Antivirus V8
When rogue program Antivirus V8 is installed on the computer, it will be configure to start automatically by placing its own entry on the Windows registry. Once loaded, Antivirus V8 will perform a virus scan and produced fabricated results attempting to mislead users. This effort is intended to persuade users into get the registered version of Antivirus V8 before any fix can be done on the computer. This is a clear indication that the software is scam.
If Antivirus V8 continue to exists on the computer, a scare tactics will be observed by consistently displaying alerts and warning messages. Several cautions stating that personal information is compromised, malware has found or stating that unlicensed software was detected is displayed.
Warning! New Virus Detected!
Threat Detected: Email-Worm.Zhelatin
Infected file: <random file name>
Description: Worm Email-Worm.Zhelatin.vy is virus-like malware with destructive code, and is able to mutate, replacing its own code by itself. This makes Email-Worm.Zhelatin.vy very dangerous, hard to find, and difficult to delete. Like most viruses, worm Email-Worm-Zhelatin.vy may spread to other computers by secretly emailing themselves to Internet users in your address book.
This copy of AV is not genuine
Your may be a victim of software counterfeiting. This copy of Antivirus8 is not genuine and is not eligible to receive the full range of upgrades and product support from Microsoft.
Warning! Identity theft attampt detected!
Attacker IP: IP address
Attack Target: Microsoft Corp. Keys
Description: Remote host tries to get access to your personal information.
Just as stated earlier, all of the security activities by Antivirus V8 are fake some remove this unwanted application immediately. No other programs can completely remove Antivirus V8 other that genuine and trusted security software.
| Type | Rogue |
| Sub-Type | FakeAV |
| Aliases | |
| OS Affected | Windows |
| Detected By | MalwareBytes |
What are the Symptoms of Antivirus V8 Infection?
It will modify Windows Registry and add the following entries:
HKEY_CURRENT_USER\Software\[random]
HKEY_CURRENT_USER\Software\WinFD
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AVV8″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “WinNT-A8I 23.09.2010″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe “Debugger” = “C:\Program Files\AVV8\AVV8.exe -d”
The threat will drop the following malicious files:
c:\Documents and Settings\All Users\Start Menu\AVV8\
c:\Documents and Settings\All Users\Start Menu\AVV8\AntivirusV8.lnk
c:\Documents and Settings\All Users\Start Menu\AVV8\Uninstall.lnk
C:\Program Files\AVV8\
C:\Program Files\AVV8\AVV8.exe
%UserProfile%\Desktop\AntivirusV8.lnk
How to Remove Antivirus V8 Manually
1. Restart your computer in SafeMode
- After Power-On the computer, just before Windows start, press F8
- From the selections, Select SafeMode
2. Remove Registry entries that the threat added. You MUST BACKUP YOUR REGISTRY FIRST.
- Click Start > Run
- Type in the field, regedit
- Navigate and look for the registry entries mentioned above and delete if necessary
3. Delete malicious files that the threat added:
- Base on the given location above, browse and delete the file
- If no location is given, click Start>Search> and search for the files.
- If cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.
4. Scan computer with Antivirus Program
- Update antivirus program
- Scan computer and delete all detected threats.
How to Easily Remove Antivirus V8
1. Download and run Removal Tool to remove this computer threat.
Internet Security Suite XP Guard