Windows Antivirus 2011
Windows Antivirus 2011 is a rogue anti-virus program that shows bogus security alerts and warnings about different system errors, most prominently malware like viruses. Windows Antivirus 2011 enters the PC system via trojans infections that infiltrate through holes in the PC security and other available system vulnerabilities. Windows Antivirus 2011 is classified as a rogue because it uses falsified scan results as a technique to intimidate you into purchasing the product. Windows Antivirus 2011 also shows annoying pop-up warnings over and over to make you believe that your computer is seriously infected with various malware. You need to remove Windows Antivirus 2011 to keep your computer clean and protected.
File System Details
Windows Antivirus 2011 may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. |
C:\Documents and Settings\ |
|
| 2. | %UserProfile%\Application Data\Windows Antivirus 2011 | |
| 3. | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Antivirus 2011.lnk | |
| 4. | %UserProfile%\Start Menu\Windows Antivirus 2011.lnk | |
| 5. | %UserProfile%\Application Data\Windows Antivirus 2011\Instructions.ini | |
| 6. | %UserProfile%\Desktop\Windows Antivirus 2011.lnk | |
| 7. | %UserProfile%\Application Data\Windows Antivirus 2011\cookies.sqlite | |
| 8. | %UserProfile%\Start Menu\Programs\Windows Antivirus 2011.lnk |
Registry Details
Windows Antivirus 2011 may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_CLASSES_ROOT\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
