Antivirii 2011

Antivirii 2011 Description

ScreenshotAntivirii 2011 is a fake security application designed to infect a computer system in order to scam its victim into paying for a 'full version' of this fake security program. According to ESG security researchers, Antivirii 2011 was created using NRB (Napalm Rogue Builder), a hacking tool that makes creating rogue security programs a simple task. These kinds of applications allow criminals to release many fake security applications quickly in order to overwhelm malware analysts and PC security experts. Antivirii 2011 follows the same pattern as most fake security programs, and will usually act in tandem with a variety of Trojans in order to infect your computer, cause a number of problems on your computer system and protect itself from removal. The Antivirii 2011 fake security application may also be associated with a rootkit infection, making removal even more difficult. If your computer appears to be infected with Antivirii 2011, ESG malware analysts recommend restarting Windows in Safe Mode (by pressing the F8 key during start-up) and using a reliable anti-malware program to remove Antivirii 2011 permanently.
 

Understanding the Antivirii 2011 Scam

Antivirii 2011 belongs to a category of malware known as rogue anti-virus programs. Rogue anti-virus programs are dangerous programs that pretend to be legitimate security applications. The main goal of a rogue anti-virus program such as Antivirii 2011 is to convince its victim that their computer is severely infected and that Antivirii 2011 is a viable solution to this imaginary infection. In fact, Antivirii 2011 will cause a large amount of problems on the victim's computer, which intends to strengthen the idea that the computer is in trouble. Inexperienced computer users will often fall for the Antivirii 2011 scam, following its malicious links to a website where they will be asked to enter their credit card details for the purchase of a 'full version' of Antivirii 2011. By entering their credit card information into this website, Antivirii 2011's victims are simply handing over their money to the criminals behind this dangerous rogue anti-virus program. While they will receive a supposedly authentic serial number in order to unlock Antivirii 2011's nonexistent features, Antivirii 2011 is not designed to receive a serial number or respond in any way. After giving up their credit card information, Antivirii 2011's victims are simply left with a computer system that is severely infected by Antivirii 2011.

Antivirii 2011 belongs to the FakeSpyPro family and has among its family members Spyware Protect 2009, Antivirus System Pro, Security Central, Antivirus Soft, Antivirus Suite, AntiSpyware Soft, Antivir Solution Pro, Security Suite, Malware Destructor 2011, Antivirus Action, Antivirus Scan, PC Security 2011, Antivirus .NET, AntiVira Av, AntiMalware GO, Antivirus Monitor, Antivirus Monitor.

Aliases: Suspicious file [Panda] and Adclicker.LLM.

Technical Information

Screenshots & Other Imagery

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how Antivirii 2011 infects a computer.

Antivirii 2011 Video

File System Details

Antivirii 2011 creates the following file(s):
# File Name Size MD5 Detection Count
1 %WINDIR%czwcldnm.exe 1,034,752 7a536041421c2054abeab3047643238c 1
2 %Windows%\[random].exe N/A
3 %Windows%\antivirii.exe N/A
4 %WinDir%|^antivirii\.exe N/A
5 Antivirii_2011_Setup.exe 1,038,056 97b7917e777dc99357751f3449b4e451 0

Registry Details

Antivirii 2011 creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Security"

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.