What is Antivir.exe, How to remove Antivir.exe

Antivir.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Antivir
Filename: Antivir.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AV

Command: C:\Program Files\AV\Antivir.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AV] C:\Program Files\AV\Antivir.exe

DDS Line:

uRun: [AV] C:\Program Files\AV\Antivir.exe

Combofix/RSIT Line:

“AV”=C:\Program Files\AV\Antivir.exe

Description: core part of Antivir. Antivir is a rogue antispyware program.

How to remove: use these Antivir removal instructions.

3 Responses to “What is Antivir.exe, How to remove Antivir.exe”

  1. Amy Says:

    Thank you…Sooooooooo much for your help! I tried Avira AntiVir, but it didn’t work. Your the best. How do I know what they got off of my computer. They wanted me to buy spyware software. They presented themselves as Microsoft.

  2. R Greaves Says:

    Daughter’s laptop infected with “antivir.com”. Norton did not prevent it or find it with a full scan. I looked at your removal instructions and before I downloaded anything checked the registry at the entry below and that entry is NOT present with the {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} value, though it has 10 other entries with different values. Also, the name ‘Explorer’ is not capitalized but is ‘explorer’.

    It would appear the virus has been amended to use a different value than the one you are familiar with.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

    What Next?

  3. admin Says:

    Run MalwareBytes Anti-malware.

