AV8 virus scan, advice needed please.

P

poppie1234

New Member
Hi all,
This morning i was doing some research and i clicked on a website.(cant remember what one)

A pop up suddenly appeared saying AV8 had detected viruses, did i want to run it. It started to do something (checking i think) but i immediately clicked out of it and shut down my computer.
I then in safe mode ran malwarebytes full scan which found nothing and also ran my avast anti virus which too detected nothing.

I havent had any problems since the initial pop up and i haven't had any pop ups since. I have read on the internet since that AV8 is in fact one of these fake sites which tell you you have all sorts of viruses etc and try to get you to pay to install their programme. It also stops people from doing cetain things as it just keeps popping up telling them there is a problem.

Do you think by shutting down my computer immediately i have stopped it from installing somewhere? do you think my computer is safe to use.
 
First, was it a webpage that came up that acted like it was scanning or an actual window that popped up? If it was a webpage, you should be fine. If it was a window then I need to see your malwarebytes log to make sure you are running the latest version and also would need to see a hijackthis log as well.

Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
Ok you will have to bear with me. Hijack this i am having problems with. It told me there was a problem and now whenever i click on it it tells me it is already running even though it isn't. I might have to unistall and then install it again.
 
Here is my malewarebytes log....

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5506

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

12/01/2011 14:49:14
mbam-log-2011-01-12 (14-49-14).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 363153
Time elapsed: 1 hour(s), 18 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
The error you are getting with hijackthis is just for the hosts file. You are running vista and in order to not receive that error you right click on hijackthis and click on run as admin.
 
I have uninstalled it. I tried what you said but it still would not work. Strangely since i installed it the first time now whenever i click on cetain websites including this one it get the following message.

Revocation information for the security certificate for this site is not available.

Do you want to proceed?

Whats that all about?
 
I will have to install it again, hold on. When you say right click and click on run as admin do you mean from the icon on the desktop? because i tried that and it doesn't say that anywhere, just properties, send to etc.
 
poppie1234 said:
I will have to install it again, hold on. When you say right click and click on run as admin do you mean from the icon on the desktop? because i tried that and it doesn't say that anywhere, just properties, send to etc.
Click to expand...

On some vista and windows 7 systems you have to press and hold the shift key while right clicking in order to get that option to appear.
 
Done it, thank you i did need to click the shift key at the same time. I hope i have done it right, here is the log.
 
Last edited:
It looks like you are ok. Most likely you visited a rogue webpage and it didn't infect you.

However, if you start to experience issues, come back and we'll check it out.
 
Sorry, can i just double check that i'm safe to check my online banking etc now if there is no sign of any viruses.
Thanks
 
Last edited:
If you want to be absolutely sure you can run an online scan of your system, it will take a couple hours though.

I have seen the same thing happen to one of my clients and there were no ill effects from it.

Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.
 
I am not completely sure what i am doing so i think i will leave it for the time being. My computer seems ok and from the logs i posted earlier you couldn't see anything.
If i have any problems in the next couple of days i will pop back on.

By the way i am still getting that secirity warning about Revocation information for the security certificate for this site is not available click yes to continue, no, or view certificates? any ideas. It's not everytime i visit this site just sometimes?
 
Check the time and date on your pc to make sure its correct. Anytime you get a certificate warning it usually means the date is wrong.
 
Hi there. I had this virus in the past and after running rkill and then malware I was able to easily remove it. I once again had AV8 pop up today after accidentally clicking on an advert, I ran rkill and restarted my comp. I'm no longer getting the av8 pop ups and malware isn't detecting it. Is it possible that the virus has changed to avoid this kind of detection? I'm a little suspicious and from what I've read around, in 2011 people seem to have seen the pop up once and then not again....
 
You must log in or register to reply here.
Back
Top