More about the fake antivirus called Antivirii 2011
The majority of the sites that we found affected by Trojan-downloaders were used to distribute Antivirii 2011, other scareware, and spyware. However, we still believe that this rogue anti-virus won't become a widespread infection. FakeAV programs appear legitimate, they create speech bubbles and genuine looking security alerts to scare you into thinking that your computer is infected. To minimize your chances of being affected by a fake antivirus scam, you should only download and install software from official websites. Once Antivirii 2011 is installed, it will pretend to scan your computer for malicious software, you know spyware, adware, Trojans, keyloggers and similar stuff. It blocks Task Manager and some other Windows tools/utilities. It may block your web browser as well. If you can't use it, reboot your PC in safe mode with networking. Of course, it displays fake warnings that say things like:
Your computer is in danger!
Antivirii 2011 has detected some serious threats to your computer!
These viruses need to be eliminated immedeately
! Please click this icon to remove threats.
Your system is infected!
Your computer is compromised by hackers, adware, malware and worms!
Antivirii 2011 can remove this infection. Please click this icon to remove threats.
This is BS. Antivirii 2011 doesn't even have a registration key. I mean if you buy it, you probably won't get your registration key. So, don't even think about buying this peace of malicious code. However, if you though it was real and bought it, then please contact your credit card immediately and dispute the charges. This is the only way to get your money back.
Antivirii 2011 removal instructions:
1. Download free anti-malware software from the list below and run a full system scan.
Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
Associated Antivirii 2011 files and registry values:
- C:\WINDOWS\[SET OF RANDOM CHARACTERS].exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Security"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger"