Antivir is a fake anti-virus application that is part of a widespread online scam. Although Antivir is disguised as an anti-virus program, Antivir is itself actually part of a Trojan infection. These kinds of Trojans install fake security programs like Antivir to attempt to steal their victims' money. ESG security researchers strongly advise against purchasing Antivir or any anti-virus application that entered your computer system without your authorization and presents characteristics of rogue security programs. Antivir itself should be removed with a legitimate anti-virus application.
Although Antivir has components that disable Task Manager and many legitimate security programs, Antivir's self-defense mechanisms can usually be bypassed by starting up Windows in Safe Mode before attempting to remove this dangerous fake anti-virus application. ESG security researchers advise to ignore all notifications, security alert pop-ups and error messages in the event of an Antivir infection. These are usually caused by Antivir itself in order to convince you to purchase this fake security application. If you have already paid for a useless Antivir registration code, you may be able to contact your credit card company in order to reverse the charges and mark them as fraudulent. Steps should also be taken to protect your credit card information, so a third party does not make any charges to it.
An Antivir Infection is Often Contracted from Fake Video Codecs
The most usual source of infection with the Trojan that installs Antivir is through a user download. Because of this, ESG security analysts strongly advise being extremely careful with what you download onto your computer system. It is important not to believe everything you read online, since many software downloads are not what they appear. Antivir may be installed by the Zlob Trojan and by Fake Microsoft Security Essentials Alert Trojan. These Trojans are often found as fake video codecs online, especially in websites containing pornographic videos or pirated movies. When attempting to play one of these videos, the victim receives a pop-up window claiming that a particular codec is needed in order to view that video, and then providing a link where that codec can be downloaded. However, this supposed 'codec' will actually install Antivir as well as various other malware threats onto the victim's computer system.
Antivir family, the FakeXPA family, has also been known to have other members, all of them rogue anti-virus applications and clones of Antivir. These clones include
Screenshots & Other Imagery
File System Details
- Total Antivirus 2020
- Orange Defender Antivirus
- PUP.Cloud 7 Antivirus
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.