Popular Reviews

Adware Removal

» Adware Removal

Rogueware Removal

» Rogueware Removal

Keylogger Removal

Fix PC Errors

Helpful Definitions

Learn More

» Learn More

Antispyware Reviews

Registry Cleaner Reviews

Firewall Reviews

Spam Filter Reviews

Antivir

Kudos:

"You guys rock. Your instructions were spot on! Thank You"
- J. Powell

"I was infected by SystemTool today. Thanks for the help on the page. I have removed it completely"
- L. Lepsře

"Your web page on Regclean was extremely helpful and very, very education. Its objectivity to was nothing short of excellent. Thank you..."
- Anthony G. Muya

"I want to express my thanks for the information on removing the browser hijacker. I took the steps you suggested and the follow-on precautions to prevent future infections... Thanks again"
- Carlos


For Information and Removal of Antivir

    - what is Antivir
    - automatic and manual removal instructions
    - personal assistance provided online or by phone to safely remove Antivir.

 

Antivir

No one wants a rogue antivirus program on their computer.  But how do you tell the difference between a rogue like Antivir and a legitimate security program?  They don't exactly have "rogue" written on their messages, right?  But in a way they do.  If you know what to look for, you can spot rogues like Antivir and take immediate steps to remove them.

An Introduction to Antivir

While rogue antivirus programs have distinguishing characteristics, they all have some features in common.  These include:

  • Their goal. They seek to convince computer users that they have serious security risks in their systems in order to persuade them to buy their ineffective software.
  • Their distribution method. They are typically spread through Trojans.
  • Their tactics. Rogue antivirus programs use pop-ups, false scan results, and redirects to fabricate evidence of security threats.
  • Their results. Whether the free version has been downloaded into your computer or you have purchased the full version, the results are the same. Antivir and other rogue antivirus programs provide no protection whatsoever. They don't even resolve the issues they have created themselves.

Antivir is also known as Antivir 2010 and Antivir Antivirus.

Accessing Your System:  How Antivir Gets In

The simple answer to this question is that a computer user installed it.  This is not an unreasonable reaction to the constant warnings issued by Antivir or the promises it makes to fix them.  Many people see warnings of infections, worms, and unsecure sites, and immediately want to remedy the situation.  This is a very natural response, and it is exactly what Antivir and others of its kind want you to do.  Taking a minute to look at the messages and consider your options, though, will help you make the best decision for your computer and your wallet.

Users install the full version, but you may also have the free version in your system.  This demo version is yours without charge courtesy of Trojans.  In the case of Antivir, these are typically Trojans from rogue online anti-malware scanners, but it is also possible to unintentionally allow Antivir in when you visit sites with adult content, social networking sites, and sites featuring free videos or peer-to-peer content.  Also very common is the use of social engineering via online invitations and links.  If you receive invitations, links, or emails from unfamiliar names and/or addresses, it is very likely that they are affected by Trojans and will allow malware to enter your system.

Identifying Antivir

If you have not installed Antivir directly, you may not even be aware that it is in your system.  Even if you have installed it, you may not really know that this is the source of your computer's faulty operation.  In either case, it is important to know how Antivir affects your system. 

Antivir configures itself to run in the background continually.  This allows it to divert your system resources for its own use and to run its false scans.  These are really nothing but an elaborate show, but they can look authentic.  A typical scan result issued by Antivir very rarely has the Antivir name on it; this is reason number one to be skeptical.  If you are familiar with your own legitimate security program, you can immediately tell this is not one of their messages.  A typical scan will indicate that dozens of threats have been found in your system, giving the name of the infected file, its location, a description, and recommended action.  At the bottom of the screen, you will see the following:

Recommended: Please click "Remove All" button to heal all infected files and protect your PC. 

The files Antivir claims are corrupted are, in fact, either legitimate, unthreatening programs or harmless files created by Antivir for just this purpose.  It bears repeating that these threats are not real.

Pop-ups have the same goal as these false scan results, and you will be seeing these frequently online and off.  If you click on new flashing icons on your system tray and/or desktop, you will also see these alerts.  The following message is common:

Trojan:W32/Inject Activity Detected

Trojan:W32/Infect is a large family of malware that secretly makes changes to the Windows Registry. Variants in the family may also make changes to other running processes.

When you attempt to navigate to websites, you may be shown messages like the following in order to cement their case that you have security issues:

We strongly recommend to discontinue the use of this website.  This website has been reported to Microsoft for containing threats that might steal personal or financial information from your computer.

And:

Warning! Visiting this site may harm your computer!

This web site probably contains malicious software program, which can cause damage to your computer or perform actions without your permission.  Your computer may be infected after visiting such a site.

More serious than annoying pop-ups is Antivir's ability to block security related websites and legitimate anti-malware programs.  This creates a serious vulnerability in your computer, making it vital that you remove Antivir as soon as possible.

Removing Antivir

Antivir and other rogue antivirus programs are notoriously difficult to remove, so what works and what doesn't?  Often, the first impulse is to run a legitimate antivirus program.  This doesn't work because Antivir is not a virus.  It is adept at evading basic techniques like these and needs more advanced removal efforts.  The next impulse is to just uninstall.  This is ineffective because, while you may remove visible traces of Antivir, there are likely files and registry keys left behind that will allow the program to recreate itself.

Two good options are open to people, and one of them is an excellent option for everyone.  Automatic removal via Malwarebytes Anti-Malware (Malwarebytes has free malware removal) or another reputable program designed to handle rogue antivirus programs is quick, easy, effective, and safe.  Every trace of Antivir is removed.  The other option, manual removal, should only be attempted if you have technical experience because you could miss Antivir files or inadvertently delete a necessary file.  In either case, you are further impacting the performance of your computer.  If you have the skills and the patience, try the following:

Stop Processes:

c:Program FilesAVantivir.exe

Remove Registry Values:

HKEY_CURRENT_USERSoftwareEVAACD
HKEY_CLASSES_ROOTCLSID{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "AV"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User Agentpost platform "WinNT-EVI 25.11.2009"

 

Remove DLL:

c:WINDOWSsystem32UpdateCheck.dll

 

Delete Files:

c:Documents and SettingsAll UsersStart MenuAVAntivir.lnk
c:Documents and SettingsAll UsersStart MenuAVUninstall.lnk
c:Program FilesCommon FilesUninstallAVUninstall.lnk
%UserProfile%DesktopAntivir.lnk

 

Remove Folders:

c:Documents and SettingsAll UsersStart MenuAV
c:Program FilesAV
c:Program FilesCommon FilesUninstall
c:Program FilesCommon FilesUninstallAV



Removing Antivir Automatically/Safely

For free automatic removal we recommend using Malwarebytes Anti-Malware. This program is widely recommended by reputable third-party sites, so you can be reasonably confident of its ability to safely get rid of Antivir and any hidden Trojans. As a precaution we recommend double checking your system with SpyHunter. This program requires paid registration to enable deletions, however it has a money back guaranteed and is the top of the line in malware removal. It should catch malware that evades Malwarebytes and block anything that tries to reinstal itself.

Download SpyHunter

Remove Antivir Now:

  1. Download and install Malwarebytes Anti-Malware and SpyHunter Download  
  2. Run a scan with Malwarebytes Anti-Malware.
  3. Remove all the detected infections (free).
  4. Run a scan with SpyHunter
  5. Remove any remaining infections
  6. Reboot and rescan with SpyHunter. Your computer should now be clean.

Important note: If Malwarebytes is blocked by malware then run Chameleon (Start Menu → All Programs → MalwareBytes' Anti-Malware → Tools → Malwarebytes' Anti-Malware Chameleon). If you need further help removing Antivir please email us at info@removeadware.com.au or call for personal assistance on toll-free number 888-655-3453, within the USA and Canada.


Disclaimer: This webpage was created to provide information on Antivir and how to uninstall it. Manual removal instructions are intended for use by technical experts and should be used at your own risk. We do not own or endorse Antivir.




We are affiliated with some of the legitimate programs recommended on this website. Should you choose to use the programs recommended here, we may receive a fee that will help support the site.

NEWS | ARTICLES | REVIEWS | CONTACTS | LINK TO US
All content copyright 2006-2017, RemoveAdware.com.au. Author: Wayne Davis.
All Rights Reserved. All trademarks and company brand names are acknowledged.
Privacy Policy | Terms Of Service