How to Remove Antvrs.exe

What is Antivirus 2008?

Malware or malicious software is developed with the intention to either damage or infiltrate a computer without the consent of the owner. Antvrs.exe belongs to one such software–Antivirus 2008.  Usually found in the C:\Program Files\Antivirus 2008\Antvrs.exe folder, the file infiltrates your PC to cause harm and therefore you must take measures to get rid of it whenever detected.  This software affects systems running Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, and Windows 2000 operating systems.

The publisher for Antivirus 2008 is unknown, but some suggest that the malware originated from the Russian Federation.  However, this information has not been confirmed.

Antvrs.exe must be manually installed by the user in order to run.  Other malware may also download the software. has been pointed to as one of the download sources.

There are other threats associated with the Antvrs.exe file. Below is a list of known associated threats.

TROJ_RENOS.AAB [Trend Micro]
Cryp_Pai-5 [Trend Micro]
FakeAlert-AB [McAfee]
AntiVirus2008 [Symantec]
Generic FakeAlert.a [McAfee]
Generic PUP.x [McAfee]
Program:Win32/Antivirus2008 [Microsoft]
XPAntivirus [Symantec]
Downloader.gen.a [McAfee]
not-a-virus:FraudTool.Win32.AntiVirus2008.w [Kaspersky Lab]
RogueAntiSpyware.Antivirus 2008 [PC Tools]
Downloader [Symantec] [Kaspersky Lab]
not-a-virus:FraudTool.Win32.AntiVirus2008.j [Kaspersky Lab]
not-a-virus:FraudTool.Win32.AntiVirus2008.r [Kaspersky Lab]
not-a-virus:FraudTool.Win32.AntiVirus2008.s [Kaspersky Lab]
PE_VIRUT.XP [Trend Micro]
Program:Win32/SpySheriff [Microsoft]
Troj/FakeAle-BU [Sophos]
TROJ_DLOAD.AC [Trend Micro]
TROJ_RENOS.RI [Trend Micro]
TROJ_RENOS.YH [Trend Micro]
TROJ_RENOS.ZF [Trend Micro]
TROJ_ZLOB.GPZ [Trend Micro]
Trojan:Win32/Renos.E [Microsoft]
Trojan-Downloader.Win32.FraudLoad.vade [Kaspersky Lab]
Virus.Win32.Virut.q [Kaspersky Lab]
W32.Virut.U [Symantec]
W32/Vetor-A [Sophos]
W32/Virut.gen [McAfee]
Win32.Virut.Gen.5 [PC Tools]

How Does Antvrs.exe Affect my PC?

Antvrs.exe is basically a scareware that frightens computer owners into purchasing software to delete threats that have been discovered on their system. When Antivirus 2008 is installed on a system, the program scans the computer and provides a list of infections, usually false positives. Before you can delete anything though, the removal software must first be purchased. Some users are shocked by the results displayed and end up buying the removal software.

Unlike other pieces of malware, Antivirus 2008 veers away from getting specific when pointing to certain files or registry keys. The tactic is to produce a generic list of infections so the particular file or drive you should be looking at is not listed.  This characteristic sets Antvrs.exe apart from other similar malware.

Because the program is designed as a shock tactic, the user is tricked into buying software to repair damages that aren’t really there in the first place. What the unsuspecting user does not know is that the program does not really fix any errors at all.

When antvrs.exe is executed, three other files are created. These are:

%UserProfile%\Start Menu\Antivirus\Antivirus 2008.lnk
%UserProfile%\Start Menu\Antivirus\Uninstall Antivirus.lnk
%ProgramFiles%\Antivirus 2008\Antvrs.exe

The program also creates the following registry entry that enables the harmful antvrs.exe to execute automatically every time you start your computer.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles%\Antivirus 2008\Antvrs.exe”

The software also created the following two registry entries:


How to Remove Antvrs.exe

Manual Removal: Kill Process and DeleteFiles

You can try to manually remove the Antvrs.exe program. Before proceeding, create a backup of your computer settings as a safeguard.  This will enable you to restore your files in case any errors occur.

  1. Go to Start and click on Search.
  2. Select All files and Folders.
  3. In All or part of the file name, enter antvrs.exe.
  4. You may select Local Hard Drives or My Computer in Look in: box and then click Search.
  5. Mouse over In Folder of Antvrs.exe and highlight the file.
  6. Copy the path to the file from the address bar and save in notepad.
  7. Open Windows Task Manager by pressing CTRL+ALT+DEL or  CTRL+SHIFT+ESC key combination
  8. On the Processes tab, click Image Name and search for au_.exe.
  9. Select the au_.exe process and click End Process.
  10. Click Start, select Run, type cmd and press Enter to open Command Prompt.
  11. Use cd FullPathToAntivirus2008Folder to navigate to this folder and then type dir to view the contents.
  12. If you find a file you want to delete, use the del filename command to delete it. To delete the entire directory, type rmdir directoryName and then press Enter.
  13. Type Exit and press Enter to close Command Prompt.

Anti-Spyware Tool

If you find the manual process difficult and complicated, run an anti-spyware program on your system to get rid of the malware. We recommend Spyware Cease Anti-Spyware. This tool detects and removes adware, spyware, pop-up generators, keyloggers, Trojans, hijackers, and malware while protecting you against identity theft as well.