Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, 12 December 2011

How to Remove Antivirii 2011 (Uninstall Guide)

Posted on 04:54 by Unknown
Antivirii 2011 is a rogue anti-virus program meant to scare you into paying for the bogus program to remove fictitious virus threats. This rogue AV was built using Napalm Rogue Builder which allows you to create custom rogue anti-virus programs in just a few minutes. You can name your rogue anti-virus whatever you want, add custom purchase page, change file names and paths were the rogue AV should be installed. But Antivirii 2011 it's not the fist if its kind. Earlier this year, cyber criminals were distributing another fake antivirus program called Antivirus Clean 2011 which was built using the same commercial rogue av builder. Both rogue AVs report non-existent infections on compromised computers, both share the same characteristics and GUI. Despite this, the malicious code for Antivirii 2011 is still only detected by roughly 20% the anti-virus companies on VirusTotal. Coming across a fake antivirus scam can be scary, this is way, we've got the removal instructions to help to remove Antivirii 2011 and associated malware from your computer. Please follow the steps in the removal guide below.

More about the fake antivirus called Antivirii 2011



The majority of the sites that we found affected by Trojan-downloaders were used to distribute Antivirii 2011, other scareware, and spyware. However, we still believe that this rogue anti-virus won't become a widespread infection. FakeAV programs appear legitimate, they create speech bubbles and genuine looking security alerts to scare you into thinking that your computer is infected. To minimize your chances of being affected by a fake antivirus scam, you should only download and install software from official websites. Once Antivirii 2011 is installed, it will pretend to scan your computer for malicious software, you know spyware, adware, Trojans, keyloggers and similar stuff. It blocks Task Manager and some other Windows tools/utilities. It may block your web browser as well. If you can't use it, reboot your PC in safe mode with networking. Of course, it displays fake warnings that say things like:
Your computer is in danger!
Antivirii 2011 has detected some serious threats to your computer!
These viruses need to be eliminated immedeately ! Please click this icon to remove threats.
Your system is infected!
Your computer is compromised by hackers, adware, malware and worms!
Antivirii 2011 can remove this infection. Please click this icon to remove threats.


This is BS. Antivirii 2011 doesn't even have a registration key. I mean if you buy it, you probably won't get your registration key. So, don't even think about buying this peace of malicious code. However, if you though it was real and bought it, then please contact your credit card immediately and dispute the charges. This is the only way to get your money back.

http://deletemalware.blogspot.com


Antivirii 2011 removal instructions:

1. Download free anti-malware software from the list below and run a full system scan.
  • MalwareBytes Anti-malware
  • SUPERAntispyware
  • Spybot S&D
  • Hitman Pro 3.5
If you can't download it, please reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Open Internet Explorer and download STOPzilla. Once finished, go back into Normal Mode and run it. Don't run STOPzilla in Safe Mode! That's It!

Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.


Associated Antivirii 2011 files and registry values:

Files:
  • C:\WINDOWS\antivirii.exe.exe
  • C:\WINDOWS\[SET OF RANDOM CHARACTERS].exe
Registry values:
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Security"
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger"
Share this information with your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Rogue programs | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • What is wrtc.exe and how to remove it?
    wrtc.exe - by Perion Network Ltd. What is wrtc.exe? wrtc.exe is a part of IncrediMail software, digitally signed by Perion Network Ltd. This...
  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Trojan.MBRlock, Внимание! Ваш компьютер заблокирован
    Trojan.MBRlock is a very disturbing piece of malicious code which infects the master boot record (MBR) and prevents Windows from starting. ...
  • False Positive: Ikarus and Comodo detecting TDSSKiller as a Trojan horse
    This awkward moment when you realize that your favorite rootkit removal utility is detected as malware. I probably wouldn't even have no...
  • Remove RiskTool.Win32.BitCoinMiner (Uninstall Guide)
    RiskTool.Win32.BitCoinMiner is a risk tool or potentially unwanted application that may use your computer's resources to generate bitco...
  • Remove Rattlingsearchsystem.com (Uninstall Guide)
    Rattlingsearchsystem.com is a ZeroAccess/Sirefef rootkit-related browser hijacker that redirects users to shady websites while searching on...
  • Remove TR/ATRAPS.Gen2, removal instructions
    Cyber crooks and third parties that buy stolen data are increasingly using more and more sophisticated techniques, in a variety of different...
  • Remove Ask Search and Ask Toolbar (Uninstall Guide)
    Ask Search and Ask Toolbar are very often incorrectly classified as virus/spyware that may cause search redirects. The majority of us pref...
  • How to remove 'TidyNetwork' adware virus from your computer
    As internet users most of us have seen those irritating little pop-up windows that are advertising something that we normally have little or...
  • Remove Windows Attention Utility (Uninstall Guide)
    Windows Attention Utility is a rogue security application that generates misleading warnings about nonexistent viruses and attempts to lure...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ►  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ►  February (17)
    • ►  January (20)
  • ▼  2011 (239)
    • ▼  December (8)
      • Remove "System Check" (Uninstall Guide)
      • Theworld.exe Process Information
      • Remove Trojan Ramage (Uninstall Guide)
      • Remove Ping.exe, 100% CPU Usage Problem
      • Remove Home Security Solutions (Uninstall Guide)
      • How to Remove Security Monitor 2012 (Uninstall Guide)
      • How to Remove Antivirii 2011 (Uninstall Guide)
      • Winxn.exe Process Information
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile