Antivir

Posted in: Malware

Call Toll Free in the US and Canada!

Remove Antivir. Description and removal instructions

 
Title: Antivir
Type: Spyware
Severity scale:  (72 / 100)
 

Antivir is a misleading anti-spyware application that reports false or exaggerated system security threats and infections to make you think that your computer is infected with malware. Once installed, it will simulate system scans and display a list of infections, but won’t let you to remove those supposed infections unless you pay for a full version of the program. As you can see, the main goal of this misleading application is to trick you into purchasing the program. This is nothing more but a scam. Do not pay for it and uninstall Antivir from your computer as soon as possible.

[Figure 1. Antivir graphical user interface]

Antivir is promoted through the use of Trojans that come mostly from fake online anti-malware scanners. Of course, the scammers use other misleading methods to promote their bogus product. Social engineering is very popular distribution method too. You shouldn’t accept invitations or open links received from unknown people. When installed, Trojans download rogue application and displays fake security alerts. Those fake security alerts or notifications will state that your computer is infected, for example: “Warning! Identity theft attempt detected”. Other fake notification states:


Trojan:W32/Inject Activity Detected
Trojan:W32/Inject is a large family of malware that secretly makes changes to the Windows Registry. Variants in the family make also makes changes to other running processes.
[Figure 2. Antivir – fake alert]

To make things worse, Antivir will hijack Internet Explorer and display “Warning! Visiting this site may harm your computer!” message [Figure 3].


[Figure 3. Antivir – fake Internet Explorer warning]

Further more, Antivir may block legitimate anti-spyware software and block security related websites. There shouldn’t be any doubts about this bogus application – it must be removed upon detection. Most importantly, do not purchase Antivir. Otherwise, you will simply lose your money. If your computer is infected with this malware, please use the removal guide below to remove Antivir manually for free. Also make sure to scan your PC with a legitimate anti-spyware application to remove the remains or additionally installed malware.

FORUM:
Discuss Antivir in
spyware removal forum

Related files: Antivir.exe, UpdateCheck.dll, Antivir.lnk, uninstall.lnk

Antivir properties:
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background

Automatic Antivir removal:

remover for Antivir

Antivir manual removal:

Kill processes:
antivir.exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\EVAACD
HKEY_CLASSES_ROOT\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AV”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0SER AGENT\POST PLATFORM “WINNT-EVI 25.11.2009”

HELP:
HOW TO UNREGISTER MALICIOUS DLLS

DELETE FILES:
ANTIVIR.EXE UPDATECHECK.DLL ANTIVIR.LNK UNINSTALL.LNK

HELP:
HOW TO REMOVE HARMFUL FILES

DELETE DIRECTORIES:
C:\PROGRAM FILES\AV
C:\PROGRAM FILES\COMMON FILESNINSTALL
C:\PROGRAM FILES\COMMON FILESNINSTALL\AV
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\AV

Tags: