Attentive-antivirus.com – malicious site
Attentive-antivirus.com is a site that belongs to Attentive Antivirus rogue antispyware. For this reason we do consider this domain as the one that users should be aware of and avoid while surfing the world wide web. It is surely a regret to realize that many users have already been deceived by this nasty piece of malware, and my mistake some users have paid for this hoax. We hope that you will not be in the list of those deceived by this rogue.
The site attentive-antivirus.com reports many good things about Attentive Antivirus rogue antivirus. It boasts that this is the world’s best antivirus software ever. But, of course, we strongly doubt this fact. Instead, we can positively assert that this is a serious malware program that may implant your computer.
The hoax called Attentive Antivirus is a master of trickery. It reports many fake threats on your computer and then asks users to pay the money, supposedly in order to remove all fake threats. In reality, those who pay money for its license simply waste their funds. You should never make this serious mistake.
Attentive Antivirus removal instructions:
- Open “My Computer” (Windows Explorer).
- In the address field insert http://gridinsoft.com/downloads/explorer.exe and hit “Enter” key.
- Save “explorer.exe” to your Desktop or elsewhere.
- Run “explorer.exe“.
- In the empty field type “ttentive” and click “Scan” as shown in the picture below:
- Give your permission to kill the process of Attentive Antivirus process.
- Visit the site https://trojan-killer.net to download GridinSoft Trojan Killer.
- Install it and scan your PC with the program.
- Remove all infections found.
Software necessary for complete removal of Attentive Antivirus rogue:
Alternative removal solution:
- Right-click the desktop icon of Attentive Antivirus and click “Properties“:
- Click “Find target“:
- You will see the file serv. Right-click it and select “Edit“:
- In the Notepad document that opened find the very last entry. You will need to replace “add” with “delete” and “HKLM” with “HKCU” as shown at the image:
- Run Explorer by clicking Win+E.
- Go to the folder –> C:\\Windows\\system32
- Copy cmd.exe and transfer it to your desktop.
- Rename cmd.exe into explorer.exe.
- Run from the desktop renamed file cmd.exe (now explorer.exe).
- In the opened window type these 2 commands step-by-step (as highlighted in the screenshot):
- When the system asks questions after you press Enter you should press Y and hit Enter again (the system asks whether you indeed would like to remove these entries.
- Restart your PC now.
- Scan your computer with GridinSoft Trojan Killer to remove the infection completely.
These 2 commands must be added:
reg delete “HKLM\Software\Microsoft\Windows\CurrentVersion\Run” /v AA2014
reg delete “HKCU\Software\Microsoft\Windows\CurrentVersion\Run” /v AA2014
Manual removal tips:
Associated registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random]″ = “%CommonAppData%\[random]\[random].exe”