NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
Title: Antivir
Type: Rogue Antispyware

Remove Antivir. Removal instructions


 
Severity scale:Antivir severity is 72  (72 / 100)
 
Antivir is a misleading anti-spyware application that reports false or exaggerated system security threats and infections to make you think that your computer is infected with malware. Once installed, it will simulate system scans and display a list of infections, but won't let you to remove those supposed infections unless you pay for a full version of the program. As you can see, the main goal of this misleading application is to trick you into purchasing the program. This is nothing more but a scam. Do not pay for it and uninstall Antivir from your computer as soon as possible.

Antivir graphical user interface
[Figure 1. Antivir graphical user interface]

Antivir is promoted through the use of Trojans that come mostly from fake online anti-malware scanners. Of course, the scammers use other misleading methods to promote their bogus product. Social engineering is very popular distribution method too. You shouldn't accept invitations or open links received from unknown people. When installed, Trojans download rogue application and displays fake security alerts. Those fake security alerts or notifications will state that your computer is infected, for example: "Warning! Identity theft attempt detected". Other fake notification states:


Trojan:W32/Inject Activity Detected
Trojan:W32/Inject is a large family of malware that secretly makes changes to the Windows Registry. Variants in the family make also makes changes to other running processes.


Antivir - fake alert
[Figure 2. Antivir - fake alert]

To make things worse, Antivir will hijack Internet Explorer and display "Warning! Visiting this site may harm your computer!" message [Figure 3].

Antivir - fake Internet Explorer warning
[Figure 3. Antivir - fake Internet Explorer warning]

Further more, Antivir may block legitimate anti-spyware software and block security related websites. There shouldn't be any doubts about this bogus application - it must be removed upon detection. Most importantly, do not purchase Antivir. Otherwise, you will simply lose your money. If your computer is infected with this malware, please use the removal guide below to remove Antivir manually for free. Also make sure to scan your PC with a legitimate anti-spyware application to remove the remains or additionally installed malware.

Related files: Antivir.exe, UpdateCheck.dll, Antivir.lnk, uninstall.lnk

Antivir properties:
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background

Automatic Antivir removal:

remover for Antivir
SpyHunter is recommended remover to uninstall Antivir. You should confirm using free trial that it detects current version of parasite.

Note: Tested and Confirmed means that we have tested spyware remover with multiple versions of Antivir and got the best results. There might be updated or modified version of particular parasite that require manual killing of parasite process or an update. In such case try other removers in the line.

Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manul removal instructions below.

If you failed to remove Antivir using SpyHunter please report this to us.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
STOPzilla
download | review
Tested and Confirmed! STOPzilla removes Antivir (2009-11-27 01:28:41)
Malwarebytes Anti Malware
download | review
Tested and Confirmed! Malwarebytes Anti Malware removes Antivir (2009-11-27 01:28:41)
Spyware Doctor
download | review | tutorial
We are testing Spyware Doctor's efficiency at removing Antivir (2012-01-14 07:59:33)
XoftSpySE Anti Spyware
download | review

Antivir manual removal:

Kill processes:
antivir.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\EVAACD
HKEY_CLASSES_ROOT\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform "WinNT-EVI 25.11.2009"
HELP:
how to remove registry entries

Unregister DLLs:
UpdateCheck.dll
HELP:
how to unregister malicious DLLs

Delete files:
antivir.exe UpdateCheck.dll Antivir.lnk Uninstall.lnk
HELP:
how to remove harmful files

Delete directories:
C:\Program Files\AV
C:\Program Files\Common Files\Uninstall
C:\Program Files\Common Files\Uninstall\AV
C:\Documents and Settings\All Users\Start Menu\AV
Information added: 2009-11-27 01:28:41
Information updated: 2012-01-14 05:22:18

Additional resources related to Antivir:

Attention: If you know or you have a website or page about Antivir removal, feel free to add a link to this list: add url
more resources
0
0
rogertrucks@btinternet.com
This is so well done,I have sat up all night running AVG thinking I had a big problem,it attempts to stop you doing anything else but buy their product.
22 serious infections would worry anyone..it did me,until I noticed the security screen was on their HTML..people should be warned.
2009 12 07
0
0
<Guest>
yeah I just got hit with this. Hopefully I'll be able to get rid of it. If not we could have some major issues.
2009 12 10
0
0
<Guest>
Thank you so much for the information. It was very helpful on fixing my problem.
2009 12 12
0
0
<Guest>
I'm glad I saw this. I got rid of it, but it took 2 hours from my life. I hope people see that this is a scam. Thanks.
2009 12 14
0
0
<Guest>
I'm going to try this when I get home. I'm glad there are people to help with this. Thanks so much.
2009 12 14
0
0
pissedoff
THANK YOU for this helpful information! can't believe i fell for it..
oh well.. who wouldn't worry when a window pops up saying you've got 365 trojans?! O_O

i really really hope something will be done about this scam.
thanks again for the info. :)
2009 12 31
0
0
Gaz1155
Thanks for all the info guys, i got hit by this also and am in the process of getting rid of it. These guys should be sued!!!
2010 01 05
0
0
<Guest>
Thanks for the information you guys that was really helful i just got rid of this antivir. I still can;t believe that i almost fell for this.
2010 01 20
0
0
<Guest>
I need help i dont understand how to remove it please this is very annoying.
2010 01 22
0
0
<Guest>
i got hit by this and still no luck with me theyre so dumb and ignorant... they mispelled want when it says what do you whant to do?... good thing i didnt fall this just hope to get rid of it asap
2010 01 26
0
0
<Guest>
i hope thi sworks. couldn't believe I fell for this one. good tp know there's a cure.
2010 01 29
0
0
<Guest>
Very helpful. It looks like it solved the problem.
2010 01 29
0
0
<Guest>
Thanks very much. I would like to echo what others have said, and hope those responsible are caught and dealt with.
2010 02 02
0
0
<Guest>
Man im glad i found this site.t his shit was pissin me off. it really did hijack my browser... grrrr. i hope this site really helps me get rid of it!!
2010 02 02
0
0
<Guest>
there was another copy of this bugger located in:
C:Documents and SettingsAll UsersStart Menu
2010 02 04
0
0
<Guest>
Thanks...I hope this works.
2010 02 07
0
0
<Guest>
Thanks for the advise - Windows Defender got rid of it.
2010 02 08
0
0
<Guest>
Thank you so much for this advice! I saw this and thought it to be a scam. However it really did hijack my browser. I installed Spyware doctor and it got rid of the little bugger. Thank goodness!
2010 02 13
0
0
<Guest>
I knew something was wrong when it said that everyhting normal was a trojan. Stupid piece of work. It just didn't seem right that they forced you to buy their scam.
2010 02 14
0
0
<Guest>
I worked great for me. Found 8 infections
2010 02 18
0
0
<Guest>
So glad looked at this..............nearly bought it as it was doing my head in so much!! Got Spyware Doc and everything is now fine!!! Yay!!!!!!!!
2010 02 24
0
0
<Guest>
Wow, such bullshit. Is this place sponsored by a competitor or by the malware makers?
I am not a huge Avira fan, but they are certainly a legitimate and fairly decent antivirus company.
2010 02 27
0
0
<Guest>
2 last person posted a commented Avira and Antivir are 2 totaly differnent programs 1 is spyware/scam other is not don't get them mixed up
2010 02 28
0
0
<Guest>
I couldnt even go to google, had to search it on my kindle.
2010 03 02
0
0
<Guest>
Windows Defender was able to remove Antivir automatically in less than 5 mins. I highly recommend this program because it's free and it worked quickly for me.
2010 03 02
0
0
<Guest>
I just got scammed by this antivir 2010. I could not access anything on my computer and I did not want it to crash so I bought it. Yes I can access everything now but should I still remove antivir. They also got me for $20.00 more than I agreed to.
2010 03 03
0
0
<Guest>
I can't believe so many have gotten the same scam. If I hadn't kept
searching for info on Antivir I would have purchased the damn thing. Window
Defender searched and found no infections in my computer. Thank God I
have my iPhone which enabled me to search for some kind of resolution.
2010 03 04
0
0
<Guest>
Got Antivir pop ups on my computer like crazy yesterday.I tried to google in on a PC, and I only got websites that told me to get a free download. I went to a non-infected Mac and googled it, and found this site. Thank you!
2010 03 08
0
0
<Guest>
Antivir said I had 442 threats. The day before Macfee said I had zero. I hate the Internet...
2010 03 08
0
0
<Guest>
This keeps on popping up on my laptop it took me 1 hour to figure out how to remove it>
2010 04 05
0
0
<Guest>
it wont let me on internet and i dont know how to remove it:"(
2010 07 14
0
0
<Guest>
this antivir won't let me open task manager - anyone know what i can do about it?
2010 07 17
0
0
<Guest>
I was able to get into the task manager by opening it just as Windows booted however I could not find any of the above files on my computer. Any Ideas???
2010 07 18
0
0
<Guest>
Someone Help Me. I Can't Download It Because It's Not Letting Me On My Internet!
2010 07 19
0
0
<Guest>
Need some help from anyone I am trying everything recommended. But as soon as any process starts a window pops up and says Application cannot be executed. The file is infected. Do you want to activate your anrivirus software now. Someone please help.
2010 07 19
0
0
<Guest>
OK as soon as windows starts ctrl alt and delete right away and you will see a prosess it's just random letters you will know what im talking about when you see it end it. must be the first thing you do when windows load the run spy ware remover
2010 07 28
0
0
<Guest>
this f'n thing won't even let me into the Registry... Windows Defended wont open... who ever started this adivir needs to have their heads split with a sledge hammer...

I have Vista, and nothing is working... any help?
2010 07 31
0
0
<Guest>
it tells me to download spydoctor which is NOT free, what can i use that is free and will get rid of antivir?
2010 07 31
0
0
<Guest>
I have tried everything and nothing works. Can those who have posted and found a solution please post it here.
I can't get onto the internet, its blocking everthing.
Thanks
2010 07 31
0
0
<Guest>
easiest way to do anything if u get infected is start ur comp in safemode to start cleanin up stuff
2010 07 31
0
0
<Guest>
I am having the same issue. I was able to find the location of the antivir but when i go look for it the folder is not even there. I think it is a hidden folder
2010 08 02
0
0
<Guest>
guys i restarted my computer and did a system recovery thingy and my computer is fine.
u can get to the system recovery by going on internet explorer and clicking identify problems or something and then additional options and then system recovery.
2010 08 01
0
0
<Guest>
Safe mode / System Restore solved the problem on laptop w/ Vista.
Thanks for the help.
2010 08 02
0
0
<Guest>
removed sucessfully with malwarebytes, and cannot get sucessufl ie usage afterwards. Tried system restore and that worked, Still came back at my next start up a week or so later.
I belive this came from yahoo messenger via web client.
2010 08 04
0
0
Akarlin
how do you do a system recovery
2010 08 05
0
0
<Guest>
This virus just came out of the blue. By far the most annoying thing I've had to deal with. I was able to get task manager open right away upon a restart, ended the process and run AVG. Hopefully it gets caught the people effected get some kind of justice.
2010 08 08
0
0
<Guest>
It is not the internet's fault these things exist. If the punks who create them were systematically eliminated from the face of the earth the problem would be solved.
2010 08 08
0
0
<Guest>
My first ever infection. what a nightmare!
On Vista press f8 on startup, choose safe mode, then system restore - worked a treat.
Thanks for this website andmy old apple laptop!
2010 08 08
0
0
<Guest>
I now can't go on the internet so I used a friends computer to look it up. What do I do?
2010 08 08
0
0
<Guest>
every one it changes your LAN settings in IE choose autodetect and uncheck everything else
2010 08 08
0
0
<Guest>
Thanks a lot for this, I was pretty worried and was about to buy the program when I noticed they were spelling everything incorrectly.
I just used system restore and I can browse the web again, but I still need to delete the program completely.
2010 08 09
0
0
<Guest>
Same poster, just used windows defender and it's working fine.
2010 08 09
0
0
<Guest>
Used System Restore twice to get rid of this horrible malware, but now System Restore won't let me go back to a previous date and create a new restore point.
2010 08 13
0
0
<Guest>
I can't use the internet on the computer that is infected with this antivira software how do i get rid of it on a different computer ?
2011 02 16
0
0
<Guest>
i used safe mode in windows XP and system restore, this should solve teh problem
2011 02 16
0
0
cybersloth
That is a FAKE antivir.

this is just another name for this type of infection:
Antivirus 2010/2011
XP anti spyware
windows Av
Whateva... I have even seen a fake AVG

Antivir by Avira is one of the Top free AV solutions available and has an Umbrella logo.

What i would like to know is what the heck people are clicking on to get this junk on their PCs in the first place, just think, if you had a mac this would not have happened, however basic tasks might be just that little bit more anoying.

remember all the fake AV and fake PC tuneup SW will want you to pay, and will seem fantastic in their diagnosis.
2011 06 02

Post Comment:

Attention: Use this form only if you have additional information about Antivir parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Related news:
Similar parasites:
Related articles:
Related discussions:
Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2 HijackThis Log Analyzer Beta 2

I failed to remove Antivir using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Internet Security 2012 | Win 7 Total security 2012 | System Check | Win 7 Internet Security 2012 | Win 7 Home Security 2012 | Win 7 Antivirus 2012 | Win 7 Antispyware 2012 | Vista Security 2012 | Vista Antivirus 2012 | Vista Antispyware 2012 | XP Antispyware 2012 | XP Antivirus 2012 | XP Security 2012 | XP Home Security 2012 | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.