPhone ou iPad est tombé dans de l'eau ?