Hetti 11:15 20 Jan 11

My brother is infected with Antivirus 8, he got a message something like, he clicked to run software that appeared on his screen (cant believe it).
then he got message something like
When he trys to open browser he gets
"About IE Emegency mode, Malicous software Antivirus 8.
He cannot go online now, can someone advise please.

  bremner 11:28 20 Jan 11

Try here click here

  robin_x 11:35 20 Jan 11

Also AV boot CD .iso download here to make a boot CD/scanner.

click here

  Hetti 13:35 20 Jan 11

I did as the instrucions said, and managed to install malwarebytes/change its name, but then the antivirus 8 would not let me do enything else it was saying malwarebytes was dangerous software and it was blocking it.

He has phoned local Computer shop they want "abt £50" to fix it but it looks like he will have to let them fix it.

That link wont work for me.Im not very PC literate will it be easy for me to do?

  Hetti 13:39 20 Jan 11


got that link now, does that mean the disk will clean the virus off, or would I still need Malwarebytes?

  Fruit Bat /\0/\ 14:49 20 Jan 11

click here

# After you rename the mbam-setup.exe to iexplorer.exe, close all your programs and Windows on your computer, including this one.

# Now double-click on the file you renamed, which is now called iexplore.exe, and the installation of MBAM will start on your computer.

Antivirus 8 will not recognise the renamed file as Malwarebytes and so should allow it to run.

It is best to boot to safe mode to run the file iexplore.exe

  Hetti 17:34 20 Jan 11

Friut Bat /0\

I did as you say, got as far as the step below

As this infection will not allow you run executables unless they have certain filenames, we need to rename the core MalwareBytes' Anti-Malware executable so that it can run. To do this open the C:\program files\Malwarebytes' Anti-Malware\ folder. To open this folder, click on the Start button and type in the search field:

C:\program files\Malwarebytes' Anti-Malware\

Then press the enter button on your keyboard.

Then I was getting Antivirus8 sayin it had blocked the file from running.

  Hetti 17:42 20 Jan 11

Just to add, my brother phoned a local man who has an add in local shop to repair all PC problems, he says he wants £25 if its straightfoward which he says it should be. But it may need a rebuild,costing £60, what does a rebuild entail?

  hiwatt 17:43 20 Jan 11

Rename the mbam.exe file before saving it.Rename it "Hetti.exe" and try running it again.If you can get into safe mode(by tapping f8 at boot up)do it there.

  Fruit Bat /\0/\ 17:54 20 Jan 11

Ignore Antivirus8

All you need to do is RIGHT click mbam.exe
select rename from the menu type in any name you like with .exe at the end

when its renamed then double LEFT click and it will run the malwarebytes program and clean the infection.

When the PC is cleaned then rename the file back to mbam.exe

  Hetti 20:24 20 Jan 11

Thanks all

I just went to brothers to try again and Lo and behold when I booted PC Avast reported the infection cleaned it, so I didnt have to do anything cant believe after all day Avast decides to do the job.
Im so happy, he has his PC working again.

