AnVi Description

ScreenshotAnVi is a rogue anti-virus program and another member of the infamous FakeCog (CoreGuard) family. On infiltrating a system, AnVi will fabricate numerous security alerts and warnings in order to scare a victim into purchasing AnVi as a remedy. AnVi may also redirect the browser to malicious websites that further promote the rogueware. AnVi is a useless application that can neither detect nor remove legitimate computer threats.

AnVi is known as a rogue antivirus application because AnVi is not capable of detecting or eliminating viruses from the computer. In other words, AnVi will not secure your computer. AnVi falls under the same characteristics as its many clones that include PC Protection Center 2008, Protection System, CoreGuard Antivirus 2009, Paladin Antivirus, Dr.Guard, User Protection, Your Protection, Digital Protection, Data Protection, Protection Center, Defense Center, PC Protection Center, Virus.DOS.RogueAntiSpyware, Fraud.Defense Center, Malware Protection Center, Adware.PCProtectionCenter.

Aliases: Trojan/Downloader.FraudLoad.xerf, Mal/Generic-L [Sophos], probably a variant of Win32/Adware.CoreguardAntivi [NOD32], Trojan:Win32/Neop [Microsoft], Win32.TRDldr.FraudLo [eSafe], TrojanDownloader.FraudLoad.xe [CAT-QuickHeal], Trojan/Win32.FraudLoad.gen [Antiy-AVL], SecurityRisk.Downldr, 3399764 'Trojan-Downloader.Win32.FraudLoad [Ikarus], CoreGuardAntivirus2009 [Symantec], Trojan.Win32.Generic.52226F09, Medium Risk Malware, RogueAntiSpyware.CoreGuardAntivirus2009 and Adware/SecurityCenter [Panda].

Technical Information

Screenshots & Other Imagery

AnVi Image 1 AnVi Image 2 AnVi Image 3 AnVi Image 4

File System Details

AnVi creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%\AnVi\avt.exe 2,066,944 0946f37b8305732b085a53c9413bfceb 45
2 %UserProfile%\Local Settings\Temp\expand32xp.dll 324,352 fd109e252ae0a84ca951605a683c10d9 0
3 %ProgramFiles%\AnVi\avthook.dll 8,704 82dcde33d5c7f8ce87c45a35374a042b 0
4 %UserProfile%\Local Settings\Temp\wmsdk64_32.exe 433,152 64afb86f0f09bffd581b7458b1a3e4d1 0
5 %UserProfile%\Local Settings\Temp\wscsvc32.exe 269,312 6c4648941b108f5fc7f80644f42ed11d 0
More files

Registry Details

AnVi creates the following registry entry or registry entries:

Related Posts

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.