AnVi – Antivirus

Follow the procedures on this page to remove AnVi – Antivirus malware from the infected computer. Download and scan PC with the suggested removal tool.

AnVi or Antivirus is another malicious computer security application that will complicate the operation of infected system. It is because AnVi – Antivirus modifies system settings and configuration of the computer to support its malicious actions. Excessive display of pop-up alerts and advertisements will attempt to persuade users to into obtaining the full version of this rogue software. This malware further deceive its victims by running a virus scan that provides falsified results displaying dozens of alerts including Trojans, viruses and spyware. Finally, it prompts to remove these threats. Following the instruction will point user to a payment processing website to obtain credit card info and finalized the payment. The site collects data from victims and uses it for other fraudulent online activity.

Remove Antivirus alias AnVi immediately with an effective combination of antivirus and anti-malware program. Anti-virus will remove the Trojan that dropped this rogue on computer while anti-malware will erase process, registry entries and fix modified system files.

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista

Screenshot Image of AnVi-Antivirus:

AnVi - Antivirus

Additional Information

Anvi will display fake alerts and warning messages to deceive users regarding presence of threats.

Warning! Keylogger detected!
Keylogger activity detected on your PC!
PDM.Keylogger activity has been detected. Process is trying to redirect keyboard input. Your passwords and other private information are at risk. Please click the button below to block and remove this threat now.

Warning! Adware detected!
Adware Module detected on your PC!
Zlob.Porn.Ad adware has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat now.

It will advise users to remove installed antivirus program.

Uncertified (installed antivirus) antivirus software detected on your computer. You need to remove (installed antivirus) software for correct operation of the Antivirus.
Attention: If you don`t remove (installed antivirus) software, the performance of your computer will dramatically degrade. Press “OK” to remove the (installed antivirus).

How to Remove AnVi – Antivirus

Systematic procedures to get rid of the threat are presented on this section. Make sure to scan the computer with suggested tools and scanners.

NOTE: It is recommended to PRINT or BOOKMARK this instruction because we need to restart Windows during the virus removal process.

Step 1 : Remove AnVi – Antivirus with this recommended tool

This guide requires a tool called Malwarebytes' Anti-Malware. It is a free tool designed to eradicate various computer infections including AnVi – Antivirus. MBAM scanner and malware removal tool is distributed for free.

1. In order to completely remove AnVi – Antivirus, it is best to download and run the recommended tool. Please click the button below to begin download.

Download Tool

2. After downloading, double-click on the file to install the application. If you are using Windows Vista or Windows 7, right-click on the file and select 'Run as administator' from the list.
3. When User Account Control prompts, please click Yes to proceed with the installation.

4. Follow the prompts and install as 'default' only. There are no changes needed during the installation process.
5. Before the installation procedure ends, MalwareBytes Anti-Malware will ask for database update, please proceed.

MalwareBytes Anti-Malware Update

6. Click Finish button after installation. Program will run automatically run and you will be prompted to update if newer version of database is available.
7. At this moment, close MalwareBytes Anti-Malware and proceed with the next step.

Step 2 : Run a thorough scan to remove AnVi – Antivirus

1. Remove all media such as floppy drive, cd, dvd, and USB devices. Then, restart the computer.

Boot in Safe Mode on Windows XP, Windows Vista, and Windows 7 system
a) Before Windows begins to load, press F8 on your keyboard.
b) It will display the Advanced Boot Options menu. Select Safe Mode.

Start computer in Safe Mode using Windows 8
a) Before Windows begins to load, press Shift and F8 on your keyboard.
b) On Recovery interface, click on 'See advanced repair options'.
c) Next, click on Troubleshoot option.
d) Then, select Advanced options from the list.
e) Lastly, please choose Windows Startup Settings and click on Restart. When Windows restarts, you will be send to a familiar Advanced Boot Options screen.
f) Select Safe Mode from the selections menu.

Safe Mode

2. Once Windows is running on Safe Mode, find the icon of MalwareBytes Anti-Malware. Double-click to launch the program.
3. Choose Perform full scan on scanner's console to ensure that it thoroughly check the PC for any presence of AnVi – Antivirus and other forms of threats. Click the Scan button to start.


4. Once the scan has completed, Malwarebytes Anti-Malware will issue a list of identified threats. Mark all threats and click on Remove Selected.
5. If it prompts to restart the computer, please reboot Windows normally.

Step 3 : Remove Rootkit Trojan that installs AnVi – Antivirus

Anti-rootkit utility called TDSSKiller is a free tool from Kasperksy that neutralizes complicated malware which effectively hides its process, folders, files and registry entries.

1. Download TDSSKiller and save the file on your desktop or any accessible spot.

Download TDSSKiller

2. Extract the contents of downloaded file ( using archiver programs like Winzip or Winrar.
3. Locate the folder where you extracted and double-click the file TDSSKiller.exe to launch the scanner.
4. Once TDSSKiller is open, please mark Services and drivers as well as Boot Sectors. Picking these options ensures that the program will inspect boot sector and system files that are infected with AnVi – Antivirus. Please refer to attached image.


5. Click on Start Scan button to begin scanning your system. This may take a while. You need to complete this process to make sure that the program detects and delete all components of AnVi – Antivirus.
6. When scan has finished, you may restart Windows normally. This part of the removal process using TDSSKiller is now complete.

Additional scanner you may run to ensure that AnVi – Antivirus is totally deleted

Portable SuperAntiSpyware
To thoroughly remove AnVi – Antivirus, it is best to do a separate scan of another security program so that other infected files not detected from previous can be removed as well. Click here to start using SuperAntiSpyware Portable.

Online Virus Scanner:
Another way to remove a virus without the need to install additional anti-virus software is to perform a thorough scan with free Online Virus Scanner. Browse this page to see a list of free services from specific anti-virus and security company.

Alternative Removal Procedures for AnVi – Antivirus

Option 1 : Use Windows System Restore to return Windows to previous state

During an infection, AnVi – Antivirus drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.

To verify if System Restore is active on your computer, please follow the instructions below to access this feature.

Access System Restore on Windows XP, Windows Vista, and Windows 7

a) Go to Start Menu, then under 'Run' or 'Search Program and Files' field, type rstrui.
b) Then, press Enter on the keyboard to open System Restore Settings.


Open System Restore on Windows 8

a) Hover your mouse cursor to the lower left corner of the screen and wait for the Start icon to appear.
b) Right-click on the icon and select Run from the list. This will open a Run dialog box.
c) Type rstrui on the 'Open' field and click on OK to initiate the command.


If previous restore point is saved, you may proceed with Windows System Restore. Click here to see the full procedure.

Option 2 : AnVi – Antivirus manual uninstall guide

IMPORTANT! Manual removal of AnVi – Antivirus requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to AnVi – Antivirus.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for AnVi – Antivirus files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section.
- Close registry editor. Changes made will be saved automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
- Thoroughly scan the computer with your updated antivirus software.

4. Delete all files dropped by AnVi – Antivirus.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Technical Reference

Associated Files and Folders:

Troubleshooting Guides

Did AnVi – Antivirus blocks your Internet access?

It is usual that rogue program prevents user from downloading removal tools from the Internet. Thus, infected computer may be denied to access the Internet by making changes to computer's proxy, DNS, and Hosts file. To fix Internet connection problem, follow these steps:

1. Download the free program called MiniToolBox. Click the button below to begin. Save the file on your hard drive or preferably in your Desktop.


2. Close all running Internet browser and double-click on the file to run. It opens a window showing a list of features.
3. Make sure that you have a check mark on the following items : Flush DNS, Reset IE Proxy Settings, and Reset FF Proxy Settings.


4. Click on the GO button to start the process. The program automatically closes and displays a text file for your reference.

5. If the above solution does not work, you may try other method like fixing a virus-blocked Internet access. Make sure that your hosts file is free from any malicious entries. View steps in cleaning Windows host file.

Ways to Prevent AnVi – Antivirus Infection

Here are some guidelines to help defend your computer from virus attack and malware activities. Being fully protected does not have to be expensive.

Install protection software to block AnVi – Antivirus and other threats

Having an effective anti-malware program is the best way to guard your computer against malware and threats. Although full version of anti-malware will cost some penny to obtain, it is still worthy to buy one. With real-time scan, it will be safer for you to browse the web, download files, and do more things online.

Get Protection Software

Keep all programs up to date

It is important to download critical update for installed programs. Software updates includes patches for security flaw that may utilize by an attacker to enter the computer. This flaw may be taken advantage by AnVi – Antivirus, viruses, and malware to attack the computer. Crucial programs to watch for updates are MS Windows, MS Office, Adobe Flash, Adobe Acrobat, and Java Runtime.

Activate security features of your Internet browser

SmartScreen Filter, Phishing and Malware Protection, and Block Attack Sites are the respective security features of Internet Explorer, Google Chrome, and Mozilla Firefox. Although, it may not fully guard your computer from online attack, at least it can lessen the risk. Enabling these features also helps to secure your private data and avoid identity theft.

Be a responsible Internet user

Antivirus programs and security features of Internet browser facilitates real-time protection and monitors harmful activities online. However, it tends to malfunction for some reasons. Thus, you do not have to be fully dependent on these tools. It is always best to practice safety measures when using the Internet.

You may also like...

5 Responses

  1. Anonymous says:

    This rogue comes as a disguised codec called flash_player_installer.exe
    So if you see that file, do not download or open it.

  2. cacat says:

    do not download this program it’s a virus

  3. Terr says:

    This virus also has an additional feature. If you don’t have an UP TO DATE anti-virus, it will block usage of any newly installed Anti-Virus programs as soon as you install them. And, if you use the free online scanners, well…good luck. The ones that actually give you removal options without requiring you to pay for the service, trigger the virus to restart your computer half-way through the scan. Thus nullifying the entire process.

  4. Alex says:

    Lo q pasa es q este antivirus anvi al parecer desactivo mi administrador de tareas no ahi otra forma de eliminarlo o como activo nuevamente el administrador de tarea si dice q fue desactivado por otro administrador :S

  5. kyle says:

    I noticed this on my computer and I disabled the wireless conection so it couldnt connect with the internet and I restarted my computer. I then tried to start my anti-virus protection software (Defender Pro and AVG and mbam). None of them would start and I kept getting messages about how the .exe file is corrupted and how I need to start my antivirus program. I then desided to restart my computer again, and still no progress. I turned my computer off, took the battery out, and then got on this computer and found this guide here. I think I will probibly download mbam from this computer and put it on a flash drive and rename the mbam.exe to malwarebytes.exe and see if it still runs. After it scans then hopefully I will regain control of my other anti-virus programs.
    and I will definatly look for the processes like you said:
    So far this has helped me learn some, so thanks alot and I will come back and post here if I am able to get rid of the virus, and I will let you know how I did it.

Leave a Reply

Your email address will not be published. Required fields are marked *