Antivirii 2011

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 19
First Seen: December 12, 2011
Last Seen: August 17, 2022
OS(es) Affected: Windows

Antivirii 2011 Image

Antivirii 2011 is a fake security application designed to infect a computer system in order to scam its victim into paying for a 'full version' of this fake security program. According to ESG security researchers, Antivirii 2011 was created using NRB (Napalm Rogue Builder), a hacking tool that makes creating rogue security programs a simple task. These kinds of applications allow criminals to release many fake security applications quickly in order to overwhelm malware analysts and PC security experts. Antivirii 2011 follows the same pattern as most fake security programs, and will usually act in tandem with a variety of Trojans in order to infect your computer, cause a number of problems on your computer system and protect itself from removal. The Antivirii 2011 fake security application may also be associated with a rootkit infection, making removal even more difficult. If your computer appears to be infected with Antivirii 2011, ESG malware analysts recommend restarting Windows in Safe Mode (by pressing the F8 key during start-up) and using a reliable anti-malware program to remove Antivirii 2011 permanently.

Understanding the Antivirii 2011 Scam

Antivirii 2011 belongs to a category of malware known as rogue anti-virus programs. Rogue anti-virus programs are dangerous programs that pretend to be legitimate security applications. The main goal of a rogue anti-virus program such as Antivirii 2011 is to convince its victim that their computer is severely infected and that Antivirii 2011 is a viable solution to this imaginary infection. In fact, Antivirii 2011 will cause a large amount of problems on the victim's computer, which intends to strengthen the idea that the computer is in trouble. Inexperienced computer users will often fall for the Antivirii 2011 scam, following its malicious links to a website where they will be asked to enter their credit card details for the purchase of a 'full version' of Antivirii 2011. By entering their credit card information into this website, Antivirii 2011's victims are simply handing over their money to the criminals behind this dangerous rogue anti-virus program. While they will receive a supposedly authentic serial number in order to unlock Antivirii 2011's nonexistent features, Antivirii 2011 is not designed to receive a serial number or respond in any way. After giving up their credit card information, Antivirii 2011's victims are simply left with a computer system that is severely infected by Antivirii 2011.

Antivirii 2011 belongs to the FakeSpyPro family and has among its family members AntiSpyware Soft, Antivirus System Pro, Spyware Protect 2009, Security Central, Antivirus Soft, Antivirus Suite, Antivir Solution Pro, Security Suite, Malware Destructor 2011, Antivirus Action, Antivirus Scan, PC Security 2011, Antivirus .NET, AntiVira Av, AntiMalware GO, Antivirus Monitor, Antivirus Live.


1 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Panda Suspicious file

SpyHunter Detects & Remove Antivirii 2011

Antivirii 2011 Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Antivirii 2011 may create the following file(s):
# File Name MD5 Detections
1. AntiVirii2011.exe 97b7917e777dc99357751f3449b4e451 7
2. czwcldnm.exe 7a536041421c2054abeab3047643238c 1
3. %Windows%\[random].exe
4. %Windows%\antivirii.exe
5. %WinDir%|^antivirii\.exe

Registry Details

Antivirii 2011 may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Security"


Most Viewed